Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libimage-png-libpng-perl-0.47/my-xs.h Examining data/libimage-png-libpng-perl-0.47/perl-libpng.c FINAL RESULTS: data/libimage-png-libpng-perl-0.47/perl-libpng.c:107:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (x); \ data/libimage-png-libpng-perl-0.47/perl-libpng.c:836:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (out_bytes, read_point, byte_count_to_read); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2032:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. SV * row_sv = newSVpv ((char *) rows[r], rowbytes); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2164:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (r, pr, length); data/libimage-png-libpng-perl-0.47/my-xs.h:5:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (#field), 0); \ data/libimage-png-libpng-perl-0.47/my-xs.h:24:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (#field), 0); \ data/libimage-png-libpng-perl-0.47/my-xs.h:57:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (hash, #field, strlen (#field), something, 0) data/libimage-png-libpng-perl-0.47/my-xs.h:60:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (hash, #field, strlen (#field), \ data/libimage-png-libpng-perl-0.47/my-xs.h:61:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newSVpv (field, strlen (field)), 0) data/libimage-png-libpng-perl-0.47/my-xs.h:64:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (hash, #field, strlen (#field), \ data/libimage-png-libpng-perl-0.47/my-xs.h:65:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newSVpv (str->field, strlen (str->field)), 0) data/libimage-png-libpng-perl-0.47/my-xs.h:68:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (hash, #field, strlen (#field), \ data/libimage-png-libpng-perl-0.47/my-xs.h:72:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (hash, #field, strlen (#field), \ data/libimage-png-libpng-perl-0.47/my-xs.h:76:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (hash, #field, strlen (#field), \ data/libimage-png-libpng-perl-0.47/my-xs.h:96:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sv = newSVpv (value, strlen (value)); \ data/libimage-png-libpng-perl-0.47/perl-libpng.c:378:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen (lang_key); data/libimage-png-libpng-perl-0.47/perl-libpng.c:430:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f[1] = newSVpv (text_ptr->key, strlen (text_ptr->key)); data/libimage-png-libpng-perl-0.47/perl-libpng.c:443:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f[3] = newSVpv (text_ptr->lang, strlen (text_ptr->lang)); data/libimage-png-libpng-perl-0.47/perl-libpng.c:463:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (text_fields[i]), f[i], 0)) { data/libimage-png-libpng-perl-0.47/perl-libpng.c:538:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hv_fetch (chunk, "compression", strlen ("compression"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:695:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (time_fields[i]), f[i], 0)) { data/libimage-png-libpng-perl-0.47/perl-libpng.c:739:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (#field), 0); \ data/libimage-png-libpng-perl-0.47/perl-libpng.c:997:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SV ** fetched = hv_fetch (IHDR, #x, strlen (#x), 0); \ data/libimage-png-libpng-perl-0.47/perl-libpng.c:1098:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #x, strlen (#x), \ data/libimage-png-libpng-perl-0.47/perl-libpng.c:1149:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SV * rgb_sv = * (hv_fetch (palette_entry, #x, strlen (#x), 0)); \ data/libimage-png-libpng-perl-0.47/perl-libpng.c:1185:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (perl_colour, #x, strlen (#x), newSViv (colour->x), 0) data/libimage-png-libpng-perl-0.47/perl-libpng.c:1377:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "profile", strlen ("profile"), profile_sv, 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:1634:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sv = hv_fetch (perl_spalette, "entries", strlen ("entries"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:1973:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (perl_valid, #x, strlen (#x), newSViv (valid & PNG_INFO_ ## x), 0) data/libimage-png-libpng-perl-0.47/perl-libpng.c:2252:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define STORE(x) (void) hv_store (perl_chunk, #x, strlen (#x), x, 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2321:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy ((char *) png_chunk->name, (char *) name, data/libimage-png-libpng-perl-0.47/perl-libpng.c:2624:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "white_x", strlen ("white_x"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2626:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "white_y", strlen ("white_y"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2628:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "red_x", strlen ("red_x"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2630:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "red_y", strlen ("red_y"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2632:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "green_x", strlen ("green_x"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2634:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "green_y", strlen ("green_y"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2636:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "blue_x", strlen ("blue_x"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2638:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) hv_store (ice, "blue_y", strlen ("blue_y"), data/libimage-png-libpng-perl-0.47/perl-libpng.c:2664:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "white_x", strlen ("white_x"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2668:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "white_y", strlen ("white_y"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2672:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "red_x", strlen ("red_x"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2676:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "red_y", strlen ("red_y"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2680:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "green_x", strlen ("green_x"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2684:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "green_y", strlen ("green_y"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2688:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "blue_x", strlen ("blue_x"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2692:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_sv_ptr = hv_fetch (cHRM, "blue_y", strlen ("blue_y"), 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2928:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hv_store (split, "data", strlen ("data"), data, 0); data/libimage-png-libpng-perl-0.47/perl-libpng.c:2929:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hv_store (split, "alpha", strlen ("alpha"), alpha, 0); ANALYSIS SUMMARY: Hits = 49 Lines analyzed = 3038 in approximately 0.38 seconds (8012 lines/second) Physical Source Lines of Code (SLOC) = 2308 Hits@level = [0] 6 [1] 45 [2] 3 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 55 [1+] 49 [2+] 4 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 23.8302 [1+] 21.2305 [2+] 1.7331 [3+] 0.433276 [4+] 0.433276 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.