stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/png++-0.2.10/image_info.hpp
Examining data/png++-0.2.10/color.hpp
Examining data/png++-0.2.10/test/generate_palette.cpp
Examining data/png++-0.2.10/test/convert_color_space.cpp
Examining data/png++-0.2.10/test/write_gray_16.cpp
Examining data/png++-0.2.10/test/generate_gray_packed.cpp
Examining data/png++-0.2.10/test/read_write_gray_packed.cpp
Examining data/png++-0.2.10/test/dump.cpp
Examining data/png++-0.2.10/test/read_write_param.cpp
Examining data/png++-0.2.10/pixel_traits.hpp
Examining data/png++-0.2.10/pixel_buffer.hpp
Examining data/png++-0.2.10/io_base.hpp
Examining data/png++-0.2.10/config.hpp
Examining data/png++-0.2.10/palette.hpp
Examining data/png++-0.2.10/end_info.hpp
Examining data/png++-0.2.10/streaming_base.hpp
Examining data/png++-0.2.10/info.hpp
Examining data/png++-0.2.10/convert_color_space.hpp
Examining data/png++-0.2.10/png.hpp
Examining data/png++-0.2.10/error.hpp
Examining data/png++-0.2.10/solid_pixel_buffer.hpp
Examining data/png++-0.2.10/writer.hpp
Examining data/png++-0.2.10/rgba_pixel.hpp
Examining data/png++-0.2.10/index_pixel.hpp
Examining data/png++-0.2.10/tRNS.hpp
Examining data/png++-0.2.10/ga_pixel.hpp
Examining data/png++-0.2.10/gray_pixel.hpp
Examining data/png++-0.2.10/reader.hpp
Examining data/png++-0.2.10/generator.hpp
Examining data/png++-0.2.10/require_color_space.hpp
Examining data/png++-0.2.10/packed_pixel.hpp
Examining data/png++-0.2.10/example/pixel_generator.cpp
Examining data/png++-0.2.10/consumer.hpp
Examining data/png++-0.2.10/info_base.hpp
Examining data/png++-0.2.10/types.hpp
Examining data/png++-0.2.10/rgb_pixel.hpp
Examining data/png++-0.2.10/image.hpp

FINAL RESULTS:

data/png++-0.2.10/io_base.hpp:48:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stderr, fmt, va);
data/png++-0.2.10/error.hpp:97:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[ERRBUF_SIZE] = { 0 };
data/png++-0.2.10/test/convert_color_space.cpp:67:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int bits = atoi(argv[2]);
data/png++-0.2.10/consumer.hpp:144:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(istream& stream)
data/png++-0.2.10/consumer.hpp:146:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(stream, transform_identity());
data/png++-0.2.10/consumer.hpp:158:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(istream& stream, transformation const& transform)
data/png++-0.2.10/end_info.hpp:59:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read()
data/png++-0.2.10/image.hpp:119:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename, transform_convert());
data/png++-0.2.10/image.hpp:130:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename.c_str(), transform);
data/png++-0.2.10/image.hpp:139:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename, transform_convert());
data/png++-0.2.10/image.hpp:149:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename, transform);
data/png++-0.2.10/image.hpp:175:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(std::string const& filename)
data/png++-0.2.10/image.hpp:177:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename, transform_convert());
data/png++-0.2.10/image.hpp:185:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(std::string const& filename, transformation const& transform)
data/png++-0.2.10/image.hpp:187:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename.c_str(), transform);
data/png++-0.2.10/image.hpp:194:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(char const* filename)
data/png++-0.2.10/image.hpp:196:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            read(filename, transform_convert());
data/png++-0.2.10/image.hpp:204:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(char const* filename, transformation const& transform)
data/png++-0.2.10/image.hpp:219:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(std::istream& stream)
data/png++-0.2.10/image.hpp:229:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read(std::istream& stream, transformation const& transform)
data/png++-0.2.10/image.hpp:252:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            pixcon.read(stream, transform);
data/png++-0.2.10/info.hpp:55:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        void read()
data/png++-0.2.10/reader.hpp:114:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            m_info.read();
data/png++-0.2.10/reader.hpp:138:24:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            m_end_info.read();
data/png++-0.2.10/reader.hpp:155:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                stream->read(reinterpret_cast< char* >(data), length);

ANALYSIS SUMMARY:

Hits = 25
Lines analyzed = 5859 in approximately 0.28 seconds (20769 lines/second)
Physical Source Lines of Code (SLOC) = 3070
Hits@level = [0]   8 [1]  22 [2]   2 [3]   0 [4]   1 [5]   0
Hits@level+ = [0+]  33 [1+]  25 [2+]   3 [3+]   1 [4+]   1 [5+]   0
Hits/KSLOC@level+ = [0+] 10.7492 [1+] 8.14332 [2+] 0.977199 [3+] 0.325733 [4+] 0.325733 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.