Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/mpegdemux-0.1.4/src/buffer.c Examining data/mpegdemux-0.1.4/src/buffer.h Examining data/mpegdemux-0.1.4/src/getopt.c Examining data/mpegdemux-0.1.4/src/getopt.h Examining data/mpegdemux-0.1.4/src/message.c Examining data/mpegdemux-0.1.4/src/message.h Examining data/mpegdemux-0.1.4/src/mpeg_demux.c Examining data/mpegdemux-0.1.4/src/mpeg_demux.h Examining data/mpegdemux-0.1.4/src/mpeg_list.c Examining data/mpegdemux-0.1.4/src/mpeg_list.h Examining data/mpegdemux-0.1.4/src/mpeg_parse.c Examining data/mpegdemux-0.1.4/src/mpeg_parse.h Examining data/mpegdemux-0.1.4/src/mpeg_remux.c Examining data/mpegdemux-0.1.4/src/mpeg_remux.h Examining data/mpegdemux-0.1.4/src/mpeg_scan.c Examining data/mpegdemux-0.1.4/src/mpeg_scan.h Examining data/mpegdemux-0.1.4/src/mpegdemux.c Examining data/mpegdemux-0.1.4/src/mpegdemux.h FINAL RESULTS: data/mpegdemux-0.1.4/src/message.c:48:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (stderr, msg, va); data/mpegdemux-0.1.4/src/mpegdemux.c:129:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ret, str); data/mpegdemux-0.1.4/src/mpeg_demux.c:47:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[8]; data/mpegdemux-0.1.4/src/mpeg_demux.c:130:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen (name, "wb"); data/mpegdemux-0.1.4/src/mpeg_parse.c:71:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen (fname, "rb"); data/mpegdemux-0.1.4/src/mpeg_parse.c:249:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp, &mpeg->buf[mpeg->buf_i], i); data/mpegdemux-0.1.4/src/mpeg_parse.h:83:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[MPEG_DEMUX_BUFFER]; data/mpegdemux-0.1.4/src/mpeg_remux.c:66:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen (fname, "wb"); data/mpegdemux-0.1.4/src/mpeg_remux.c:234:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4]; data/mpegdemux-0.1.4/src/mpegdemux.c:45:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char par_stream[256]; data/mpegdemux-0.1.4/src/mpegdemux.c:46:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char par_substream[256]; data/mpegdemux-0.1.4/src/mpegdemux.c:48:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char par_stream_map[256]; data/mpegdemux-0.1.4/src/mpegdemux.c:49:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char par_substream_map[256]; data/mpegdemux-0.1.4/src/mpegdemux.c:145:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int str_get_streams (const char *str, unsigned char stm[256], unsigned msk) data/mpegdemux-0.1.4/src/mpegdemux.c:145:48: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int str_get_streams (const char *str, unsigned char stm[256], unsigned msk) data/mpegdemux-0.1.4/src/mpegdemux.c:333:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[4096]; data/mpegdemux-0.1.4/src/mpegdemux.c:518:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). par_inp = fopen (optarg[0], "rb"); data/mpegdemux-0.1.4/src/mpegdemux.c:533:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). par_out = fopen (optarg[0], "wb"); data/mpegdemux-0.1.4/src/mpegdemux.h:48:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char par_stream[256]; data/mpegdemux-0.1.4/src/mpegdemux.h:49:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char par_substream[256]; data/mpegdemux-0.1.4/src/mpegdemux.h:50:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char par_stream_map[256]; data/mpegdemux-0.1.4/src/mpegdemux.h:51:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char par_substream_map[256]; data/mpegdemux-0.1.4/src/mpegdemux.h:52:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern unsigned char par_invalid[256]; data/mpegdemux-0.1.4/src/getopt.c:75:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += 2 + strlen (opt->name2); data/mpegdemux-0.1.4/src/getopt.c:79:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += 1 + strlen (opt->argdesc); data/mpegdemux-0.1.4/src/getopt.c:161:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += 2 + strlen (opt->name2); data/mpegdemux-0.1.4/src/getopt.c:166:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += 1 + strlen (opt->argdesc); data/mpegdemux-0.1.4/src/mpegdemux.c:124:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret = malloc (strlen (str) + 1); ANALYSIS SUMMARY: Hits = 28 Lines analyzed = 3225 in approximately 0.09 seconds (35763 lines/second) Physical Source Lines of Code (SLOC) = 2157 Hits@level = [0] 32 [1] 5 [2] 21 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 60 [1+] 28 [2+] 23 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 27.8164 [1+] 12.981 [2+] 10.663 [3+] 0.927214 [4+] 0.927214 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.