Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/unifont-13.0.04/src/unihex2bmp.c
Examining data/unifont-13.0.04/src/unigencircles.c
Examining data/unifont-13.0.04/src/unibmp2hex.c
Examining data/unifont-13.0.04/src/unifontpic.c
Examining data/unifont-13.0.04/src/unicoverage.c
Examining data/unifont-13.0.04/src/unidup.c
Examining data/unifont-13.0.04/src/unipagecount.c
Examining data/unifont-13.0.04/src/unibdf2hex.c
Examining data/unifont-13.0.04/src/unifont1per.c
Examining data/unifont-13.0.04/src/unibmpbump.c
Examining data/unifont-13.0.04/src/unigenwidth.c
Examining data/unifont-13.0.04/src/unifontpic.h
Examining data/unifont-13.0.04/src/unihexgen.c
FINAL RESULTS:
data/unifont-13.0.04/src/unifont1per.c:115:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf (instring, "%X:%s", &code_point, glyph);
data/unifont-13.0.04/src/unibdf2hex.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[MAXBUF];
data/unifont-13.0.04/src/unibmp2hex.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filetype[2];
data/unifont-13.0.04/src/unibmp2hex.c:121:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char color_table[256][4]; /* R, G, B, alpha for up to 256 colors */
data/unifont-13.0.04/src/unibmp2hex.c:131:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[MAXBUF]; /* input buffer for bitmap file header */
data/unifont-13.0.04/src/unibmp2hex.c:136:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char thischar1[16], thischar2[16]; /* bytes of hex char */
data/unifont-13.0.04/src/unibmp2hex.c:137:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char thischar0[16], thischar3[16]; /* bytes for quadruple-width */
data/unifont-13.0.04/src/unibmp2hex.c:144:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitmap[17*32][18*32/8]; /* final bitmap */
data/unifont-13.0.04/src/unibmp2hex.c:150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wide[0x200000]={0x200000 * 0};
data/unifont-13.0.04/src/unibmp2hex.c:194:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infp = fopen (infile, "r")) == NULL) {
data/unifont-13.0.04/src/unibmp2hex.c:203:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfp = fopen (outfile, "w")) == NULL) {
data/unifont-13.0.04/src/unibmpbump.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_format[3]; /* "BM" for original Windows format */
data/unifont-13.0.04/src/unibmpbump.c:47:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rsvd_hdr[4]; /* 4 reserved bytes */
data/unifont-13.0.04/src/unibmpbump.c:80:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char color_map[2][4]; /* two of R, G, B, and possibly alpha */
data/unifont-13.0.04/src/unibmpbump.c:100:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *compression_type[MAX_COMPRESSION_METHOD + 1] = {
data/unifont-13.0.04/src/unibmpbump.c:183:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infp = fopen (infile, "r")) == NULL) {
data/unifont-13.0.04/src/unibmpbump.c:192:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfp = fopen (outfile, "w")) == NULL) {
data/unifont-13.0.04/src/unibmpbump.c:473:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inchar[4];
data/unifont-13.0.04/src/unibmpbump.c:500:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zero_pattern[16] = {
data/unifont-13.0.04/src/unicoverage.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[256]; /* input buffer */
data/unifont-13.0.04/src/unicoverage.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coverstring[MAXBUF]; /* description of current coverage range */
data/unifont-13.0.04/src/unicoverage.c:68:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((coveragefp = fopen ("coverage.dat", "r")) == NULL) {
data/unifont-13.0.04/src/unicoverage.c:97:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infp = fopen (infile, "r")) == NULL) {
data/unifont-13.0.04/src/unicoverage.c:106:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfp = fopen (outfile, "w")) == NULL) {
data/unifont-13.0.04/src/unicoverage.c:170:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inbuf[MAXBUF];
data/unifont-13.0.04/src/unidup.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[MAXBUF];
data/unifont-13.0.04/src/unidup.c:45:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infilefp = fopen (infile, "r")) == NULL) {
data/unifont-13.0.04/src/unifont1per.c:67:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header [62] = {
data/unifont-13.0.04/src/unifont1per.c:101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instring[MAXSTRING]; /* input string */
data/unifont-13.0.04/src/unifont1per.c:103:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char glyph[MAXSTRING]; /* bitmap string for this glyph */
data/unifont-13.0.04/src/unifont1per.c:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAXFILENAME];/* name of current output file */
data/unifont-13.0.04/src/unifont1per.c:121:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfp = fopen (filename, "w")) != NULL) {
data/unifont-13.0.04/src/unifontpic.c:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instring[MAXSTRING];
data/unifont-13.0.04/src/unifontpic.c:102:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dpi = atoi (&argv[i][2]); /* dots/inch specified on command line */
data/unifont-13.0.04/src/unifontpic.c:116:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plane = atoi (&argv[i][2]); /* Unicode plane, 0..17 */
data/unifont-13.0.04/src/unifontpic.c:192:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gethex (char *instring, int plane_array[0x10000][16], int plane)
data/unifont-13.0.04/src/unifontpic.c:267:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_string[HDR_LEN]; /* centered header */
data/unifont-13.0.04/src/unifontpic.c:268:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_header[HDR_LEN]; /* left-aligned header */
data/unifont-13.0.04/src/unifontpic.c:357:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&header_string[startcol], raw_header, hdrlen);
data/unifont-13.0.04/src/unifontpic.c:548:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_string[257];
data/unifont-13.0.04/src/unifontpic.c:549:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_header[HDR_LEN];
data/unifont-13.0.04/src/unifontpic.c:638:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&header_string[startcol], raw_header, hdrlen);
data/unifont-13.0.04/src/unifontpic.h:35:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ascii_hex [128] = {
data/unifont-13.0.04/src/unifontpic.h:178:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexdigit[16][5] = {
data/unifont-13.0.04/src/unigencircles.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teststring[MAXSTRING]; /* current input line */
data/unifont-13.0.04/src/unigencircles.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char combining[0x110000]; /* 1 --> combining glyph; 0 --> non-combining */
data/unifont-13.0.04/src/unigencircles.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x_offset [0x110000]; /* second value in *combining.txt files */
data/unifont-13.0.04/src/unigencircles.c:92:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infilefp = fopen (argv[1],"r")) == NULL) {
data/unifont-13.0.04/src/unigencircles.c:114:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infilefp = fopen (argv[2],"r")) == NULL) {
data/unifont-13.0.04/src/unigencircles.c:152:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newstring[256];
data/unifont-13.0.04/src/unigencircles.c:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char circle[32]={0x0,0x0, /* row 1 */
data/unifont-13.0.04/src/unigencircles.c:195:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (glyphstring, newstring, i);
data/unifont-13.0.04/src/unigencircles.c:208:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newstring[256];
data/unifont-13.0.04/src/unigencircles.c:213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char circle08[64]={0x0,0x0,0x0,0x0, /* row 1 */
data/unifont-13.0.04/src/unigencircles.c:232:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char circle16[64]={0x0,0x0,0x0,0x0, /* row 1 */
data/unifont-13.0.04/src/unigencircles.c:282:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (glyphstring, newstring, i);
data/unifont-13.0.04/src/unigenwidth.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teststring[MAXSTRING];
data/unifont-13.0.04/src/unigenwidth.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char glyph_width[0x20000];
data/unifont-13.0.04/src/unigenwidth.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pikto_width[PIKTO_SIZE];
data/unifont-13.0.04/src/unigenwidth.c:70:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infilefp = fopen (argv[1],"r")) == NULL) {
data/unifont-13.0.04/src/unigenwidth.c:101:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infilefp = fopen (argv[2],"r")) == NULL) {
data/unifont-13.0.04/src/unihex2bmp.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hex[18]= {
data/unifont-13.0.04/src/unihex2bmp.c:74:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hexbits[18][32]; /* The above digits converted into bitmap */
data/unifont-13.0.04/src/unihex2bmp.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[256]; /* input buffer */
data/unifont-13.0.04/src/unihex2bmp.c:99:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitmap[17*32][18*4]; /* final bitmap */
data/unifont-13.0.04/src/unihex2bmp.c:100:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char charbits[32][4]; /* bitmap for one character, 4 bytes/row */
data/unifont-13.0.04/src/unihex2bmp.c:151:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((infp = fopen (infile, "r")) == NULL) {
data/unifont-13.0.04/src/unihex2bmp.c:160:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfp = fopen (outfile, "w")) == NULL) {
data/unifont-13.0.04/src/unihex2bmp.c:340:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
hex2bit (char *instring, unsigned char character[32][4])
data/unifont-13.0.04/src/unihex2bmp.c:340:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
hex2bit (char *instring, unsigned char character[32][4])
data/unifont-13.0.04/src/unihex2bmp.c:384:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
init (unsigned char bitmap[17*32][18*4])
data/unifont-13.0.04/src/unihex2bmp.c:387:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char charbits[32][4]; /* bitmap for one character, 4 bytes/row */
data/unifont-13.0.04/src/unihexgen.c:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexdigit[16][5] = {
data/unifont-13.0.04/src/unipagecount.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[MAXBUF]; /* Max 256 characters in an input line */
data/unifont-13.0.04/src/unipagecount.c:76:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plane = atoi(&argv[1][2]);
data/unifont-13.0.04/src/unibmp2hex.c:193:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (infile) > 0) {
data/unifont-13.0.04/src/unibmp2hex.c:202:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (outfile) > 0) {
data/unifont-13.0.04/src/unibmp2hex.c:317:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((header[0] = fgetc (infp)) != EOF) {
data/unifont-13.0.04/src/unibmp2hex.c:318:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((header[1] = fgetc (infp)) != EOF) {
data/unifont-13.0.04/src/unibmp2hex.c:342:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
header[i] = fgetc (infp);
data/unifont-13.0.04/src/unibmp2hex.c:348:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inchar = fgetc (infp);
data/unifont-13.0.04/src/unibmp2hex.c:362:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
header[i] = fgetc (infp);
data/unifont-13.0.04/src/unibmp2hex.c:425:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
color_table[i][0] = fgetc (infp); /* Red */
data/unifont-13.0.04/src/unibmp2hex.c:426:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
color_table[i][1] = fgetc (infp); /* Green */
data/unifont-13.0.04/src/unibmp2hex.c:427:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
color_table[i][2] = fgetc (infp); /* Blue */
data/unifont-13.0.04/src/unibmp2hex.c:428:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
color_table[i][3] = fgetc (infp); /* Alpha */
data/unifont-13.0.04/src/unibmp2hex.c:473:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
next_pixels = fgetc (infp);
data/unifont-13.0.04/src/unibmp2hex.c:479:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this_pixel = (fgetc (infp) & 0xFF) +
data/unifont-13.0.04/src/unibmp2hex.c:480:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(fgetc (infp) & 0xFF) +
data/unifont-13.0.04/src/unibmp2hex.c:481:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(fgetc (infp) & 0xFF);
data/unifont-13.0.04/src/unibmp2hex.c:483:26: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) fgetc (infp); /* ignore alpha value */
data/unifont-13.0.04/src/unibmpbump.c:182:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (infile) > 0) {
data/unifont-13.0.04/src/unibmpbump.c:191:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (outfile) > 0) {
data/unifont-13.0.04/src/unicoverage.c:96:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (infile) > 0) {
data/unifont-13.0.04/src/unicoverage.c:105:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (outfile) > 0) {
data/unifont-13.0.04/src/unicoverage.c:175:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retval = strlen (inbuf);
data/unifont-13.0.04/src/unicoverage.c:183:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coverstring, &inbuf[i], MAXBUF);
data/unifont-13.0.04/src/unifont1per.c:117:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glyph_width = strlen (glyph) / (glyph_height / 4);
data/unifont-13.0.04/src/unifontpic.c:215:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ndigits = strlen (bitstring);
data/unifont-13.0.04/src/unifontpic.c:353:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen (raw_header);
data/unifont-13.0.04/src/unifontpic.c:633:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen (raw_header);
data/unifont-13.0.04/src/unigencircles.c:133:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (gstart) < 35)
data/unifont-13.0.04/src/unigenwidth.c:88:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glyph_width[loc] = (strlen (gstart) - 1) >> 5;
data/unifont-13.0.04/src/unigenwidth.c:92:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pikto_width[loc - PIKTO_START] = strlen (gstart) <= 34 ? 1 : 2;
data/unifont-13.0.04/src/unihex2bmp.c:150:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (infile) > 0) {
data/unifont-13.0.04/src/unihex2bmp.c:159:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (outfile) > 0) {
data/unifont-13.0.04/src/unihex2bmp.c:352:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (instring) <= 34) /* 32 + possible '\r', '\n' */
data/unifont-13.0.04/src/unihex2bmp.c:354:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (instring) <= 66) /* 64 + possible '\r', '\n' */
data/unifont-13.0.04/src/unihex2bmp.c:356:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (instring) <= 98) /* 96 + possible '\r', '\n' */
data/unifont-13.0.04/src/unipagecount.c:58:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen();
ANALYSIS SUMMARY:
Hits = 110
Lines analyzed = 4422 in approximately 0.20 seconds (21600 lines/second)
Physical Source Lines of Code (SLOC) = 2611
Hits@level = [0] 347 [1] 35 [2] 74 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 457 [1+] 110 [2+] 75 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 175.029 [1+] 42.1295 [2+] 28.7246 [3+] 0.382995 [4+] 0.382995 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.