Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/twolame-0.4.0/frontend/frontend.c Examining data/twolame-0.4.0/frontend/frontend.h Examining data/twolame-0.4.0/win32/winutil.h Examining data/twolame-0.4.0/win32/configwin.h Examining data/twolame-0.4.0/simplefrontend/audio_wave.h Examining data/twolame-0.4.0/simplefrontend/audio_wave.c Examining data/twolame-0.4.0/simplefrontend/simplefrontend.c Examining data/twolame-0.4.0/libtwolame/psycho_1.c Examining data/twolame-0.4.0/libtwolame/availbits.h Examining data/twolame-0.4.0/libtwolame/psycho_2.c Examining data/twolame-0.4.0/libtwolame/availbits.c Examining data/twolame-0.4.0/libtwolame/enwindow.h Examining data/twolame-0.4.0/libtwolame/bitbuffer.h Examining data/twolame-0.4.0/libtwolame/crc.c Examining data/twolame-0.4.0/libtwolame/encode.c Examining data/twolame-0.4.0/libtwolame/energy.h Examining data/twolame-0.4.0/libtwolame/subband.c Examining data/twolame-0.4.0/libtwolame/psycho_0.c Examining data/twolame-0.4.0/libtwolame/mem.c Examining data/twolame-0.4.0/libtwolame/get_set.c Examining data/twolame-0.4.0/libtwolame/psycho_1_critband.h Examining data/twolame-0.4.0/libtwolame/dab.c Examining data/twolame-0.4.0/libtwolame/ath.c Examining data/twolame-0.4.0/libtwolame/util.c Examining data/twolame-0.4.0/libtwolame/psycho_4.h Examining data/twolame-0.4.0/libtwolame/energy.c Examining data/twolame-0.4.0/libtwolame/crc.h Examining data/twolame-0.4.0/libtwolame/psycho_n1.h Examining data/twolame-0.4.0/libtwolame/psycho_1_freqtable.h Examining data/twolame-0.4.0/libtwolame/fft.h Examining data/twolame-0.4.0/libtwolame/psycho_2.h Examining data/twolame-0.4.0/libtwolame/subband.h Examining data/twolame-0.4.0/libtwolame/util.h Examining data/twolame-0.4.0/libtwolame/psycho_2_absthr.h Examining data/twolame-0.4.0/libtwolame/psycho_4.c Examining data/twolame-0.4.0/libtwolame/ath.h Examining data/twolame-0.4.0/libtwolame/psycho_n1.c Examining data/twolame-0.4.0/libtwolame/psycho_0.h Examining data/twolame-0.4.0/libtwolame/mem.h Examining data/twolame-0.4.0/libtwolame/encode.h Examining data/twolame-0.4.0/libtwolame/dab.h Examining data/twolame-0.4.0/libtwolame/psycho_1.h Examining data/twolame-0.4.0/libtwolame/bitbuffer.c Examining data/twolame-0.4.0/libtwolame/twolame.c Examining data/twolame-0.4.0/libtwolame/common.h Examining data/twolame-0.4.0/libtwolame/psycho_3.h Examining data/twolame-0.4.0/libtwolame/psycho_3.c Examining data/twolame-0.4.0/libtwolame/bitbuffer_inline.h Examining data/twolame-0.4.0/libtwolame/fft.c Examining data/twolame-0.4.0/libtwolame/twolame.h FINAL RESULTS: data/twolame-0.4.0/frontend/frontend.c:89:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname, extname); data/twolame-0.4.0/frontend/frontend.c:349:18: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((ch = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { data/twolame-0.4.0/frontend/frontend.c:42:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputfilename[MAX_NAME_SIZE] = "\0"; data/twolame-0.4.0/frontend/frontend.c:43:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputfilename[MAX_NAME_SIZE] = "\0"; data/twolame-0.4.0/frontend/frontend.c:362:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_out_samplerate(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:363:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sfinfo.samplerate = atoi(optarg); data/twolame-0.4.0/frontend/frontend.c:367:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sample_size = atoi(optarg); data/twolame-0.4.0/frontend/frontend.c:371:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sfinfo.channels = atoi(optarg); data/twolame-0.4.0/frontend/frontend.c:415:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_bitrate(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:419:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_psymodel(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:432:55: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_VBR_max_bitrate_kbps(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:441:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_quick_count(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:475:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_num_ancillary_bits(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:496:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). twolame_set_verbosity(encopts, atoi(optarg)); data/twolame-0.4.0/frontend/frontend.c:563:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b[2]; data/twolame-0.4.0/frontend/frontend.c:614:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(filename, "wb"); data/twolame-0.4.0/frontend/frontend.c:679:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sndlibver[128]; data/twolame-0.4.0/frontend/frontend.c:680:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char duration[40]; data/twolame-0.4.0/frontend/frontend.c:718:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filesize[20]; data/twolame-0.4.0/libtwolame/encode.c:988:47: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void vbr_maxmnr(FLOAT mnr[2][SBLIMIT], char used[2][SBLIMIT], int sblimit, data/twolame-0.4.0/libtwolame/encode.c:1046:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char used[2][SBLIMIT]; data/twolame-0.4.0/libtwolame/encode.c:1144:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static void maxmnr(FLOAT mnr[2][SBLIMIT], char used[2][SBLIMIT], int sblimit, data/twolame-0.4.0/libtwolame/encode.c:1197:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char used[2][SBLIMIT]; data/twolame-0.4.0/libtwolame/get_set.c:57:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *mode_name[6] = data/twolame-0.4.0/libtwolame/util.c:64:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *version_name[3] = { "MPEG-2 LSF", "MPEG-1", "Illegal Version" }; data/twolame-0.4.0/simplefrontend/audio_wave.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[sizeof(long) + 1]; data/twolame-0.4.0/simplefrontend/audio_wave.c:42:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charval[sizeof(long)]; data/twolame-0.4.0/simplefrontend/audio_wave.c:111:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char wave_header_buffer[40]; // HH fixed data/twolame-0.4.0/simplefrontend/audio_wave.c:120:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((file = fopen(inPath, "rb")) == NULL) { data/twolame-0.4.0/simplefrontend/simplefrontend.c:109:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfile = fopen(outputfilename, "wb")) == 0) { data/twolame-0.4.0/frontend/frontend.c:59:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dotpos = strlen(filename); data/twolame-0.4.0/frontend/frontend.c:80:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newname, filename, MAX_NAME_SIZE-1); data/twolame-0.4.0/frontend/frontend.c:83:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newname, filename, dotpos); data/twolame-0.4.0/frontend/frontend.c:88:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(newname) + strlen(extname) < MAX_NAME_SIZE-1) { data/twolame-0.4.0/frontend/frontend.c:88:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(newname) + strlen(extname) < MAX_NAME_SIZE-1) { data/twolame-0.4.0/frontend/frontend.c:528:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(inputfilename, *argv, MAX_NAME_SIZE-1); data/twolame-0.4.0/frontend/frontend.c:530:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(outputfilename, *argv, MAX_NAME_SIZE-1); data/twolame-0.4.0/simplefrontend/audio_wave.c:45:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(s, probe.charval, sizeof(long)); ANALYSIS SUMMARY: Hits = 38 Lines analyzed = 15395 in approximately 0.47 seconds (32946 lines/second) Physical Source Lines of Code (SLOC) = 9939 Hits@level = [0] 220 [1] 8 [2] 28 [3] 1 [4] 1 [5] 0 Hits@level+ = [0+] 258 [1+] 38 [2+] 30 [3+] 2 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 25.9583 [1+] 3.82332 [2+] 3.01841 [3+] 0.201227 [4+] 0.100614 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.