Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tinyexr-1.0.0+dfsg/examples/common/cxxopts.hpp
Examining data/tinyexr-1.0.0+dfsg/examples/cube2longlat/cube2longlat.cc
Examining data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/exr2fptiff.cc
Examining data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/tiny_dng_writer.h
Examining data/tinyexr-1.0.0+dfsg/examples/exr2ldr/exr2ldr.cc
Examining data/tinyexr-1.0.0+dfsg/examples/exr2rgbe/exr2rgbe.cc
Examining data/tinyexr-1.0.0+dfsg/examples/exrfilter/exrfilter.cc
Examining data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc
Examining data/tinyexr-1.0.0+dfsg/examples/nornalmap/main.cc
Examining data/tinyexr-1.0.0+dfsg/examples/resize/resize.cc
Examining data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc
Examining data/tinyexr-1.0.0+dfsg/examples/testmapgen/testmapgen.cc
Examining data/tinyexr-1.0.0+dfsg/test/c-binding/test.c
Examining data/tinyexr-1.0.0+dfsg/test/exrcat/exrcat.cpp
Examining data/tinyexr-1.0.0+dfsg/test/exrwrite/exrwritetest.cpp
Examining data/tinyexr-1.0.0+dfsg/test/fuzzer/fuzz.cc
Examining data/tinyexr-1.0.0+dfsg/test/unit/tester.cc
Examining data/tinyexr-1.0.0+dfsg/tinyexr.cc
Examining data/tinyexr-1.0.0+dfsg/tinyexr.h
Examining data/tinyexr-1.0.0+dfsg/test_tinyexr.cc
FINAL RESULTS:
data/tinyexr-1.0.0+dfsg/test/exrwrite/exrwritetest.cpp:102:15: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rgba[i] = drand48();
data/tinyexr-1.0.0+dfsg/examples/cube2longlat/cube2longlat.cc:384:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int output_width = atoi(argv[7]);
data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/tiny_dng_writer.h:386:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[4];
data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/tiny_dng_writer.h:387:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c, &i, 4);
data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/tiny_dng_writer.h:487:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(ifd.offset_or_value), &value, sizeof(unsigned char));
data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/tiny_dng_writer.h:490:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(ifd.offset_or_value), &value, sizeof(unsigned short));
data/tinyexr-1.0.0+dfsg/examples/exr2fptiff/tiny_dng_writer.h:1128:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.data(), data_os_.str().data(), data.size());
data/tinyexr-1.0.0+dfsg/examples/resize/resize.cc:18:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dst_width = atoi(argv[3]);
data/tinyexr-1.0.0+dfsg/examples/resize/resize.cc:19:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dst_height = atoi(argv[4]);
data/tinyexr-1.0.0+dfsg/examples/testmapgen/testmapgen.cc:74:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = std::min(1, atoi(argv[2]));
data/tinyexr-1.0.0+dfsg/examples/testmapgen/testmapgen.cc:78:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
height = std::min(1, atoi(argv[3]));
data/tinyexr-1.0.0+dfsg/test/exrcat/exrcat.cpp:20:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(filename, "wb");
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:519:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:521:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Beachball/multipart.%04d.exr", i);
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:568:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:570:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Beachball/singlepart.%04d.exr", i);
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:40:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(filename, "wb");
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:181:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf.data(), wargv[i], slen);
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:411:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(exr_header.custom_attributes[0].name, "tinyexr_version_minor");
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:413:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(exr_header.custom_attributes[0].type, "int");
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:417:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(exr_header.custom_attributes[0].value, &version_minor, sizeof(int));
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:436:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(exr_header.custom_attributes[0].name, "zfpCompressionType");
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:443:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(exr_header.custom_attributes[1].name, "zfpCompressionRate");
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:448:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(exr_header.custom_attributes[1].value, &zfp_compression_rate,
data/tinyexr-1.0.0+dfsg/tinyexr.h:172:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256]; // name and type are up to 255 chars long.
data/tinyexr-1.0.0+dfsg/tinyexr.h:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[256];
data/tinyexr-1.0.0+dfsg/tinyexr.h:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256]; // less than 255 bytes long
data/tinyexr-1.0.0+dfsg/tinyexr.h:185:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad[3];
data/tinyexr-1.0.0+dfsg/tinyexr.h:1373:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_filename[MZ_ZIP_MAX_ARCHIVE_FILENAME_SIZE];
data/tinyexr-1.0.0+dfsg/tinyexr.h:1374:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_comment[MZ_ZIP_MAX_ARCHIVE_FILE_COMMENT_SIZE];
data/tinyexr-1.0.0+dfsg/tinyexr.h:1979:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char mz_validate_uint16[sizeof(mz_uint16) == 2 ? 1 : -1];
data/tinyexr-1.0.0+dfsg/tinyexr.h:1980:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char mz_validate_uint32[sizeof(mz_uint32) == 4 ? 1 : -1];
data/tinyexr-1.0.0+dfsg/tinyexr.h:1981:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char mz_validate_uint64[sizeof(mz_uint64) == 8 ? 1 : -1];
data/tinyexr-1.0.0+dfsg/tinyexr.h:2348:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStream->next_out, pState->m_dict + pState->m_dict_ofs, n);
data/tinyexr-1.0.0+dfsg/tinyexr.h:2377:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStream->next_out, pState->m_dict + pState->m_dict_ofs, n);
data/tinyexr-1.0.0+dfsg/tinyexr.h:2474:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define TINFL_MEMCPY(d, s, l) memcpy(d, s, l)
data/tinyexr-1.0.0+dfsg/tinyexr.h:3474:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code_sizes_to_pack, &d->m_huff_code_sizes[0][0], num_lit_codes);
data/tinyexr-1.0.0+dfsg/tinyexr.h:3475:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code_sizes_to_pack + num_lit_codes, &d->m_huff_code_sizes[1][0],
data/tinyexr-1.0.0+dfsg/tinyexr.h:3821:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)d->m_pOut_buf + d->m_out_buf_ofs, d->m_output_buf,
data/tinyexr-1.0.0+dfsg/tinyexr.h:3958:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->m_dict + dst_pos, d->m_pSrc, n);
data/tinyexr-1.0.0+dfsg/tinyexr.h:3960:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->m_dict + TDEFL_LZ_DICT_SIZE + dst_pos, d->m_pSrc,
data/tinyexr-1.0.0+dfsg/tinyexr.h:4310:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)d->m_pOut_buf + d->m_out_buf_ofs,
data/tinyexr-1.0.0+dfsg/tinyexr.h:4476:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)p->m_pBuf + p->m_size, pBuf, len);
data/tinyexr-1.0.0+dfsg/tinyexr.h:4647:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buf.m_pBuf, pnghdr, 41);
data/tinyexr-1.0.0+dfsg/tinyexr.h:4717:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define MZ_FOPEN(f, m) fopen(f, m)
data/tinyexr-1.0.0+dfsg/tinyexr.h:4733:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define MZ_FOPEN(f, m) fopen(f, m)
data/tinyexr-1.0.0+dfsg/tinyexr.h:4765:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define MZ_FOPEN(f, m) fopen(f, m)
data/tinyexr-1.0.0+dfsg/tinyexr.h:4916:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)pArray->m_p + orig_size * pArray->m_element_size,
data/tinyexr-1.0.0+dfsg/tinyexr.h:5242:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuf, (const mz_uint8 *)pZip->m_pState->m_pMem + file_ofs, s);
data/tinyexr-1.0.0+dfsg/tinyexr.h:5381:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStat->m_filename, p + MZ_ZIP_CENTRAL_DIR_HEADER_SIZE, n);
data/tinyexr-1.0.0+dfsg/tinyexr.h:5387:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pStat->m_comment,
data/tinyexr-1.0.0+dfsg/tinyexr.h:5408:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pFilename, p + MZ_ZIP_CENTRAL_DIR_HEADER_SIZE, n);
data/tinyexr-1.0.0+dfsg/tinyexr.h:6056:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((mz_uint8 *)pState->m_pMem + file_ofs, pBuf, n);
data/tinyexr-1.0.0+dfsg/tinyexr.h:6104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/tinyexr-1.0.0+dfsg/tinyexr.h:6310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/tinyexr-1.0.0+dfsg/tinyexr.h:6804:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(central_header, pSrc_central_header, MZ_ZIP_CENTRAL_DIR_HEADER_SIZE);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7414:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_len, marker, sizeof(uint32_t));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7443:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data->at(0), marker, static_cast<size_t>(data_len));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7468:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad[3];
data/tinyexr-1.0.0+dfsg/tinyexr.h:7560:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info.pixel_type, p, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info.x_sampling, p, sizeof(int)); // int
data/tinyexr-1.0.0+dfsg/tinyexr.h:7566:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info.y_sampling, p, sizeof(int)); // int
data/tinyexr-1.0.0+dfsg/tinyexr.h:7593:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, channels[c].name.c_str(), strlen(channels[c].name.c_str()));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7605:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &pixel_type, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7611:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &x_sampling, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7614:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, &y_sampling, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7698:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_size);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7707:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_size);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7861:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, count);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7949:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_size);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7958:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_size);
data/tinyexr-1.0.0+dfsg/tinyexr.h:8650:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(frq, scode.data(), sizeof(long long) * HUF_ENCSIZE);
data/tinyexr-1.0.0+dfsg/tinyexr.h:9171:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void writeUInt(char buf[4], unsigned int i) {
data/tinyexr-1.0.0+dfsg/tinyexr.h:9180:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned int readUInt(const char buf[4]) {
data/tinyexr-1.0.0+dfsg/tinyexr.h:9288:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitmap[BITMAP_SIZE],
data/tinyexr-1.0.0+dfsg/tinyexr.h:9310:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char bitmap[BITMAP_SIZE], unsigned short lut[USHORT_RANGE]) {
data/tinyexr-1.0.0+dfsg/tinyexr.h:9324:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char bitmap[BITMAP_SIZE], unsigned short lut[USHORT_RANGE]) {
data/tinyexr-1.0.0+dfsg/tinyexr.h:9400:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cd.end, ptr, n * sizeof(unsigned short));
data/tinyexr-1.0.0+dfsg/tinyexr.h:9419:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &minNonZero, sizeof(unsigned short));
data/tinyexr-1.0.0+dfsg/tinyexr.h:9421:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &maxNonZero, sizeof(unsigned short));
data/tinyexr-1.0.0+dfsg/tinyexr.h:9425:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, reinterpret_cast<char *>(&bitmap[0] + minNonZero),
data/tinyexr-1.0.0+dfsg/tinyexr.h:9451:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &zero, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:9456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lengthPtr, &length, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:9466:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outPtr, inPtr, inSize);
data/tinyexr-1.0.0+dfsg/tinyexr.h:9477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outPtr, inPtr, inLen);
data/tinyexr-1.0.0+dfsg/tinyexr.h:9505:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<char *>(&bitmap[0] + minNonZero), ptr,
data/tinyexr-1.0.0+dfsg/tinyexr.h:9580:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outPtr, cd.end, static_cast<size_t>(n * sizeof(unsigned short)));
data/tinyexr-1.0.0+dfsg/tinyexr.h:9693:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_size);
data/tinyexr-1.0.0+dfsg/tinyexr.h:9726:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf.at(0), src, src_size);
data/tinyexr-1.0.0+dfsg/tinyexr.h:10560:7: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, str.data(), (int)str.size(), NULL, 0);
data/tinyexr-1.0.0+dfsg/tinyexr.h:10562:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, str.data(), (int)str.size(), &wstr[0],
data/tinyexr-1.0.0+dfsg/tinyexr.h:10659:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x_size, &data.at(0), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10660:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&y_size, &data.at(4), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10744:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->data_window.min_x, &data.at(0), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10745:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->data_window.min_y, &data.at(4), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10746:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->data_window.max_x, &data.at(8), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10747:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->data_window.max_y, &data.at(12), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10756:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->display_window.min_x, &data.at(0), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10757:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->display_window.min_y, &data.at(4), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10758:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->display_window.max_x, &data.at(8), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10759:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->display_window.max_y, &data.at(12), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10774:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->pixel_aspect_ratio, &data.at(0), sizeof(float));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10780:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->screen_window_center[0], &data.at(0), sizeof(float));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10781:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->screen_window_center[1], &data.at(4), sizeof(float));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10788:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->screen_window_width, &data.at(0), sizeof(float));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10795:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->chunk_count, &data.at(0), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:10813:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reinterpret_cast<char *>(attrib.value), &data.at(0),
data/tinyexr-1.0.0+dfsg/tinyexr.h:10943:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(exr_header->custom_attributes[i].name, info.attributes[i].name,
data/tinyexr-1.0.0+dfsg/tinyexr.h:10945:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(exr_header->custom_attributes[i].type, info.attributes[i].type,
data/tinyexr-1.0.0+dfsg/tinyexr.h:11096:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tile_coordinates, data_ptr, sizeof(int) * 4);
data/tinyexr-1.0.0+dfsg/tinyexr.h:11113:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_len, data_ptr + 16,
data/tinyexr-1.0.0+dfsg/tinyexr.h:11233:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&line_no, data_ptr, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:11235:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_len, data_ptr + 4, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:11352:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&y, marker, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:11353:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data_len, marker + 4, sizeof(unsigned int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:11468:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&offset, marker, sizeof(tinyexr::tinyexr_uint64));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12124:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:12127:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:12532:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(0), &start_y, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12533:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(4), &data_len, sizeof(unsigned int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12562:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(0), &start_y, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12563:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(4), &data_len, sizeof(unsigned int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12587:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(0), &start_y, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12588:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(4), &data_len, sizeof(unsigned int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12615:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(0), &start_y, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12616:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(4), &data_len, sizeof(unsigned int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12642:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(0), &start_y, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12643:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header.at(4), &data_len, sizeof(unsigned int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12680:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*memory_out), &memory.at(0), memory.size());
data/tinyexr-1.0.0+dfsg/tinyexr.h:12684:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(memory_ptr, &data_list[i].at(0), data_list[i].size());
data/tinyexr-1.0.0+dfsg/tinyexr.h:12727:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:12730:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:12778:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:12786:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:12910:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dx, &data.at(0), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12911:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dy, &data.at(4), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12912:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dw, &data.at(8), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12913:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dh, &data.at(12), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12924:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x, &data.at(0), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12925:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&y, &data.at(4), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12926:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&w, &data.at(8), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12927:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&h, &data.at(12), sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:12957:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&offset, marker, sizeof(tinyexr::tinyexr_int64));
data/tinyexr-1.0.0+dfsg/tinyexr.h:13011:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&line_no, data_ptr, sizeof(int));
data/tinyexr-1.0.0+dfsg/tinyexr.h:13012:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packedOffsetTableSize, data_ptr + 4,
data/tinyexr-1.0.0+dfsg/tinyexr.h:13014:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&packedSampleDataSize, data_ptr + 12,
data/tinyexr-1.0.0+dfsg/tinyexr.h:13016:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&unpackedSampleDataSize, data_ptr + 20,
data/tinyexr-1.0.0+dfsg/tinyexr.h:13265:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13268:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13395:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13398:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13500:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13503:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13519:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[tinyexr::kEXRVersionSize];
data/tinyexr-1.0.0+dfsg/tinyexr.h:13577:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&offset, marker, 8);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13603:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&part_no, part_number_addr, sizeof(unsigned int)); // 4
data/tinyexr-1.0.0+dfsg/tinyexr.h:13648:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13651:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/tinyexr-1.0.0+dfsg/tinyexr.h:13708:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(images[0].data(), data, sizeof(float) * size_t(width * height));
data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc:59:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[0].name, "B", 255); header.channels[0].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc:59:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(header.channels[0].name, "B", 255); header.channels[0].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc:60:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[1].name, "G", 255); header.channels[1].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc:60:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(header.channels[1].name, "G", 255); header.channels[1].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc:61:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[2].name, "R", 255); header.channels[2].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/ldr2exr/ldr2exr.cc:61:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(header.channels[2].name, "R", 255); header.channels[2].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc:55:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[0].name, "B", 255); header.channels[0].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc:55:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(header.channels[0].name, "B", 255); header.channels[0].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc:56:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[1].name, "G", 255); header.channels[1].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc:56:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(header.channels[1].name, "G", 255); header.channels[1].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc:57:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[2].name, "R", 255); header.channels[2].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/examples/rgbe2exr/rgbe2exr.cc:57:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(header.channels[2].name, "R", 255); header.channels[2].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:718:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[0].name, "B", 255);
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:719:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[0].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:720:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[1].name, "G", 255);
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:721:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[1].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:722:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[2].name, "R", 255);
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:723:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[2].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:955:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f.read(reinterpret_cast<char*>(&data.at(0)),
data/tinyexr-1.0.0+dfsg/test/unit/tester.cc:992:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f.read(reinterpret_cast<char*>(&data.at(0)),
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:179:19: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = _tcslen(wargv[i]);
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:412:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exr_header.custom_attributes[0].name[strlen("tinyexr_version_minor")] = '\0';
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:414:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exr_header.custom_attributes[0].type[strlen("int")] = '\0';
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:437:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exr_header.custom_attributes[0].name[strlen("zfpCompressionType")] = '\0';
data/tinyexr-1.0.0+dfsg/test_tinyexr.cc:444:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exr_header.custom_attributes[1].name[strlen("zfpCompressionRate")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:5454:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const mz_uint filename_len = (mz_uint)strlen(pFilename);
data/tinyexr-1.0.0+dfsg/tinyexr.h:5481:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(pName);
data/tinyexr-1.0.0+dfsg/tinyexr.h:5483:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment_len = pComment ? strlen(pComment) : 0;
data/tinyexr-1.0.0+dfsg/tinyexr.h:6365:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archive_name_size = strlen(pArchive_name);
data/tinyexr-1.0.0+dfsg/tinyexr.h:6518:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archive_name_size = strlen(pArchive_name);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7452:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out->insert(out->end(), name, name + strlen(name) + 1);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7453:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out->insert(out->end(), type, type + strlen(type) + 1);
data/tinyexr-1.0.0+dfsg/tinyexr.h:7585:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz += strlen(channels[c].name.c_str()) + 1; // +1 for \0
data/tinyexr-1.0.0+dfsg/tinyexr.h:7593:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(p, channels[c].name.c_str(), strlen(channels[c].name.c_str()));
data/tinyexr-1.0.0+dfsg/tinyexr.h:7594:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(channels[c].name.c_str());
data/tinyexr-1.0.0+dfsg/tinyexr.h:10806:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(attrib.name, attr_name.c_str(), 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:10807:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(attrib.type, attr_type.c_str(), 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:10906:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(exr_header->channels[c].name, info.channels[c].name.c_str(), 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13755:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[0].name, "A", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13756:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[1].name, "B", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13757:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[2].name, "G", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13758:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[3].name, "R", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13760:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[0].name[strlen("A")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13761:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[1].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13762:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[2].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13763:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[3].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13770:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[0].name, "B", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13771:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[1].name, "G", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13772:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[2].name, "R", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13774:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[0].name[strlen("B")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13775:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[1].name[strlen("G")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13776:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[2].name[strlen("R")] = '\0';
data/tinyexr-1.0.0+dfsg/tinyexr.h:13781:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(header.channels[0].name, "A", 255);
data/tinyexr-1.0.0+dfsg/tinyexr.h:13783:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header.channels[0].name[strlen("A")] = '\0';
ANALYSIS SUMMARY:
Hits = 215
Lines analyzed = 20597 in approximately 0.50 seconds (41586 lines/second)
Physical Source Lines of Code (SLOC) = 15338
Hits@level = [0] 131 [1] 54 [2] 160 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 346 [1+] 215 [2+] 161 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 22.5584 [1+] 14.0175 [2+] 10.4968 [3+] 0.0651975 [4+] 0 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.