Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_interpolator_persp.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_image_filter.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vpgen_segmentator.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vertex_sequence.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_adaptor_vcgen.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_image_filter_rgba.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_close_polygon.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_converter.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_rgb.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gradient.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_gamma_functions.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gouraud.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_math.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_gamma_lut.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_cells_aa.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_color_rgba.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_unclose_polygon.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_stroke.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_gray.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_outline_image.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_p.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_contour.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_embedded_raster_fonts.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_bspline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_shorten_path.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_clip_polyline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_adaptor_vpgen.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_ellipse.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_contour.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_outline_aa.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_sl_clip.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_shorten_path.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_compound_aa.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_bin.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rendering_buffer_dynarow.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vpgen_clip_polyline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_dash.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_gradient_lut.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_basics.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_u.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_font_cache_manager2.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_solid.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_image_filter_rgb.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_concat.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_gpc.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_image_filters.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_bilinear.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_aa.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_raster_text.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_primitives.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_ellipse_bresenham.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_color_gray.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_markers.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_bezier_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_gamma_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_polygon_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_cbox_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_spline_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_gamma_spline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_scale_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_rbox_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_slider_ctrl.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_base.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_simul_eq.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vpgen_clip_polygon.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_glyph_raster_bin.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_bezier_arc.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_dash.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gouraud_rgba.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/platform/mac/agg_mac_pmap.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/platform/agg_platform_support.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/platform/win32/agg_win32_bmp.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_curve.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_font_cache_manager.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_interpolator_adaptor.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_storage.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rounded_rect.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_math_stroke.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_rgb_packed.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_pattern_gray.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/util/agg_color_conv.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/util/agg_color_conv_rgb16.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/util/agg_color_conv_rgb8.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_bspline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_bounding_rect.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_boolean_algebra.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_alpha_mask_u8.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_segmentator.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pattern_filters_rgba.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_image_filter_gray.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_interpolator_trans.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_clip_liang_barsky.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rendering_buffer.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gradient_contour.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_perspective.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_mclip.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_dda_line.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_pattern_rgba.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_pattern_rgb.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_subdiv_adaptor.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_markers_term.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_bspline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_marker_adaptor.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gouraud_gray.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_smooth_poly1.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_single_path.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_vcgen_vertex_sequence.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_scanline_aa_nogamma.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_curves.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_storage_integer.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_marker.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_viewport.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_warp_magnifier.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_arc.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_rgba.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_bitset_iterator.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_clip_polygon.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_interpolator_linear.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_base.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_bin.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_affine.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_outline_aa.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_line_aa_basics.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_outline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_gsv_text.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_length.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_transposer.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_double_path.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gradient_image.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_amask_adaptor.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_transform.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_renderer_scanline.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_gradient_alpha.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_span_allocator.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_smooth_poly1.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_scanline_aa.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_blur.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_config.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_image_accessors.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_conv_stroke.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_arrowhead.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.h
Examining data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_arc.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_line_profile_aa.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vpgen_clip_polygon.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_trans_affine.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_image_filters.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_gamma_spline.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_cbox_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_polygon_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_bezier_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_spline_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_slider_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_scale_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_gamma_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_rbox_ctrl.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_mac_pmap.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_win32_bmp.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vcgen_dash.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_line_aa_basics.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_trans_single_path.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_bezier_arc.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_trans_warp_magnifier.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vpgen_segmentator.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_embedded_raster_fonts.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_rounded_rect.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_sqrt_tables.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vcgen_markers_term.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vpgen_clip_polyline.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_bspline.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_arrowhead.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_gsv_text.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_trans_double_path.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vcgen_stroke.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vcgen_smooth_poly1.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vcgen_contour.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_curves.cpp
Examining data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_vcgen_bspline.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_gradient.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_rect.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/utf8/core.h
Examining data/python-enable-4.8.1/kiva/agg/src/utf8/unchecked.h
Examining data/python-enable-4.8.1/kiva/agg/src/utf8/checked.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context_base.h
Examining data/python-enable-4.8.1/kiva/agg/src/utf8.h
Examining data/python-enable-4.8.1/kiva/agg/src/gl_graphics_context.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_dash_type.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_state.h
Examining data/python-enable-4.8.1/kiva/agg/src/gl/agg_bmp.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/gl/agg_bmp.h
Examining data/python-enable-4.8.1/kiva/agg/src/win32/agg_platform_specific.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/win32/agg_platform_specific.h
Examining data/python-enable-4.8.1/kiva/agg/src/win32/agg_bmp.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/win32/agg_bmp.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_rect.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_image_filters.h
Examining data/python-enable-4.8.1/kiva/agg/src/gl_graphics_context.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_compiled_path.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/gl_test/gl_test.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/gl_test/Lesson2.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/gl_test/Lesson2.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_exceptions.h
Examining data/python-enable-4.8.1/kiva/agg/src/x11/agg_platform_specific.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/x11/agg_platform_specific.h
Examining data/python-enable-4.8.1/kiva/agg/src/x11/agg_bmp.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/x11/agg_bmp.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_basics.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_affine_helpers.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_pix_format.h
Examining data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_platform_specific.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_platform_specific.h
Examining data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_bmp.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_bmp.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_font_type.h
Examining data/python-enable-4.8.1/kiva/agg/src/dummy.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_gradient.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context_base.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_font_type.cpp
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_alpha_gamma.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_compiled_path.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_constants.h
Examining data/python-enable-4.8.1/kiva/agg/src/kiva_affine_helpers.h
Examining data/python-enable-4.8.1/kiva/_hit_test.cpp
Examining data/python-enable-4.8.1/kiva/_hit_test.h
Examining data/python-enable-4.8.1/kiva/quartz/mac_context.h
Examining data/python-enable-4.8.1/kiva/quartz/mac_context.c
Examining data/python-enable-4.8.1/kiva/_cython_speedups.cpp
FINAL RESULTS:
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:791:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:21798:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, 200, fmt, vargs);
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:655:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_face_names[m_num_faces], font_name);
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:840:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(m_signature,
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:866:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(m_signature, buf);
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:449:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_typeface, typeface_);
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:504:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_font_names[m_num_fonts], m_signature);
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:562:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(m_signature,
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:591:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(m_signature, buf);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_font_cache_manager.h:64:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_font_signature, font_signature);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_rbox_ctrl.cpp:62:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&m_items[m_num_items][0], text);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_slider_ctrl.cpp:165:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, m_label, value());
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:485:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fAppPath, "%s", path.Path());
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:580:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:638:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(m_specific->fFilePath, "%s/%s", m_specific->fAppPath, file_name);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:649:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "%s/%s%s", m_specific->fAppPath, file, img_ext());
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:377:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1012:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1150:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:465:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:639:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:662:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:236:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:550:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:612:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:583:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1121:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1140:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/python-enable-4.8.1/kiva/agg/src/gl/agg_bmp.cpp:12:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH(NAME) fprintf(stderr, NAME "\n");
data/python-enable-4.8.1/kiva/agg/src/gl/agg_bmp.cpp:13:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH2(STR,ARG1,ARG2) fprintf(stderr, STR "\n",(ARG1),(ARG2));
data/python-enable-4.8.1/kiva/agg/src/gl/agg_bmp.cpp:14:50: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH5(STR,ARG1,ARG2,ARG3,ARG4,ARG5) fprintf(stderr, STR "\n",(ARG1),(ARG2),(ARG3),(ARG4),(ARG5));
data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_bmp.cpp:24:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH(NAME) fprintf(stderr, NAME "\n");
data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_bmp.cpp:25:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH2(STR,ARG1,ARG2) fprintf(stderr, STR "\n",(ARG1),(ARG2));
data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_bmp.cpp:26:50: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH5(STR,ARG1,ARG2,ARG3,ARG4,ARG5) fprintf(stderr, STR "\n",(ARG1),(ARG2),(ARG3),(ARG4),(ARG5));
data/python-enable-4.8.1/kiva/agg/src/win32/agg_bmp.cpp:12:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH(NAME) fprintf(stderr, NAME "\n");
data/python-enable-4.8.1/kiva/agg/src/win32/agg_bmp.cpp:13:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH2(STR,ARG1,ARG2) fprintf(stderr, STR "\n",(ARG1),(ARG2));
data/python-enable-4.8.1/kiva/agg/src/win32/agg_bmp.cpp:14:50: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH5(STR,ARG1,ARG2,ARG3,ARG4,ARG5) fprintf(stderr, STR "\n",(ARG1),(ARG2),(ARG3),(ARG4),(ARG5));
data/python-enable-4.8.1/kiva/agg/src/win32/agg_platform_specific.cpp:11:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH(NAME) fprintf(stderr, NAME "\n");
data/python-enable-4.8.1/kiva/agg/src/win32/agg_platform_specific.cpp:12:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH2(STR,ARG1,ARG2) fprintf(stderr, STR "\n",(ARG1),(ARG2));
data/python-enable-4.8.1/kiva/agg/src/win32/agg_platform_specific.cpp:13:50: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH5(STR,ARG1,ARG2,ARG3,ARG4,ARG5) fprintf(stderr, STR "\n",(ARG1),(ARG2),(ARG3),(ARG4),(ARG5));
data/python-enable-4.8.1/kiva/agg/src/x11/agg_bmp.cpp:26:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH(NAME) fprintf(stderr, NAME "\n");
data/python-enable-4.8.1/kiva/agg/src/x11/agg_bmp.cpp:27:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH2(STR,ARG1,ARG2) fprintf(stderr, STR "\n",(ARG1),(ARG2));
data/python-enable-4.8.1/kiva/agg/src/x11/agg_bmp.cpp:28:50: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_MTH5(STR,ARG1,ARG2,ARG3,ARG4,ARG5) fprintf(stderr, STR "\n",(ARG1),(ARG2),(ARG3),(ARG4),(ARG5));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:22835:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:22836:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:22836:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:22857:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context_base.cpp:645:9: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&gCriticalSection);
data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context_base.cpp:649:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&gCriticalSection);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:744:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:14869:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
__pyx_v_resultp = ((((char **)__pyx_v_resultp)[0]) + __pyx_v_suboffset);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:16610:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, (__pyx_v_itemsize * __pyx_v_dst_extent)));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:16642:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_dst_data, __pyx_v_src_data, __pyx_v_itemsize));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:17147:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_result, __pyx_v_src->data, __pyx_v_size));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:17895:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_dst.data, __pyx_v_src.data, __pyx_memoryview_slice_get_size((&__pyx_v_src), __pyx_v_ndim)));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:18500:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_data, __pyx_v_item, __pyx_v_itemsize));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:20757:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(__pyx_memoryview_thread_locks[0]), __pyx_t_2, sizeof(__pyx_memoryview_thread_locks[0]) * (8));
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:21792:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[200];
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:22869:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:25299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:25303:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:627:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_faces,
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:630:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_face_names,
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:831:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gamma_table[rasterizer_scanline_aa<>::aa_scale];
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:857:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:859:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, ",%08X%08X%08X%08X%08X%08X",
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:493:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_fonts,
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:496:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_font_names,
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:553:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gamma_table[rasterizer_scanline_aa<>::aa_scale];
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:582:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:584:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, ",%08X%08X%08X%08X%08X%08X",
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:56:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, c, sizeof(T) * Size);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:61:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, c, sizeof(T) * Size);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:124:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * m_size);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:138:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * m_size);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:249:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, m_array, m_size * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:272:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * v.m_size);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:280:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(v.m_size) memcpy(m_array, v.m_array, sizeof(T) * v.m_size);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:287:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(m_size) memcpy(ptr, m_array, m_size * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:296:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(byte_size) memcpy(m_array, data, byte_size * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:589:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_blocks[i], v.m_blocks[i], block_size * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:606:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_blocks[i], v.m_blocks[i], block_size * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:623:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_blocks,
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:723:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(*this)[i], sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:737:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data, sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:760:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((*this)[start + i]), data, sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:765:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, data, sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:868:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_blocks,
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_blur.h:1358:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r1, r0, w * sizeof(pixel_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_blur.h:1372:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r2, r1, w * sizeof(pixel_type)); // duplicate bottom row
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_font_cache_manager.h:175:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_fonts,
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_gsv_text.h:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_chr[2];
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_storage.h:311:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_coords,
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_storage.h:315:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cmds,
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_storage_integer.h:125:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_storage[i], sizeof(vertex_integer_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_path_storage_integer.h:267:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v, m_ptr, sizeof(vertex_integer_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_pixfmt_amask_adaptor.h:57:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_span[0], covers, len * sizeof(cover_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rasterizer_cells_aa.h:483:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cells, m_cells, m_max_blocks * sizeof(cell_type*));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rendering_buffer.h:108:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row_ptr(0, y, w), src.row_ptr(y), l);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_rendering_buffer.h:238:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row_ptr(0, y, w), src.row_ptr(y), l);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_p.h:106:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_cover_ptr, covers, len * sizeof(cover_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_p.h:262:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_cover_ptr, covers, len * sizeof(cover_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_aa.h:100:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, cells, sizeof(T) * num_cells);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_aa.h:106:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.ptr, cells, sizeof(T) * num_cells);
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_aa.h:147:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst.ptr, src.ptr, dst.len * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_aa.h:482:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, covers, sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_storage_aa.h:487:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, covers, unsigned(sp.len) * sizeof(T));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_u.h:171:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_covers[x], covers, len * sizeof(cover_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_scanline_u.h:386:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_covers[x], covers, len * sizeof(cover_type));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_viewport.h:205:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, this, sizeof(*this));
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_trans_viewport.h:210:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this, ptr, sizeof(*this));
data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_cbox_ctrl.h:65:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[128];
data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_gamma_spline.h:79:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_gamma[256];
data/python-enable-4.8.1/kiva/agg/agg-24/include/ctrl/agg_slider_ctrl.h:80:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[64];
data/python-enable-4.8.1/kiva/agg/agg-24/include/platform/agg_platform_support.h:674:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_caption[256];
data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_gsv_text.cpp:547:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(file, "rb");
data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_gsv_text.cpp:579:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_text_buf[0], text, new_size);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_cbox_ctrl.cpp:54:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_label, l, len);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_gamma_ctrl.cpp:130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[32];
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_gamma_ctrl.cpp:243:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tbuf, "%5.3f %5.3f %5.3f %5.3f", kx1, ky1, kx2, ky2);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_slider_ctrl.cpp:108:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_label, fmt, len);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_slider_ctrl.cpp:164:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:613:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:801:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char key_buf[BUF_SIZE];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fAppPath[B_PATH_NAME_LENGTH];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:552:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fFilePath[B_PATH_NAME_LENGTH];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:567:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/BeOS/agg_platform_support.cpp:648:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[B_PATH_NAME_LENGTH];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:363:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "AGG Application");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1011:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1016:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".ppm");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1019:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(buf, "rb");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1044:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned width = atoi(ptr);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1057:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned height = atoi(ptr);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1065:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(ptr) != 255)
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1149:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1154:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".ppm");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1157:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(buf, "wb");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:450:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:638:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:647:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:661:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:670:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:221:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:549:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:554:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:611:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:616:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:568:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1120:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1125:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1139:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1144:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1458:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argv_ptr, tok.ptr, tok.len);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_win32_bmp.cpp:411:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, m_buf, m_bmp->bmiHeader.biSizeImage);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_win32_bmp.cpp:494:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(filename, "rb");
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_win32_bmp.cpp:529:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(filename, "wb");
data/python-enable-4.8.1/kiva/agg/src/dummy.cpp:15:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(file_name, "wb");
data/python-enable-4.8.1/kiva/agg/src/dummy.cpp:246:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char imgbuf[200*200*4];
data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_platform_specific.cpp:43:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool x11_display::open(const char* display_name) {
data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_platform_specific.cpp:160:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (x11.m_display == 0 && !x11.open()) {
data/python-enable-4.8.1/kiva/agg/src/gtk1/agg_platform_specific.h:33:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const char* display_name = NULL);
data/python-enable-4.8.1/kiva/agg/src/kiva_font_type.cpp:53:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(full_file_name.c_str(), "rb");
data/python-enable-4.8.1/kiva/agg/src/kiva_font_type.cpp:97:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(_filename.c_str(), "rb");
data/python-enable-4.8.1/kiva/agg/src/x11/agg_bmp.cpp:155:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, r.row_ptr(h-j-1), w*3);
data/python-enable-4.8.1/kiva/agg/src/x11/agg_platform_specific.cpp:43:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool x11_display::open(const char* display_name) {
data/python-enable-4.8.1/kiva/agg/src/x11/agg_platform_specific.cpp:175:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (x11.m_display == 0 && !x11.open()) {
data/python-enable-4.8.1/kiva/agg/src/x11/agg_platform_specific.h:33:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const char* display_name = NULL);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:668:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:789:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:7835:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__pyx_t_4 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_4)) __PYX_ERR(2, 249, __pyx_L1_error)
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:7879:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__pyx_t_3 = __Pyx_decode_c_string(__pyx_v_mode, 0, strlen(__pyx_v_mode), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(2, 251, __pyx_L1_error)
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:10414:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__pyx_t_10 = strlen(__pyx_v_self->view.format);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:17318:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__pyx_t_2 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_2)) __PYX_ERR(2, 1258, __pyx_L1_error)
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:17410:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__pyx_t_3 = __Pyx_decode_c_string(__pyx_v_msg, 0, strlen(__pyx_v_msg), NULL, NULL, PyUnicode_DecodeASCII); if (unlikely(!__pyx_t_3)) __PYX_ERR(2, 1263, __pyx_L1_error)
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:22308:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(cstring);
data/python-enable-4.8.1/kiva/_cython_speedups.cpp:25347:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:654:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_face_names[m_num_faces] = new char [strlen(font_name) + 1];
data/python-enable-4.8.1/kiva/agg/agg-24/font_freetype/agg_font_freetype.cpp:818:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned name_len = strlen(m_name);
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:439:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(typeface_);
data/python-enable-4.8.1/kiva/agg/agg-24/font_win32_tt/agg_font_win32_tt.cpp:503:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_font_names[m_num_fonts] = new char[strlen(m_signature) + 1];
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:1031:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
unsigned remove_duplicates(Array& arr, Equal equal)
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_array.h:1039:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!equal(e, arr[i - 1]))
data/python-enable-4.8.1/kiva/agg/agg-24/include/agg_font_cache_manager.h:63:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_font_signature = (char*)m_allocator.allocate(strlen(font_signature) + 1);
data/python-enable-4.8.1/kiva/agg/agg-24/src/agg_gsv_text.cpp:574:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned new_size = strlen(text) + 1;
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_cbox_ctrl.cpp:52:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(l);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_rbox_ctrl.cpp:61:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_items[m_num_items].resize(strlen(text) + 1);
data/python-enable-4.8.1/kiva/agg/agg-24/src/ctrl/agg_slider_ctrl.cpp:106:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(fmt);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:404:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
std::strncpy(m_caption, "Anti-Grain Geometry", 256);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:416:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(m_caption, cap, 256);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:614:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(fn, file, 1024);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:615:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = std::strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/AmigaOS/agg_platform_support.cpp:618:10: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
std::strncat(fn, ".bmp", 1024);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:208:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp.nitems = strlen(capt);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1013:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/X11/agg_platform_support.cpp:1151:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:640:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/mac/agg_platform_support.cpp:663:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:551:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/sdl/agg_platform_support.cpp:613:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1122:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1141:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1284:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_sep_len(sep ? strlen(sep) : 0),
data/python-enable-4.8.1/kiva/agg/agg-24/src/platform/win32/agg_platform_support.cpp:1439:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* argv_str = new char [strlen(lpszCmdLine) + 3];
data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context.h:1296:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t text_length = strlen(text);
data/python-enable-4.8.1/kiva/agg/src/kiva_graphics_context_base.cpp:588:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t text_length = strlen(text);
ANALYSIS SUMMARY:
Hits = 206
Lines analyzed = 113403 in approximately 2.64 seconds (42885 lines/second)
Physical Source Lines of Code (SLOC) = 78269
Hits@level = [0] 49 [1] 38 [2] 119 [3] 6 [4] 43 [5] 0
Hits@level+ = [0+] 255 [1+] 206 [2+] 168 [3+] 49 [4+] 43 [5+] 0
Hits/KSLOC@level+ = [0+] 3.25799 [1+] 2.63195 [2+] 2.14644 [3+] 0.626046 [4+] 0.549387 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.