Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ace-of-penguins-1.5~rc2/games/canfield.c
Examining data/ace-of-penguins-1.5~rc2/games/solitaire.c
Examining data/ace-of-penguins-1.5~rc2/games/thornq.c
Examining data/ace-of-penguins-1.5~rc2/games/merlin.c
Examining data/ace-of-penguins-1.5~rc2/games/taipeilib.c
Examining data/ace-of-penguins-1.5~rc2/games/minesweeper.c
Examining data/ace-of-penguins-1.5~rc2/games/taipeilib.h
Examining data/ace-of-penguins-1.5~rc2/games/golf.c
Examining data/ace-of-penguins-1.5~rc2/games/taipei.c
Examining data/ace-of-penguins-1.5~rc2/games/mastermind.c
Examining data/ace-of-penguins-1.5~rc2/games/spider.c
Examining data/ace-of-penguins-1.5~rc2/games/taipedit.c
Examining data/ace-of-penguins-1.5~rc2/games/taipei.h
Examining data/ace-of-penguins-1.5~rc2/games/pegged.c
Examining data/ace-of-penguins-1.5~rc2/games/freecell.c
Examining data/ace-of-penguins-1.5~rc2/lib/imagelib.c
Examining data/ace-of-penguins-1.5~rc2/lib/make-imglib.c
Examining data/ace-of-penguins-1.5~rc2/lib/xwin.h
Examining data/ace-of-penguins-1.5~rc2/lib/text2c.c
Examining data/ace-of-penguins-1.5~rc2/lib/stack.c
Examining data/ace-of-penguins-1.5~rc2/lib/funcs.c
Examining data/ace-of-penguins-1.5~rc2/lib/imagelib.h
Examining data/ace-of-penguins-1.5~rc2/lib/table_rn.c
Examining data/ace-of-penguins-1.5~rc2/lib/funcs.h
Examining data/ace-of-penguins-1.5~rc2/lib/xwin.c
Examining data/ace-of-penguins-1.5~rc2/lib/penguins.c
Examining data/ace-of-penguins-1.5~rc2/lib/help.c
Examining data/ace-of-penguins-1.5~rc2/lib/cards.h
Examining data/ace-of-penguins-1.5~rc2/lib/table.h
Examining data/ace-of-penguins-1.5~rc2/lib/table.c
Examining data/ace-of-penguins-1.5~rc2/tests/test6.c
Examining data/ace-of-penguins-1.5~rc2/tests/test4.c
Examining data/ace-of-penguins-1.5~rc2/tests/test1.c
Examining data/ace-of-penguins-1.5~rc2/tests/test5.c
Examining data/ace-of-penguins-1.5~rc2/tests/penguins.c
Examining data/ace-of-penguins-1.5~rc2/tests/test3.c
FINAL RESULTS:
data/ace-of-penguins-1.5~rc2/games/taipei.c:471:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(n, "%s", tile_names[i]);
data/ace-of-penguins-1.5~rc2/lib/help.c:162:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "*-%s-%s-%s-*--*-%d-*-*-*-*-*-*",
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:23:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/%s", a, b);
data/ace-of-penguins-1.5~rc2/lib/xwin.c:263:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sl, "%s%s", AOP, name);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:244:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
switch (getopt(argc, argv, "vhn:i:d:m:")) {
data/ace-of-penguins-1.5~rc2/lib/penguins.c:61:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/ace-of-penguins-1.5~rc2/lib/stack.c:337:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/ace-of-penguins-1.5~rc2/lib/table_rn.c:38:1: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(unsigned seed)
data/ace-of-penguins-1.5~rc2/tests/penguins.c:57:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/ace-of-penguins-1.5~rc2/games/canfield.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base_mesg[14];
data/ace-of-penguins-1.5~rc2/games/canfield.c:80:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(base_mesg, "Base rank: %d", base_rank);
data/ace-of-penguins-1.5~rc2/games/canfield.c:166:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char names[5][5];
data/ace-of-penguins-1.5~rc2/games/canfield.c:172:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(names[n], "%c%c", face[VALUE(c)], suits[SUIT(c)]);
data/ace-of-penguins-1.5~rc2/games/freecell.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/games/freecell.c:167:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char names[5][5];
data/ace-of-penguins-1.5~rc2/games/freecell.c:172:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(names[n], "%c%c", face[VALUE(c)], suits[SUIT(c)]);
data/ace-of-penguins-1.5~rc2/games/golf.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[10];
data/ace-of-penguins-1.5~rc2/games/golf.c:110:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%2d", c);
data/ace-of-penguins-1.5~rc2/games/golf.c:112:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, " ");
data/ace-of-penguins-1.5~rc2/games/merlin.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char grid[9];
data/ace-of-penguins-1.5~rc2/games/merlin.c:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char affects[9][9] = {
data/ace-of-penguins-1.5~rc2/games/minesweeper.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char grid[32][32];
data/ace-of-penguins-1.5~rc2/games/minesweeper.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bomb[32][32];
data/ace-of-penguins-1.5~rc2/games/minesweeper.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char neighbors[32][32];
data/ace-of-penguins-1.5~rc2/games/minesweeper.c:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[4];
data/ace-of-penguins-1.5~rc2/games/minesweeper.c:177:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp, "000");
data/ace-of-penguins-1.5~rc2/games/minesweeper.c:179:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%03d", untagged);
data/ace-of-penguins-1.5~rc2/games/pegged.c:154:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char grid[MAXX+1][MAXY+1];
data/ace-of-penguins-1.5~rc2/games/solitaire.c:639:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10] = "";
data/ace-of-penguins-1.5~rc2/games/solitaire.c:643:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "$%d", winnings);
data/ace-of-penguins-1.5~rc2/games/taipedit.c:45:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "w");
data/ace-of-penguins-1.5~rc2/games/taipedit.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[10];
data/ace-of-penguins-1.5~rc2/games/taipedit.c:104:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%5d%c", tile_count, tile_count%4 ? '!' : ' ');
data/ace-of-penguins-1.5~rc2/games/taipedit.c:253:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char temp[GRID_SX][GRID_SY][GRID_SZ];
data/ace-of-penguins-1.5~rc2/games/taipedit.c:265:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(grid, temp, sizeof(temp));
data/ace-of-penguins-1.5~rc2/games/taipedit.c:367:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20];
data/ace-of-penguins-1.5~rc2/games/taipedit.c:378:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "n%d", x);
data/ace-of-penguins-1.5~rc2/games/taipei.c:138:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char exposures[GRID_SX][GRID_SY][GRID_SZ];
data/ace-of-penguins-1.5~rc2/games/taipei.c:336:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[10];
data/ace-of-penguins-1.5~rc2/games/taipei.c:347:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, " %3d %3d", num_tiles, c);
data/ace-of-penguins-1.5~rc2/games/taipei.c:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[20];
data/ace-of-penguins-1.5~rc2/games/taipeilib.c:24:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grid[GRID_SX][GRID_SY][GRID_SZ];
data/ace-of-penguins-1.5~rc2/games/taipeilib.c:35:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r");
data/ace-of-penguins-1.5~rc2/games/taipeilib.h:3:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char grid[GRID_SX][GRID_SY][GRID_SZ];
data/ace-of-penguins-1.5~rc2/games/thornq.c:280:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char names[5][5];
data/ace-of-penguins-1.5~rc2/games/thornq.c:286:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(names[n], "%c%c", face[VALUE(c)], suits[SUIT(c)]);
data/ace-of-penguins-1.5~rc2/lib/help.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/ace-of-penguins-1.5~rc2/lib/help.c:390:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r");
data/ace-of-penguins-1.5~rc2/lib/help.c:395:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file, text, l);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:84:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(concat(imagedir, de->d_name), "rb");
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:128:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", val);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:157:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(sub->filename, "rb");
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:258:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
depfile = fopen(optarg, "w");
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:295:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inf = fopen(argv[optind], "r");
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:320:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
img->a = atoi(tok);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:323:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
img->d = atoi(tok);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:338:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(outfname, "w");
data/ace-of-penguins-1.5~rc2/lib/penguins.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/lib/penguins.c:52:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/lib/stack.c:224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/lib/stack.c:233:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/lib/stack.c:540:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->cards + dest->num_cards,
data/ace-of-penguins-1.5~rc2/lib/stack.c:575:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(src->cards + src->num_cards - num, temp, num * sizeof(int));
data/ace-of-penguins-1.5~rc2/lib/table.c:122:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
*(char **)(options[i][o].ptr) = argv[a+1];
data/ace-of-penguins-1.5~rc2/lib/xwin.c:586:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, *bytes, length);
data/ace-of-penguins-1.5~rc2/tests/penguins.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/tests/penguins.c:49:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/tests/test1.c:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/tests/test1.c:40:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/tests/test3.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/tests/test3.c:51:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/tests/test4.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/tests/test4.c:50:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/tests/test5.c:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/ace-of-penguins-1.5~rc2/tests/test5.c:50:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%c%c", values[v], suits[s]);
data/ace-of-penguins-1.5~rc2/lib/help.c:178:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tags[i].taglen = strlen(tags[i].tag);
data/ace-of-penguins-1.5~rc2/lib/help.c:208:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XDrawString(display, window, gc, w->x-mx, w->y, w->ptr, strlen(w->ptr));
data/ace-of-penguins-1.5~rc2/lib/help.c:260:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XDrawString(display, window, gc, w->x, w->y-vscroll, w->ptr, strlen(w->ptr));
data/ace-of-penguins-1.5~rc2/lib/help.c:393:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(text)+1;
data/ace-of-penguins-1.5~rc2/lib/help.c:493:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents(fs, w->ptr, strlen(w->ptr),
data/ace-of-penguins-1.5~rc2/lib/help.c:616:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
w->width, strlen(w->ptr), w->ptr);
data/ace-of-penguins-1.5~rc2/lib/help.c:625:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
w->width, strlen(w->ptr), w->ptr);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:21:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(a) + strlen(b) + 2;
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:21:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(a) + strlen(b) + 2;
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:136:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (print_col + strlen(buf) > 70) {
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:141:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
print_col += strlen(buf);
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:162:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((byte = fgetc (f)) != EOF)
data/ace-of-penguins-1.5~rc2/lib/make-imglib.c:306:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inbuf[strlen(inbuf)] = 0;
data/ace-of-penguins-1.5~rc2/lib/text2c.c:33:15: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getchar()) != EOF)
data/ace-of-penguins-1.5~rc2/lib/xwin.c:262:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = (char *)malloc(strlen(name) + strlen(AOP)+1);
data/ace-of-penguins-1.5~rc2/lib/xwin.c:262:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = (char *)malloc(strlen(name) + strlen(AOP)+1);
data/ace-of-penguins-1.5~rc2/lib/xwin.c:573:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XDrawImageString(display, window, gc, x, y-font->descent, t, strlen(t));
ANALYSIS SUMMARY:
Hits = 93
Lines analyzed = 12003 in approximately 0.31 seconds (38215 lines/second)
Physical Source Lines of Code (SLOC) = 9852
Hits@level = [0] 91 [1] 17 [2] 67 [3] 5 [4] 4 [5] 0
Hits@level+ = [0+] 184 [1+] 93 [2+] 76 [3+] 9 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 18.6764 [1+] 9.43971 [2+] 7.71417 [3+] 0.91352 [4+] 0.406009 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.