Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/opusfile-0.9+20170913/examples/opusfile_example.c
Examining data/opusfile-0.9+20170913/examples/seeking_example.c
Examining data/opusfile-0.9+20170913/examples/win32utf8.c
Examining data/opusfile-0.9+20170913/examples/win32utf8.h
Examining data/opusfile-0.9+20170913/include/opusfile.h
Examining data/opusfile-0.9+20170913/src/http.c
Examining data/opusfile-0.9+20170913/src/info.c
Examining data/opusfile-0.9+20170913/src/internal.c
Examining data/opusfile-0.9+20170913/src/internal.h
Examining data/opusfile-0.9+20170913/src/opusfile.c
Examining data/opusfile-0.9+20170913/src/stream.c
Examining data/opusfile-0.9+20170913/src/wincerts.c
Examining data/opusfile-0.9+20170913/src/winerrno.h
FINAL RESULTS:
data/opusfile-0.9+20170913/examples/opusfile_example.c:66:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char SUFFIXES[7]={' ','k','M','G','T','P','E'};
data/opusfile-0.9+20170913/examples/opusfile_example.c:104:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void make_wav_header(unsigned char _dst[44],ogg_int64_t _duration){
data/opusfile-0.9+20170913/examples/opusfile_example.c:109:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char WAV_HEADER_TEMPLATE[44]={
data/opusfile-0.9+20170913/examples/opusfile_example.c:117:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_dst,WAV_HEADER_TEMPLATE,sizeof(WAV_HEADER_TEMPLATE));
data/opusfile-0.9+20170913/examples/opusfile_example.c:136:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char wav_header[44];
data/opusfile-0.9+20170913/examples/opusfile_example.c:245:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[120*48*2*2];
data/opusfile-0.9+20170913/include/opusfile.h:268:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mapping[OPUS_CHANNEL_COUNT_MAX];
data/opusfile-0.9+20170913/src/http.c:64:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
ret=(char *)memcpy(ret,_start,sizeof(*ret)*(len));
data/opusfile-0.9+20170913/src/http.c:182:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_buf[28];
data/opusfile-0.9+20170913/src/http.c:191:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(host_buf,host,sizeof(*host_buf)*(host_end-host));
data/opusfile-0.9+20170913/src/http.c:677:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+nbuf,_s,sizeof(*buf)*_len);
data/opusfile-0.9+20170913/src/http.c:692:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_buf[7];
data/opusfile-0.9+20170913/src/http.c:694:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(port_buf,":%u",_port);
data/opusfile-0.9+20170913/src/http.c:732:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service[6];
data/opusfile-0.9+20170913/src/http.c:739:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(service,"%u",_port);
data/opusfile-0.9+20170913/src/http.c:2122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_stream->addr,addrs[pi]->ai_addr,addrs[pi]->ai_addrlen);
data/opusfile-0.9+20170913/src/http.c:2174:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char BASE64_TABLE[64]={
data/opusfile-0.9+20170913/src/info.c:79:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(_head!=NULL)memcpy(_head->mapping,_data+21,head.channel_count);
data/opusfile-0.9+20170913/src/info.c:86:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(_head!=NULL)memcpy(_head,&head,head.mapping-(unsigned char *)&head);
data/opusfile-0.9+20170913/src/info.c:149:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
ret=(char *)memcpy(ret,_s,sizeof(*ret)*_len);
data/opusfile-0.9+20170913/src/info.c:221:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_tags->user_comments[ncomments],_data,len);
data/opusfile-0.9+20170913/src/info.c:271:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_dst->user_comments[ncomments],_src->user_comments[ncomments],len);
data/opusfile-0.9+20170913/src/info.c:304:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(comment,_tag,sizeof(*comment)*tag_len);
data/opusfile-0.9+20170913/src/info.c:306:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(comment+tag_len+1,_value,sizeof(*comment)*(value_len+1));
data/opusfile-0.9+20170913/src/info.c:342:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(binary_suffix_data,_data,_len);
data/opusfile-0.9+20170913/src/info.c:627:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mime_type,_buf+i,sizeof(*mime_type)*mime_type_length);
data/opusfile-0.9+20170913/src/info.c:638:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(description,_buf+i,sizeof(*description)*description_length);
data/opusfile-0.9+20170913/src/internal.h:227:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char od_mapping[OP_NCHANNELS_MAX];
data/opusfile-0.9+20170913/src/opusfile.c:96:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,_initial_data,_initial_bytes);
data/opusfile-0.9+20170913/src/opusfile.c:1375:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_of->od_mapping,head->mapping,sizeof(*head->mapping)*channel_count);
data/opusfile-0.9+20170913/src/opusfile.c:1443:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op_start,_of->op,sizeof(*op_start)*start_op_count);
data/opusfile-0.9+20170913/src/opusfile.c:1455:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_of->op,op_start,sizeof(*_of->op)*start_op_count);
data/opusfile-0.9+20170913/src/opusfile.c:1530:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer));
data/opusfile-0.9+20170913/src/opusfile.c:2816:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_pcm,_of->od_buffer+nchannels*od_buffer_pos,
data/opusfile-0.9+20170913/src/opusfile.c:3029:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(_nchannels==2)memcpy(_dst,_src,_nsamples*2*sizeof(*_src));
data/opusfile-0.9+20170913/src/opusfile.c:3267:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(_nchannels==2)memcpy(_dst,_src,_nsamples*2*sizeof(*_src));
data/opusfile-0.9+20170913/src/stream.c:235:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp=fopen(_path,_mode);
data/opusfile-0.9+20170913/src/stream.c:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_ptr,stream->data+pos,_buf_size);
data/opusfile-0.9+20170913/examples/win32utf8.c:18:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=wcslen(_src);
data/opusfile-0.9+20170913/include/opusfile.h:904:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
op_read_func read;
data/opusfile-0.9+20170913/src/http.c:71:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return op_string_range_dup(_s,_s+strlen(_s));
data/opusfile-0.9+20170913/src/http.c:686:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(_s);
data/opusfile-0.9+20170913/src/http.c:1653:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pattern_len=strlen(pattern);
data/opusfile-0.9+20170913/src/http.c:1726:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
host_len=strlen(host);
data/opusfile-0.9+20170913/src/http.c:2231:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
user_len=strlen(_user);
data/opusfile-0.9+20170913/src/http.c:2232:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pass_len=strlen(_pass);
data/opusfile-0.9+20170913/src/http.c:2276:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(_server,BAD_SERVERS[si],strlen(BAD_SERVERS[si]))==0){
data/opusfile-0.9+20170913/src/info.c:251:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_dst->vendor=op_strdup_with_len(vendor,strlen(vendor));
data/opusfile-0.9+20170913/src/info.c:297:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len=strlen(_tag);
data/opusfile-0.9+20170913/src/info.c:298:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len=strlen(_value);
data/opusfile-0.9+20170913/src/info.c:321:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment_len=(int)strlen(_comment);
data/opusfile-0.9+20170913/src/info.c:350:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len=strlen(_tag_name);
data/opusfile-0.9+20170913/src/info.c:368:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len=strlen(_tag);
data/opusfile-0.9+20170913/src/info.c:389:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_len=strlen(_tag);
data/opusfile-0.9+20170913/src/info.c:744:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag_length=strlen(_tag);
data/opusfile-0.9+20170913/src/opusfile.c:151:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes);
data/opusfile-0.9+20170913/src/stream.c:142:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len=strlen(_src);
ANALYSIS SUMMARY:
Hits = 57
Lines analyzed = 11711 in approximately 0.42 seconds (27749 lines/second)
Physical Source Lines of Code (SLOC) = 7089
Hits@level = [0] 112 [1] 19 [2] 38 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 169 [1+] 57 [2+] 38 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 23.8398 [1+] 8.04063 [2+] 5.36042 [3+] 0 [4+] 0 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.