Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/zopfli-1.0.3/src/zopfli/blocksplitter.c
Examining data/zopfli-1.0.3/src/zopfli/blocksplitter.h
Examining data/zopfli-1.0.3/src/zopfli/cache.c
Examining data/zopfli-1.0.3/src/zopfli/cache.h
Examining data/zopfli-1.0.3/src/zopfli/deflate.c
Examining data/zopfli-1.0.3/src/zopfli/deflate.h
Examining data/zopfli-1.0.3/src/zopfli/gzip_container.c
Examining data/zopfli-1.0.3/src/zopfli/gzip_container.h
Examining data/zopfli-1.0.3/src/zopfli/hash.c
Examining data/zopfli-1.0.3/src/zopfli/hash.h
Examining data/zopfli-1.0.3/src/zopfli/katajainen.c
Examining data/zopfli-1.0.3/src/zopfli/katajainen.h
Examining data/zopfli-1.0.3/src/zopfli/lz77.c
Examining data/zopfli-1.0.3/src/zopfli/lz77.h
Examining data/zopfli-1.0.3/src/zopfli/squeeze.c
Examining data/zopfli-1.0.3/src/zopfli/squeeze.h
Examining data/zopfli-1.0.3/src/zopfli/symbols.h
Examining data/zopfli-1.0.3/src/zopfli/tree.c
Examining data/zopfli-1.0.3/src/zopfli/tree.h
Examining data/zopfli-1.0.3/src/zopfli/util.c
Examining data/zopfli-1.0.3/src/zopfli/util.h
Examining data/zopfli-1.0.3/src/zopfli/zlib_container.c
Examining data/zopfli-1.0.3/src/zopfli/zlib_container.h
Examining data/zopfli-1.0.3/src/zopfli/zopfli.h
Examining data/zopfli-1.0.3/src/zopfli/zopfli_bin.c
Examining data/zopfli-1.0.3/src/zopfli/zopfli_lib.c
Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp
Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h
Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp
Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.h
Examining data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc
Examining data/zopfli-1.0.3/src/zopflipng/zopflipng_lib.h
Examining data/zopfli-1.0.3/src/zopflipng/zopflipng_lib.cc
FINAL RESULTS:
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:135:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result, str1);
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:136:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, str2);
data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:377:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(always_zopflify
data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:418:11: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(resultpng.size() == origoutfilesize
data/zopfli-1.0.3/src/zopfli/deflate.c:555:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ll_lengths, ll_lengths2, sizeof(ll_lengths2));
data/zopfli-1.0.3/src/zopfli/deflate.c:556:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d_lengths, d_lengths2, sizeof(d_lengths2));
data/zopfli-1.0.3/src/zopfli/squeeze.c:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->litlens, source->litlens,
data/zopfli-1.0.3/src/zopfli/squeeze.c:56:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->dists, source->dists, ZOPFLI_NUM_D * sizeof(dest->dists[0]));
data/zopfli-1.0.3/src/zopfli/squeeze.c:58:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->ll_symbols, source->ll_symbols,
data/zopfli-1.0.3/src/zopfli/squeeze.c:60:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->d_symbols, source->d_symbols,
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:51:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "rb");
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:86:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(filename, "wb" );
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:165:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
options.numiterations = atoi(arg + 3);
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:383:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "rb");
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:403:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "rb");
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:427:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "wb" );
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:2451:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void lodepng_chunk_type(char type[5], const unsigned char* chunk) {
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:2519:89: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char* lodepng_chunk_find(unsigned char* chunk, const unsigned char* end, const char type[5]) {
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:2527:107: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char* lodepng_chunk_find_const(const unsigned char* chunk, const unsigned char* end, const char type[5]) {
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:3819:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image[8];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5047:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[13];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5210:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[6];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5232:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[7];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5244:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[9];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5251:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5257:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[32];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:685:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[1024]; /*Remembers up to the first 256 RGBA colors, in no particular order, only valid when numcolors is valid*/
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:843:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void lodepng_chunk_type(char type[5], const unsigned char* chunk);
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:882:89: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char* lodepng_chunk_find(unsigned char* chunk, const unsigned char* end, const char type[5]);
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:883:107: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char* lodepng_chunk_find_const(const unsigned char* chunk, const unsigned char* end, const char type[5]);
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[5];
data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:53:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(filename.c_str(), "rb");
data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:64:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(filename.c_str(), "rb");
data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:192:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = atoi(value.c_str());
data/zopfli-1.0.3/src/zopflipng/zopflipng_lib.cc:520:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*resultpng,
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:132:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str1) + strlen(str2);
data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:132:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str1) + strlen(str2);
data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:428:30: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (int input = getchar()) {
ANALYSIS SUMMARY:
Hits = 41
Lines analyzed = 16279 in approximately 0.56 seconds (29257 lines/second)
Physical Source Lines of Code (SLOC) = 10362
Hits@level = [0] 52 [1] 3 [2] 34 [3] 0 [4] 4 [5] 0
Hits@level+ = [0+] 93 [1+] 41 [2+] 38 [3+] 4 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 8.9751 [1+] 3.95677 [2+] 3.66725 [3+] 0.386026 [4+] 0.386026 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.