Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/vcdimager-2.0.1+dfsg/example/info2.cpp
Examining data/vcdimager-2.0.1+dfsg/example/info1.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dtd.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcdxml.h
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dtd.h
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.h
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.h
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.h
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c
Examining data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.h
Examining data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c
Examining data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c
Examining data/vcdimager-2.0.1+dfsg/frontends/cli/vcdimager.c
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/types.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/files.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/inf.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/logging.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/version.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/sector.h
Examining data/vcdimager-2.0.1+dfsg/include/libvcd/info.h
Examining data/vcdimager-2.0.1+dfsg/test/check_bitfield.c
Examining data/vcdimager-2.0.1+dfsg/test/check_sizeof.c
Examining data/vcdimager-2.0.1+dfsg/test/testvcd.c
Examining data/vcdimager-2.0.1+dfsg/test/testassert.c
Examining data/vcdimager-2.0.1+dfsg/test/mpegscan2.c
Examining data/vcdimager-2.0.1+dfsg/test/testimage.c
Examining data/vcdimager-2.0.1+dfsg/test/mpegscan.c
Examining data/vcdimager-2.0.1+dfsg/lib/vcd_read.c
Examining data/vcdimager-2.0.1+dfsg/lib/pbc.h
Examining data/vcdimager-2.0.1+dfsg/lib/stream_stdio.h
Examining data/vcdimager-2.0.1+dfsg/lib/mpeg.h
Examining data/vcdimager-2.0.1+dfsg/lib/util.h
Examining data/vcdimager-2.0.1+dfsg/lib/image_cdrdao.c
Examining data/vcdimager-2.0.1+dfsg/lib/data_structures.h
Examining data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.h
Examining data/vcdimager-2.0.1+dfsg/lib/image_nrg.c
Examining data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c
Examining data/vcdimager-2.0.1+dfsg/lib/vcd_assert.h
Examining data/vcdimager-2.0.1+dfsg/lib/stream.c
Examining data/vcdimager-2.0.1+dfsg/lib/sector_private.h
Examining data/vcdimager-2.0.1+dfsg/lib/vcd_read.h
Examining data/vcdimager-2.0.1+dfsg/lib/salloc.c
Examining data/vcdimager-2.0.1+dfsg/lib/stream.h
Examining data/vcdimager-2.0.1+dfsg/lib/data_structures.c
Examining data/vcdimager-2.0.1+dfsg/lib/inf.c
Examining data/vcdimager-2.0.1+dfsg/lib/image.c
Examining data/vcdimager-2.0.1+dfsg/lib/vcd.c
Examining data/vcdimager-2.0.1+dfsg/lib/image_bincue.c
Examining data/vcdimager-2.0.1+dfsg/lib/obj.h
Examining data/vcdimager-2.0.1+dfsg/lib/mpeg.c
Examining data/vcdimager-2.0.1+dfsg/lib/directory.c
Examining data/vcdimager-2.0.1+dfsg/lib/files.c
Examining data/vcdimager-2.0.1+dfsg/lib/sector.c
Examining data/vcdimager-2.0.1+dfsg/lib/logging.c
Examining data/vcdimager-2.0.1+dfsg/lib/vcd.h
Examining data/vcdimager-2.0.1+dfsg/lib/directory.h
Examining data/vcdimager-2.0.1+dfsg/lib/info_private.h
Examining data/vcdimager-2.0.1+dfsg/lib/dict.h
Examining data/vcdimager-2.0.1+dfsg/lib/info_private.c
Examining data/vcdimager-2.0.1+dfsg/lib/bitvec.h
Examining data/vcdimager-2.0.1+dfsg/lib/pbc.c
Examining data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c
Examining data/vcdimager-2.0.1+dfsg/lib/image_sink.h
Examining data/vcdimager-2.0.1+dfsg/lib/salloc.h
Examining data/vcdimager-2.0.1+dfsg/lib/info.c
Examining data/vcdimager-2.0.1+dfsg/lib/util.c
FINAL RESULTS:
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:237:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (strbuf, _buf);
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:326:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout, vcd_version_string (true), "cdxa2mpeg");
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:243:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout,
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:288:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout,
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:444:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout,
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:473:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout, n % 8 ? "%d" : " %d",
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:479:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout,
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:498:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout,
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:592:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout,
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1079:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1085:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1091:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1097:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1108:42: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1112:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1121:42: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1124:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1133:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1136:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1144:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1154:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1159:30: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1175:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1223:38: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1231:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (!gl.show.no.delimiter) fprintf (stdout, DELIM);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1576:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout, vcd_version_string (true), "vcd-info");
data/vcdimager-2.0.1+dfsg/frontends/cli/vcdimager.c:286:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout, vcd_version_string (true), "vcdimager");
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.c:218:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stdout, vcd_version_string (true), vcd_xml_progname);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:541:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retval, argv[idx]);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:178:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (buf, pathname);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:180:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (buf, dentry->d_name);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:182:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (iso_name, dentry->d_name);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:52:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmp, prefix);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:53:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tmp, pathname);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:71:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buf, sizeof (buf), fmt, args);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:115:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buf, sizeof (buf), fmt, args);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:648:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (_tmp, path);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:649:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (_tmp, _name);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:689:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (new_path, path);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:690:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (new_path, (const char *) _tmp);
data/vcdimager-2.0.1+dfsg/lib/logging.c:101:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf)-1, format, args);
data/vcdimager-2.0.1+dfsg/lib/stream.c:122:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf (buf, sizeof(buf), format, args);
data/vcdimager-2.0.1+dfsg/lib/util.c:82:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (new_str, delim);
data/vcdimager-2.0.1+dfsg/lib/util.c:83:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (new_str, strv[n]);
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1338:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (segment_pathname, sizeof (segment_pathname), fmt, n);
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1437:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf (avseq_pathname, sizeof (avseq_pathname), fmt, n + 1);
data/vcdimager-2.0.1+dfsg/test/testvcd.c:77:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd), FRONTEND_DIR "cli/vcd-info -i %s", psz_source);
data/vcdimager-2.0.1+dfsg/test/testvcd.c:78:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
i_rc = system(cmd);
data/vcdimager-2.0.1+dfsg/test/testvcd.c:85:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd),
data/vcdimager-2.0.1+dfsg/test/testvcd.c:87:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
i_rc2 = system(cmd);
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:235:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[7] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:249:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
handle (riff_context *ctxt, char id[4])
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:347:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (args[0], "rb");
data/vcdimager-2.0.1+dfsg/frontends/cli/cdxa2mpeg.c:363:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen (args[1], "wb");
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:943:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _fullname[4096] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1331:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:279:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, }, *buf2;
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:132:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:295:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:337:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:349:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:370:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:168:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:169:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso_name[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:212:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:222:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *_TAG_STACK[16];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:69:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:113:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_minfo.c:252:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(_TAG_FD = fopen (_output_file, "w")))
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:100:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf2[strlen (namebuf) + 2];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:153:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _fullname[4096] = { 0, };
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:267:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:343:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:387:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:415:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[80];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:896:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(outfd = fopen (_fs->file_src, "wb")))
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:904:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[blocksize];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:958:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(outfd = fopen (p_seg->src, "wb")))
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:1074:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(outfd = fopen (_seq->src, "wb")))
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ID[8]; /**< "ENTRYVCD" or "ENTRYSVD" */
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:188:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ID[8]; /**< const "VIDEO_CD" for
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:200:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char album_desc[16]; /**< album identification/desc. */
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[2]; /**< Reserved, must be zero */
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:411:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_id[sizeof(TRACKS_SVD_FILE_ID)-1]; /**< == "TRACKSVD" with out
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_id[sizeof(TRACKS_SVD_FILE_ID)-1]; /**< == "TRACKSVD" */
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:457:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_id[sizeof(SEARCH_FILE_ID)-1]; /**< == "SEARCHSV" without final
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:477:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_id[sizeof(SPICONTX_FILE_ID)-1]; /**< = "SPICONSV" without final
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:497:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_id[sizeof(SCANDATA_FILE_ID)-1]; /**< == "SCAN_VCD" without final
data/vcdimager-2.0.1+dfsg/include/libvcd/files_private.h:516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_id[sizeof(SCANDATA_FILE_ID)-1]; /**< == "SCAN_VCD" without final
data/vcdimager-2.0.1+dfsg/lib/files.c:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &entries_vcd, sizeof(entries_vcd));
data/vcdimager-2.0.1+dfsg/lib/files.c:311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, lot_vcd, sizeof(LotVcd_t));
data/vcdimager-2.0.1+dfsg/lib/files.c:462:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &info_vcd, sizeof(info_vcd));
data/vcdimager-2.0.1+dfsg/lib/files.c:468:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tracks_svd_buf[ISO_BLOCKSIZE] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/files.c:474:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tracks_svd->file_id, TRACKS_SVD_FILE_ID,
data/vcdimager-2.0.1+dfsg/lib/files.c:516:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, &tracks_svd_buf, sizeof(tracks_svd_buf));
data/vcdimager-2.0.1+dfsg/lib/files.c:522:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tracks_svd[ISO_BLOCKSIZE] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/files.c:538:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tracks_svd1->file_id, TRACKS_SVD_FILE_ID,
data/vcdimager-2.0.1+dfsg/lib/files.c:589:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, &tracks_svd, sizeof(tracks_svd));
data/vcdimager-2.0.1+dfsg/lib/files.c:746:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf, &search_dat, sizeof (search_dat));
data/vcdimager-2.0.1+dfsg/lib/image_cdrdao.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/image_nrg.c:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[EMPTY_ARRAY_SIZE] ;
data/vcdimager-2.0.1+dfsg/lib/inf.c:70:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _buf[BUF_COUNT][BUF_SIZE];
data/vcdimager-2.0.1+dfsg/lib/info.c:67:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _buf[BUF_COUNT][BUF_SIZE];
data/vcdimager-2.0.1+dfsg/lib/info.c:226:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *audio_types[3][5] =
data/vcdimager-2.0.1+dfsg/lib/info.c:344:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "??");
data/vcdimager-2.0.1+dfsg/lib/info.c:1559:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char psz_vol_id[ISO_MAX_VOLUME_ID+1] = {'\0'};
data/vcdimager-2.0.1+dfsg/lib/info.c:1575:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char volume_set_id[ISO_MAX_VOLUMESET_ID+1] = {'\0'};
data/vcdimager-2.0.1+dfsg/lib/info.c:1802:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/vcdimager-2.0.1+dfsg/lib/logging.c:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/mpeg.c:267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c:148:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2324] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c:405:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2324] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/mpeg_stream.c:448:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (packet_buf, buf, pkt_len);
data/vcdimager-2.0.1+dfsg/lib/sector.c:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (raw_sector->sync, sync_pattern, sizeof (sync_pattern));
data/vcdimager-2.0.1+dfsg/lib/sector.c:232:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char*)raw_sector+CDIO_CD_XA_SYNC_HEADER, data,
data/vcdimager-2.0.1+dfsg/lib/sector.c:238:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char*)raw_sector+CDIO_CD_XA_SYNC_HEADER, data,
data/vcdimager-2.0.1+dfsg/lib/sector.c:253:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char*)raw_sector+12+4, data, M2RAW_SECTOR_SIZE);
data/vcdimager-2.0.1+dfsg/lib/stream.c:59:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (obj->op.open(obj->user_data))
data/vcdimager-2.0.1+dfsg/lib/stream.c:76:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(new_obj->op), funcs, sizeof(vcd_data_sink_io_functions));
data/vcdimager-2.0.1+dfsg/lib/stream.c:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/stream.c:173:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (obj->op.open(obj->user_data))
data/vcdimager-2.0.1+dfsg/lib/stream.c:213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(new_obj->op), funcs, sizeof(vcd_data_source_io_functions));
data/vcdimager-2.0.1+dfsg/lib/stream.h:54:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vcd_data_open_t open;
data/vcdimager-2.0.1+dfsg/lib/stream.h:85:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vcd_data_open_t open;
data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:52:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ud->fd = fopen (ud->pathname, "rb")))
data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:66:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ud->fd = fopen (ud->pathname, "wb")))
data/vcdimager-2.0.1+dfsg/lib/util.c:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _delim[2] = { 0, 0 };
data/vcdimager-2.0.1+dfsg/lib/util.c:141:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (new_mem, mem, count);
data/vcdimager-2.0.1+dfsg/lib/vcd.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char zero[CDIO_CD_FRAMESIZE_RAW] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1319:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char segment_pathname[128] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1398:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avseq_pathname[128] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1523:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CDIO_CD_FRAMESIZE_RAW] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1539:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CDIO_CD_FRAMESIZE_RAW] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[M2RAW_SECTOR_SIZE] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1593:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CDIO_CD_FRAMESIZE] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2324];
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1651:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1675:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = { 0, }, buf2[1024] = { 0, };
data/vcdimager-2.0.1+dfsg/test/mpegscan2.c:80:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2324];
data/vcdimager-2.0.1+dfsg/test/testimage.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[M2RAW_SECTOR_SIZE];
data/vcdimager-2.0.1+dfsg/test/testimage.c:60:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lsn = atoi (argv[3]);
data/vcdimager-2.0.1+dfsg/test/testimage.c:83:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen ("testimage.out", "wb");
data/vcdimager-2.0.1+dfsg/test/testvcd.c:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/vcdimager-2.0.1+dfsg/example/info1.c:84:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ISO_STANDARD_ID)))
data/vcdimager-2.0.1+dfsg/example/info2.cpp:84:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ISO_STANDARD_ID)))
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:947:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:947:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1);
data/vcdimager-2.0.1+dfsg/frontends/cli/vcd-info.c:1016:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ISO_STANDARD_ID)))
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:280:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buf, opt_arg, sizeof (buf));
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:281:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat (buf, ".toc", sizeof (buf)-strlen(buf)-1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:281:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (buf, ".toc", sizeof (buf)-strlen(buf)-1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_build.c:324:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buf, opt_arg, sizeof (buf));
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_common.c:237:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = (int) strlen (in) + 1;
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dtd.c:57:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (videocd_dtd),
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:533:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (retval);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:537:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (argv[idx]) + 1;
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_dump.c:542:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (retval, " ");
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:179:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (buf, "/");
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_gen.c:189:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (iso_name, "/");
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:51:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = calloc(1, strlen (prefix) + strlen (pathname) + 1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_master.c:51:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = calloc(1, strlen (prefix) + strlen (pathname) + 1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:646:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_tmp = malloc (strlen (path) + strlen (_name) + 1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:646:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_tmp = malloc (strlen (path) + strlen (_name) + 1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:688:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_path = malloc (strlen (path) + xmlStrlen (_tmp) + 1 + 1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_parse.c:703:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (new_path, "/");
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:100:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char namebuf2[strlen (namebuf) + 2];
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:156:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (_fullname, pathname, sizeof (_fullname));
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:157:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (_fullname, _name, sizeof (_fullname)-strlen(_fullname)-1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:157:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (_fullname, _name, sizeof (_fullname)-strlen(_fullname)-1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:176:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1);
data/vcdimager-2.0.1+dfsg/frontends/xml/vcd_xml_rip.c:176:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (_fullname, "/", sizeof (_fullname)-strlen(_fullname)-1);
data/vcdimager-2.0.1+dfsg/lib/directory.c:152:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reclen = iso9660_dir_calc_record_size (strlen (pathname),
data/vcdimager-2.0.1+dfsg/lib/info.c:1563:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(psz_vol_id, psz_vol_id2, ISO_MAX_VOLUME_ID);
data/vcdimager-2.0.1+dfsg/lib/info.c:1577:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(volume_set_id, p_obj->pvd.volume_set_id, ISO_MAX_VOLUMESET_ID);
data/vcdimager-2.0.1+dfsg/lib/info.c:1807:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buf, str, n);
data/vcdimager-2.0.1+dfsg/lib/info.c:1810:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = strlen (buf) - 1; j >= 0; j--)
data/vcdimager-2.0.1+dfsg/lib/info.c:1940:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ISO_XA_MARKER_STRING));
data/vcdimager-2.0.1+dfsg/lib/info.c:1953:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(*source_name)+1;
data/vcdimager-2.0.1+dfsg/lib/info.c:1955:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p_obj->source_name, *source_name, len);
data/vcdimager-2.0.1+dfsg/lib/stream.c:230:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_bytes = obj->op.read(obj->user_data, ptr, size*nmemb);
data/vcdimager-2.0.1+dfsg/lib/stream.h:88:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
vcd_data_read_t read;
data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:128:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
long read;
data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:132:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != count)
data/vcdimager-2.0.1+dfsg/lib/stream_stdio.c:148:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/vcdimager-2.0.1+dfsg/lib/util.c:69:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (count-1) * strlen (delim);
data/vcdimager-2.0.1+dfsg/lib/util.c:72:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (strv[n]);
data/vcdimager-2.0.1+dfsg/lib/vcd.c:856:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p_obj->iso_volume_label) > ISO_MAX_VOLUME_ID)
data/vcdimager-2.0.1+dfsg/lib/vcd.c:867:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p_obj->iso_publisher_id) > ISO_MAX_PUBLISHER_ID)
data/vcdimager-2.0.1+dfsg/lib/vcd.c:878:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p_obj->iso_preparer_id) > ISO_MAX_PREPARER_ID)
data/vcdimager-2.0.1+dfsg/lib/vcd.c:889:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p_obj->iso_application_id) > ISO_MAX_APPLICATION_ID)
data/vcdimager-2.0.1+dfsg/lib/vcd.c:900:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (p_obj->info_album_id) > 16)
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1034:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vcd_assert (strlen (iso_pathname) > 0);
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1699:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (buf2, buf, sizeof(buf2)-strlen(buf2)-i_buf2-1);
data/vcdimager-2.0.1+dfsg/lib/vcd.c:1699:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (buf2, buf, sizeof(buf2)-strlen(buf2)-i_buf2-1);
ANALYSIS SUMMARY:
Hits = 200
Lines analyzed = 26982 in approximately 0.70 seconds (38453 lines/second)
Physical Source Lines of Code (SLOC) = 18016
Hits@level = [0] 281 [1] 51 [2] 99 [3] 0 [4] 50 [5] 0
Hits@level+ = [0+] 481 [1+] 200 [2+] 149 [3+] 50 [4+] 50 [5+] 0
Hits/KSLOC@level+ = [0+] 26.6985 [1+] 11.1012 [2+] 8.27043 [3+] 2.77531 [4+] 2.77531 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.