Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pdftk-2.02/pdftk/pdftk.h Examining data/pdftk-2.02/pdftk/win32_utf8_include.cc Examining data/pdftk-2.02/pdftk/pdftk.cc Examining data/pdftk-2.02/pdftk/report.h Examining data/pdftk-2.02/pdftk/attachments.cc Examining data/pdftk-2.02/pdftk/report.cc Examining data/pdftk-2.02/pdftk/passwords.h Examining data/pdftk-2.02/pdftk/passwords.cc Examining data/pdftk-2.02/pdftk/attachments.h FINAL RESULTS: data/pdftk-2.02/pdftk/pdftk.cc:2888:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( buff, m_output_filename.c_str(), ii+ 1 ); data/pdftk-2.02/pdftk/pdftk.cc:3144:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( buff, m_output_filename.c_str(), jj+ 1 ); data/pdftk-2.02/pdftk/attachments.cc:122:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[64]; data/pdftk-2.02/pdftk/attachments.cc:305:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[256]; data/pdftk-2.02/pdftk/attachments.cc:306:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( buff, "-%d", counter++ ); data/pdftk-2.02/pdftk/attachments.cc:429:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fp= fopen( fn.c_str(), "rb" ); data/pdftk-2.02/pdftk/attachments.cc:437:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[64]; data/pdftk-2.02/pdftk/pdftk.cc:158:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[64]; data/pdftk-2.02/pdftk/pdftk.cc:385:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss_copy[ss_copy_max]= ""; data/pdftk-2.02/pdftk/pdftk.cc:2224:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fp= fopen( output_filename.c_str(), "rb" ); data/pdftk-2.02/pdftk/pdftk.cc:2232:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[64]; data/pdftk-2.02/pdftk/pdftk.cc:2645:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_doc_p->open(); data/pdftk-2.02/pdftk/pdftk.cc:2887:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[4096]= ""; data/pdftk-2.02/pdftk/pdftk.cc:2924:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_doc_p->open(); // must open writer before copying (possibly) indirect object data/pdftk-2.02/pdftk/pdftk.cc:3143:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[4096]= ""; data/pdftk-2.02/pdftk/pdftk.cc:3194:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_doc_p->open(); data/pdftk-2.02/pdftk/report.cc:1165:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[8]= ""; data/pdftk-2.02/pdftk/report.cc:1167:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( buff, "%02x", (unsigned char)bb_ss[ii] ); data/pdftk-2.02/pdftk/report.cc:1369:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[buff_size]; data/pdftk-2.02/pdftk/report.cc:1371:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff_prev[buff_size]; data/pdftk-2.02/pdftk/report.cc:1336:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int label_len= strlen( label ); data/pdftk-2.02/pdftk/report.cc:1350:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int label_len= strlen( label ); data/pdftk-2.02/pdftk/report.cc:1495:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( buff_prev, buff, buff_prev_len ); ANALYSIS SUMMARY: Hits = 23 Lines analyzed = 8515 in approximately 0.32 seconds (26956 lines/second) Physical Source Lines of Code (SLOC) = 5725 Hits@level = [0] 0 [1] 3 [2] 18 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 23 [1+] 23 [2+] 20 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 4.01747 [1+] 4.01747 [2+] 3.49345 [3+] 0.349345 [4+] 0.349345 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.