Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/silx-0.13.1+dfsg/silx/math/fit/peaks/include/peaks.h
Examining data/silx-0.13.1+dfsg/silx/math/fit/peaks/src/peaks.c
Examining data/silx-0.13.1+dfsg/silx/math/fit/functions/include/functions.h
Examining data/silx-0.13.1+dfsg/silx/math/fit/functions/src/funs.c
Examining data/silx-0.13.1+dfsg/silx/math/fit/filters/include/filters.h
Examining data/silx-0.13.1+dfsg/silx/math/fit/filters/src/smoothnd.c
Examining data/silx-0.13.1+dfsg/silx/math/fit/filters/src/strip.c
Examining data/silx-0.13.1+dfsg/silx/math/fit/filters/src/snip2d.c
Examining data/silx-0.13.1+dfsg/silx/math/fit/filters/src/snip1d.c
Examining data/silx-0.13.1+dfsg/silx/math/fit/filters/src/snip3d.c
Examining data/silx-0.13.1+dfsg/silx/math/medianfilter/include/median_filter.hpp
Examining data/silx-0.13.1+dfsg/silx/math/include/math_compatibility.h
Examining data/silx-0.13.1+dfsg/silx/math/marchingcubes/mc.hpp
Examining data/silx-0.13.1+dfsg/silx/math/marchingcubes/mc_lut.cpp
Examining data/silx-0.13.1+dfsg/silx/math/histogramnd/include/msvc/stdint.h
Examining data/silx-0.13.1+dfsg/silx/math/histogramnd/include/templates.h
Examining data/silx-0.13.1+dfsg/silx/math/histogramnd/include/histogramnd_c.h
Examining data/silx-0.13.1+dfsg/silx/math/histogramnd/src/histogramnd_template.c
Examining data/silx-0.13.1+dfsg/silx/math/histogramnd/src/histogramnd_c.c
Examining data/silx-0.13.1+dfsg/silx/utils/include/silx_store_openmp.h
Examining data/silx-0.13.1+dfsg/silx/image/marchingsquares/include/patterns.h
Examining data/silx-0.13.1+dfsg/silx/io/specfile/include/locale_management.h
Examining data/silx-0.13.1+dfsg/silx/io/specfile/include/SpecFile.h
Examining data/silx-0.13.1+dfsg/silx/io/specfile/include/SpecFileP.h
Examining data/silx-0.13.1+dfsg/silx/io/specfile/include/Lists.h
Examining data/silx-0.13.1+dfsg/silx/io/specfile/include/SpecFileCython.h
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sfwrite.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/locale_management.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sfindex.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sftools.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sfmca.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sflists.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c
Examining data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c
FINAL RESULTS:
data/silx-0.13.1+dfsg/silx/io/specfile/src/locale_management.c:66:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localeBuffer, currentLocaleBuffer);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:282:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localeBuffer, currentLocaleBuffer);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:736:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf,(char *)linebuf);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:561:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(idxname,"%s%s",sf->sfname,SF_ISFX);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:625:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(idxname,"%s%s",sf->sfname,SF_ISFX);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:250:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(onelabel,tmplab);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:269:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(onelabel,tmplab);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:375:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(onemot,tmpmot);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:393:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(onemot,tmpmot);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:518:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localeBuffer, currentLocaleBuffer);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfmca.c:261:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localeBuffer, currentLocaleBuffer);
data/silx-0.13.1+dfsg/silx/io/specfile/src/locale_management.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localeBuffer[21];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:198:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strval[100];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localeBuffer[21];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:231:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data[i],sf->data[i],sizeof(double) * dinfo[COL]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:384:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dataline,valline,sizeof(double) * cols);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:417:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->data[i],data[i],sizeof(double) * dinfo[COL]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:438:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->data[i],data[i],sizeof(double) * dinfo[COL]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:560:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datarow,data[selection],sizeof(double) * dinfo[COL]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfdata.c:656:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oneline[300];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:145:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_line,ptr,sizeof(char) * length );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:183:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
col = atol( buf );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:317:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
epoch = atol( buf );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:504:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( title, line, sizeof(char) * i );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:717:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linebuf[5000];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:788:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ret, line, sizeof(char) * ( 1 + strlen( line )) );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfindex.c:196:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr,indexes,sizeof(long) * i);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfindex.c:317:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*scan_list,list, i * sizeof(long));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:225:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(name,SF_OPENFLAG);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:563:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sfi = open(idxname,SF_OPENFLAG)) == -1) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:604:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cursor,&filecurs,sizeof(SfCursor));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:628:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fdi = open(idxname,O_CREAT | O_WRONLY,SF_UMASK)) == -1) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:796:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:797:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[50];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:815:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scan->scan_no = atol(buffer2);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:149:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
label = (char *)strdup(labels[selection]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:183:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmplab[40];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:280:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sf->labels[i] = (char *) strdup(labarr[i]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:321:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpmot[40];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:406:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
sf->motor_names[i] = (char *)strdup(motarr[i]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:453:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
motor = (char *)strdup(motors[selection]);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:472:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char posstr[40];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localeBuffer[21];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:561:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sf->motor_pos,pos,motct * sizeof(double));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:567:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(posarr,pos,motct * sizeof(double));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflists.c:114:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newobj, object, size);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfmca.c:159:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strval[100];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfmca.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localeBuffer[21];
data/silx-0.13.1+dfsg/silx/io/specfile/src/sftools.c:495:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, tmpret, i * sizeof(double) );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfwrite.c:518:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (output = open(name, O_CREAT | O_RDWR | O_APPEND, SF_UMASK )) == (int)NULL ) {
data/silx-0.13.1+dfsg/silx/math/fit/filters/src/smoothnd.c:102:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, input, len_input * sizeof(double));
data/silx-0.13.1+dfsg/silx/math/fit/filters/src/smoothnd.c:135:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, output, len_input * sizeof(double));
data/silx-0.13.1+dfsg/silx/math/fit/filters/src/strip.c:74:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, input, len_input * sizeof(double));
data/silx-0.13.1+dfsg/silx/math/fit/filters/src/strip.c:103:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input, output, len_input * sizeof(double));
data/silx-0.13.1+dfsg/silx/math/fit/filters/src/strip.c:114:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input, output, len_input * sizeof(double));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:583:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( string == (char *) NULL || strlen(string) == 0)
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:603:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( j=0; j < strlen(string) && ptr+j< to;j++)
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:605:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( j == strlen(string)) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:623:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( j=0; j < strlen(string) && (ptr + j) < to;j++)
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:625:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( j == strlen(string)) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:771:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line += strlen( word );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:781:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = (char *)malloc( sizeof(char) * ( 1 + strlen( line )) );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfheader.c:788:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( ret, line, sizeof(char) * ( 1 + strlen( line )) );
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfindex.c:486:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(sf->fd,buffer,size);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:506:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((bytesread = read(fd,buffer,size)) > 0 ) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:557:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelength = strlen(sf->sfname) + strlen(SF_ISFX) + 1;
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:557:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelength = strlen(sf->sfname) + strlen(SF_ISFX) + 1;
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:585:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytesread = read(sfi,buffer,sizeof(SF_SIGNATURE));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:593:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( read(sfi,&mtime, sizeof(long)) == 0) return(SF_INIT);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:594:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( read(sfi,&filecurs, sizeof(SfCursor)) == 0) return(SF_INIT);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:598:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(read(sfi,&scan, sizeof(SpecScan))) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:621:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelength = strlen(sf->sfname) + strlen(SF_ISFX) + 1;
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:621:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelength = strlen(sf->sfname) + strlen(SF_ISFX) + 1;
data/silx-0.13.1+dfsg/silx/io/specfile/src/sfinit.c:808:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(sf->fd,buffer,sizeof(buffer));
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:242:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((ptr < buf + strlen(buf) -1) && (*ptr == ' ')) ptr++;
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:244:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;ptr < buf + strlen(buf) -1;ptr++,i++) {
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:255:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(;*(ptr+1) == ' ' && ptr < buf+strlen(buf)-1;ptr++);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:367:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endline = thisline + strlen(thisline);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sflabel.c:524:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endline = thisline + strlen(thisline);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sftools.c:154:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(sf->fd,sf->scanbuffer,scan->size);
data/silx-0.13.1+dfsg/silx/io/specfile/src/sftools.c:190:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(sf->fd,sf->filebuffer,fileheadsize);
ANALYSIS SUMMARY:
Hits = 82
Lines analyzed = 10987 in approximately 0.46 seconds (23787 lines/second)
Physical Source Lines of Code (SLOC) = 6768
Hits@level = [0] 45 [1] 26 [2] 45 [3] 0 [4] 11 [5] 0
Hits@level+ = [0+] 127 [1+] 82 [2+] 56 [3+] 11 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 18.7648 [1+] 12.1158 [2+] 8.27423 [3+] 1.6253 [4+] 1.6253 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.