Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/wkhtmltopdf-0.12.6/examples/image_c_api.c Examining data/wkhtmltopdf-0.12.6/examples/pdf_c_api.c Examining data/wkhtmltopdf-0.12.6/src/image/imagearguments.cc Examining data/wkhtmltopdf-0.12.6/src/image/imagecommandlineparser.cc Examining data/wkhtmltopdf-0.12.6/src/image/imagedocparts.cc Examining data/wkhtmltopdf-0.12.6/src/image/wkhtmltoimage.cc Examining data/wkhtmltopdf-0.12.6/src/lib/converter.cc Examining data/wkhtmltopdf-0.12.6/src/lib/doc.cc Examining data/wkhtmltopdf-0.12.6/src/lib/image.h Examining data/wkhtmltopdf-0.12.6/src/lib/image_c_bindings.cc Examining data/wkhtmltopdf-0.12.6/src/lib/imageconverter.cc Examining data/wkhtmltopdf-0.12.6/src/lib/imagesettings.cc Examining data/wkhtmltopdf-0.12.6/src/lib/loadsettings.cc Examining data/wkhtmltopdf-0.12.6/src/lib/logging.cc Examining data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc Examining data/wkhtmltopdf-0.12.6/src/lib/outline.cc Examining data/wkhtmltopdf-0.12.6/src/lib/pdf.h Examining data/wkhtmltopdf-0.12.6/src/lib/pdf_c_bindings.cc Examining data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc Examining data/wkhtmltopdf-0.12.6/src/lib/pdfsettings.cc Examining data/wkhtmltopdf-0.12.6/src/lib/reflect.cc Examining data/wkhtmltopdf-0.12.6/src/lib/tempfile.cc Examining data/wkhtmltopdf-0.12.6/src/lib/tocstylesheet.cc Examining data/wkhtmltopdf-0.12.6/src/lib/utilities.cc Examining data/wkhtmltopdf-0.12.6/src/lib/websettings.cc Examining data/wkhtmltopdf-0.12.6/src/pdf/pdfarguments.cc Examining data/wkhtmltopdf-0.12.6/src/pdf/pdfcommandlineparser.cc Examining data/wkhtmltopdf-0.12.6/src/pdf/pdfdocparts.cc Examining data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc Examining data/wkhtmltopdf-0.12.6/src/shared/arghandler.cc Examining data/wkhtmltopdf-0.12.6/src/shared/commandlineparserbase.cc Examining data/wkhtmltopdf-0.12.6/src/shared/commonarguments.cc Examining data/wkhtmltopdf-0.12.6/src/shared/commondocparts.cc Examining data/wkhtmltopdf-0.12.6/src/shared/htmloutputter.cc Examining data/wkhtmltopdf-0.12.6/src/shared/manoutputter.cc Examining data/wkhtmltopdf-0.12.6/src/shared/outputter.cc Examining data/wkhtmltopdf-0.12.6/src/shared/progressfeedback.cc Examining data/wkhtmltopdf-0.12.6/src/shared/textoutputter.cc FINAL RESULTS: data/wkhtmltopdf-0.12.6/src/shared/htmloutputter.cc:97:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fd, ordered?"<ol>":"<ul>"); data/wkhtmltopdf-0.12.6/src/shared/htmloutputter.cc:101:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fd, ordered?"</ol>":"</ul>"); data/wkhtmltopdf-0.12.6/src/lib/imageconverter.cc:156:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). openOk = file.open(QIODevice::WriteOnly); data/wkhtmltopdf-0.12.6/src/lib/imageconverter.cc:161:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). openOk = file.open(stdout, QIODevice::WriteOnly); data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:120:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(keyFile.open(QFile::ReadOnly)){ data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:459:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!f.open(QIODevice::ReadOnly) ) { data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:529:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cookieJar.open(QIODevice::ReadOnly | QIODevice::Text) ) data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:535:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (cookieJar.open(QIODevice::WriteOnly | QIODevice::Text) ) data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:659:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!tmp.open(QIODevice::WriteOnly) || tmp.write(data->toUtf8())==0) { data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:665:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in.open(stdin,QIODevice::ReadOnly); data/wkhtmltopdf-0.12.6/src/lib/multipageloader.cc:668:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!tmp.open(QIODevice::WriteOnly) || !copyFile(in, tmp)) { data/wkhtmltopdf-0.12.6/src/lib/pdf_c_bindings.cc:290:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x[256]; data/wkhtmltopdf-0.12.6/src/lib/pdf_c_bindings.cc:291:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(x, "wkhtmltox"); data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:58:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out.open(QIODevice::WriteOnly | QIODevice::Truncate | QIODevice::Text); data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:500:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!styleFile.open(QIODevice::ReadOnly)) { data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:506:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!xmlFile.open(QIODevice::ReadOnly)) { data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:513:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!htmlFile.open(QIODevice::WriteOnly)) { data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:1029:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( !i.open(QIODevice::ReadOnly) || data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:1030:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). !o.open(stdout,QIODevice::WriteOnly) || data/wkhtmltopdf-0.12.6/src/lib/pdfconverter.cc:1042:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!i.open(QIODevice::ReadOnly)) { data/wkhtmltopdf-0.12.6/src/pdf/pdfarguments.cc:126:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file.open(stdout, QIODevice::WriteOnly | QIODevice::Text); data/wkhtmltopdf-0.12.6/src/shared/commondocparts.cc:43:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file.open(QIODevice::ReadOnly | QIODevice::Text); data/wkhtmltopdf-0.12.6/src/shared/commondocparts.cc:56:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file.open(QIODevice::ReadOnly | QIODevice::Text); data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:60:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (int read=0; buff[read]!='\0'; ++read) { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:60:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (int read=0; buff[read]!='\0'; ++read) { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:65:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]!=' ' && buff[read]!='\t' && buff[read]!='\r' && buff[read]!='\n') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:65:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]!=' ' && buff[read]!='\t' && buff[read]!='\r' && buff[read]!='\n') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:65:52: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]!=' ' && buff[read]!='\t' && buff[read]!='\r' && buff[read]!='\n') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:65:72: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]!=' ' && buff[read]!='\t' && buff[read]!='\r' && buff[read]!='\n') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:66:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). --read; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:72:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]=='\'') next_state=q1; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:73:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]=='"') next_state=q2; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:74:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]=='\\') next_state=tok_esc; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:75:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]==' ' || buff[read]=='\t' || buff[read]=='\n' || buff[read]=='\r') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:75:37: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]==' ' || buff[read]=='\t' || buff[read]=='\n' || buff[read]=='\r') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:75:57: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]==' ' || buff[read]=='\t' || buff[read]=='\n' || buff[read]=='\r') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:75:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]==' ' || buff[read]=='\t' || buff[read]=='\n' || buff[read]=='\r') { data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:88:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). } else buff[write++] = buff[read]; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:92:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]=='\'') next_state=tok; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:93:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]=='\\') next_state=q1_esc; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:94:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else buff[write++] = buff[read]; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:98:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (buff[read]=='"') next_state=tok; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:99:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else if (buff[read]=='\\') next_state=q2_esc; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:100:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else buff[write++] = buff[read]; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:105:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buff[write++] = buff[read]; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:110:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buff[write++] = buff[read]; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:115:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buff[write++] = buff[read]; data/wkhtmltopdf-0.12.6/src/pdf/wkhtmltopdf.cc:158:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes += strlen(p); ANALYSIS SUMMARY: Hits = 48 Lines analyzed = 8090 in approximately 0.27 seconds (29530 lines/second) Physical Source Lines of Code (SLOC) = 4925 Hits@level = [0] 123 [1] 25 [2] 21 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 171 [1+] 48 [2+] 23 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 34.7208 [1+] 9.74619 [2+] 4.67005 [3+] 0.406091 [4+] 0.406091 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.