Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ams.lv2-1.2.2/src/absolute.cpp Examining data/ams.lv2-1.2.2/src/absolute.hpp Examining data/ams.lv2-1.2.2/src/absolute_ttl.hpp Examining data/ams.lv2-1.2.2/src/ad.cpp Examining data/ams.lv2-1.2.2/src/ad.hpp Examining data/ams.lv2-1.2.2/src/ad_2_ttl.hpp Examining data/ams.lv2-1.2.2/src/ad_4_ttl.hpp Examining data/ams.lv2-1.2.2/src/ad_6_ttl.hpp Examining data/ams.lv2-1.2.2/src/ad_gui.cpp Examining data/ams.lv2-1.2.2/src/ad_gui.hpp Examining data/ams.lv2-1.2.2/src/advenv.cpp Examining data/ams.lv2-1.2.2/src/advenv.hpp Examining data/ams.lv2-1.2.2/src/advenv_gui.cpp Examining data/ams.lv2-1.2.2/src/advenv_gui.hpp Examining data/ams.lv2-1.2.2/src/advenv_gui_scope.cpp Examining data/ams.lv2-1.2.2/src/advenv_gui_scope.hpp Examining data/ams.lv2-1.2.2/src/advenv_ttl.hpp Examining data/ams.lv2-1.2.2/src/amp.cpp Examining data/ams.lv2-1.2.2/src/amp.hpp Examining data/ams.lv2-1.2.2/src/amp_gui.cpp Examining data/ams.lv2-1.2.2/src/amp_gui.hpp Examining data/ams.lv2-1.2.2/src/amp_ttl.hpp Examining data/ams.lv2-1.2.2/src/amplitude.cpp Examining data/ams.lv2-1.2.2/src/amplitude.hpp Examining data/ams.lv2-1.2.2/src/amplitude_ttl.hpp Examining data/ams.lv2-1.2.2/src/analogmemory.cpp Examining data/ams.lv2-1.2.2/src/analogmemory.hpp Examining data/ams.lv2-1.2.2/src/analogmemory_gui.cpp Examining data/ams.lv2-1.2.2/src/analogmemory_gui.hpp Examining data/ams.lv2-1.2.2/src/analogmemory_ttl.hpp Examining data/ams.lv2-1.2.2/src/bitgrinder.cpp Examining data/ams.lv2-1.2.2/src/bitgrinder.hpp Examining data/ams.lv2-1.2.2/src/bitgrinder_gui.cpp Examining data/ams.lv2-1.2.2/src/bitgrinder_gui.hpp Examining data/ams.lv2-1.2.2/src/bitgrinder_ttl.hpp Examining data/ams.lv2-1.2.2/src/controltocv.cpp Examining data/ams.lv2-1.2.2/src/controltocv.hpp Examining data/ams.lv2-1.2.2/src/controltocv_ttl.hpp Examining data/ams.lv2-1.2.2/src/cvs.cpp Examining data/ams.lv2-1.2.2/src/cvs.hpp Examining data/ams.lv2-1.2.2/src/cvs_gui.cpp Examining data/ams.lv2-1.2.2/src/cvs_gui.hpp Examining data/ams.lv2-1.2.2/src/cvs_ttl.hpp Examining data/ams.lv2-1.2.2/src/cvtocontrol.cpp Examining data/ams.lv2-1.2.2/src/cvtocontrol.hpp Examining data/ams.lv2-1.2.2/src/cvtocontrol_ttl.hpp Examining data/ams.lv2-1.2.2/src/delay.cpp Examining data/ams.lv2-1.2.2/src/delay.hpp Examining data/ams.lv2-1.2.2/src/delay_gui.cpp Examining data/ams.lv2-1.2.2/src/delay_gui.hpp Examining data/ams.lv2-1.2.2/src/delay_ttl.hpp Examining data/ams.lv2-1.2.2/src/dial.cpp Examining data/ams.lv2-1.2.2/src/dial.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves.cpp Examining data/ams.lv2-1.2.2/src/dynamicwaves.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2.cpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2_4_ttl.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2_6_ttl.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2_8_ttl.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2_gui.cpp Examining data/ams.lv2-1.2.2/src/dynamicwaves2_gui.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_4_ttl.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_6_ttl.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_8_ttl.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_gui.cpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_gui.hpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_scope.cpp Examining data/ams.lv2-1.2.2/src/dynamicwaves_scope.hpp Examining data/ams.lv2-1.2.2/src/env.cpp Examining data/ams.lv2-1.2.2/src/env.hpp Examining data/ams.lv2-1.2.2/src/env_gui.cpp Examining data/ams.lv2-1.2.2/src/env_gui.hpp Examining data/ams.lv2-1.2.2/src/env_gui_scope.cpp Examining data/ams.lv2-1.2.2/src/env_gui_scope.hpp Examining data/ams.lv2-1.2.2/src/env_ttl.hpp Examining data/ams.lv2-1.2.2/src/fftvocoder.cpp Examining data/ams.lv2-1.2.2/src/fftvocoder.hpp Examining data/ams.lv2-1.2.2/src/fftvocoder_gui.cpp Examining data/ams.lv2-1.2.2/src/fftvocoder_gui.hpp Examining data/ams.lv2-1.2.2/src/fftvocoder_ttl.hpp Examining data/ams.lv2-1.2.2/src/haas.cpp Examining data/ams.lv2-1.2.2/src/haas.hpp Examining data/ams.lv2-1.2.2/src/haas_gui.cpp Examining data/ams.lv2-1.2.2/src/haas_gui.hpp Examining data/ams.lv2-1.2.2/src/haas_ttl.hpp Examining data/ams.lv2-1.2.2/src/hysteresis.cpp Examining data/ams.lv2-1.2.2/src/hysteresis.hpp Examining data/ams.lv2-1.2.2/src/hysteresis_gui.cpp Examining data/ams.lv2-1.2.2/src/hysteresis_gui.hpp Examining data/ams.lv2-1.2.2/src/hysteresis_ttl.hpp Examining data/ams.lv2-1.2.2/src/hztovc.cpp Examining data/ams.lv2-1.2.2/src/hztovc.hpp Examining data/ams.lv2-1.2.2/src/hztovc_gui.cpp Examining data/ams.lv2-1.2.2/src/hztovc_gui.hpp Examining data/ams.lv2-1.2.2/src/hztovc_ttl.hpp Examining data/ams.lv2-1.2.2/src/inv.cpp Examining data/ams.lv2-1.2.2/src/inv.hpp Examining data/ams.lv2-1.2.2/src/inv_ttl.hpp Examining data/ams.lv2-1.2.2/src/labeleddial.cpp Examining data/ams.lv2-1.2.2/src/labeleddial.hpp Examining data/ams.lv2-1.2.2/src/lfo.cpp Examining data/ams.lv2-1.2.2/src/lfo.hpp Examining data/ams.lv2-1.2.2/src/lfo2_freq.cpp Examining data/ams.lv2-1.2.2/src/lfo2_freq.hpp Examining data/ams.lv2-1.2.2/src/lfo2_freq_gui.cpp Examining data/ams.lv2-1.2.2/src/lfo2_freq_gui.hpp Examining data/ams.lv2-1.2.2/src/lfo2_freq_ttl.hpp Examining data/ams.lv2-1.2.2/src/lfo2_tempo.cpp Examining data/ams.lv2-1.2.2/src/lfo2_tempo.hpp Examining data/ams.lv2-1.2.2/src/lfo2_tempo_gui.cpp Examining data/ams.lv2-1.2.2/src/lfo2_tempo_gui.hpp Examining data/ams.lv2-1.2.2/src/lfo2_tempo_ttl.hpp Examining data/ams.lv2-1.2.2/src/lfo_gui.cpp Examining data/ams.lv2-1.2.2/src/lfo_gui.hpp Examining data/ams.lv2-1.2.2/src/lfo_ttl.hpp Examining data/ams.lv2-1.2.2/src/mixer_2ch.cpp Examining data/ams.lv2-1.2.2/src/mixer_2ch.hpp Examining data/ams.lv2-1.2.2/src/mixer_2ch_gui.cpp Examining data/ams.lv2-1.2.2/src/mixer_2ch_gui.hpp Examining data/ams.lv2-1.2.2/src/mixer_2ch_ttl.hpp Examining data/ams.lv2-1.2.2/src/mixer_4ch.cpp Examining data/ams.lv2-1.2.2/src/mixer_4ch.hpp Examining data/ams.lv2-1.2.2/src/mixer_4ch_gui.cpp Examining data/ams.lv2-1.2.2/src/mixer_4ch_gui.hpp Examining data/ams.lv2-1.2.2/src/mixer_4ch_ttl.hpp Examining data/ams.lv2-1.2.2/src/mixer_8ch.cpp Examining data/ams.lv2-1.2.2/src/mixer_8ch.hpp Examining data/ams.lv2-1.2.2/src/mixer_8ch_gui.cpp Examining data/ams.lv2-1.2.2/src/mixer_8ch_gui.hpp Examining data/ams.lv2-1.2.2/src/mixer_8ch_ttl.hpp Examining data/ams.lv2-1.2.2/src/mooglpf.cpp Examining data/ams.lv2-1.2.2/src/mooglpf.hpp Examining data/ams.lv2-1.2.2/src/mooglpf_gui.cpp Examining data/ams.lv2-1.2.2/src/mooglpf_gui.hpp Examining data/ams.lv2-1.2.2/src/mooglpf_ttl.hpp Examining data/ams.lv2-1.2.2/src/multiphase_lfo.cpp Examining data/ams.lv2-1.2.2/src/multiphase_lfo.hpp Examining data/ams.lv2-1.2.2/src/multiphase_lfo_gui.cpp Examining data/ams.lv2-1.2.2/src/multiphase_lfo_gui.hpp Examining data/ams.lv2-1.2.2/src/multiphase_lfo_ttl.hpp Examining data/ams.lv2-1.2.2/src/my_box.cpp Examining data/ams.lv2-1.2.2/src/my_box.hpp Examining data/ams.lv2-1.2.2/src/noise2.cpp Examining data/ams.lv2-1.2.2/src/noise2.hpp Examining data/ams.lv2-1.2.2/src/noise2_gui.cpp Examining data/ams.lv2-1.2.2/src/noise2_gui.hpp Examining data/ams.lv2-1.2.2/src/noise2_ttl.hpp Examining data/ams.lv2-1.2.2/src/percussiveenv.cpp Examining data/ams.lv2-1.2.2/src/percussiveenv.hpp Examining data/ams.lv2-1.2.2/src/percussiveenv_gui.cpp Examining data/ams.lv2-1.2.2/src/percussiveenv_gui.hpp Examining data/ams.lv2-1.2.2/src/percussiveenv_gui_scope.cpp Examining data/ams.lv2-1.2.2/src/percussiveenv_gui_scope.hpp Examining data/ams.lv2-1.2.2/src/percussiveenv_ttl.hpp Examining data/ams.lv2-1.2.2/src/ringmodulator.cpp Examining data/ams.lv2-1.2.2/src/ringmodulator.hpp Examining data/ams.lv2-1.2.2/src/ringmodulator_gui.cpp Examining data/ams.lv2-1.2.2/src/ringmodulator_gui.hpp Examining data/ams.lv2-1.2.2/src/ringmodulator_ttl.hpp Examining data/ams.lv2-1.2.2/src/samplehold.cpp Examining data/ams.lv2-1.2.2/src/samplehold.hpp Examining data/ams.lv2-1.2.2/src/samplehold_gui.cpp Examining data/ams.lv2-1.2.2/src/samplehold_gui.hpp Examining data/ams.lv2-1.2.2/src/samplehold_ttl.hpp Examining data/ams.lv2-1.2.2/src/seq.cpp Examining data/ams.lv2-1.2.2/src/seq.hpp Examining data/ams.lv2-1.2.2/src/seq_12_ttl.hpp Examining data/ams.lv2-1.2.2/src/seq_16_ttl.hpp Examining data/ams.lv2-1.2.2/src/seq_24_ttl.hpp Examining data/ams.lv2-1.2.2/src/seq_32_ttl.hpp Examining data/ams.lv2-1.2.2/src/seq_8_ttl.hpp Examining data/ams.lv2-1.2.2/src/seq_gui.cpp Examining data/ams.lv2-1.2.2/src/seq_gui.hpp Examining data/ams.lv2-1.2.2/src/slew.cpp Examining data/ams.lv2-1.2.2/src/slew.hpp Examining data/ams.lv2-1.2.2/src/slew_gui.cpp Examining data/ams.lv2-1.2.2/src/slew_gui.hpp Examining data/ams.lv2-1.2.2/src/slew_ttl.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_2ch.cpp Examining data/ams.lv2-1.2.2/src/stereomixer_2ch.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_2ch_gui.cpp Examining data/ams.lv2-1.2.2/src/stereomixer_2ch_gui.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_2ch_ttl.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_4ch.cpp Examining data/ams.lv2-1.2.2/src/stereomixer_4ch.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_4ch_gui.cpp Examining data/ams.lv2-1.2.2/src/stereomixer_4ch_gui.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_4ch_ttl.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_8ch.cpp Examining data/ams.lv2-1.2.2/src/stereomixer_8ch.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_8ch_gui.cpp Examining data/ams.lv2-1.2.2/src/stereomixer_8ch_gui.hpp Examining data/ams.lv2-1.2.2/src/stereomixer_8ch_ttl.hpp Examining data/ams.lv2-1.2.2/src/synthdata.cpp Examining data/ams.lv2-1.2.2/src/synthdata.hpp Examining data/ams.lv2-1.2.2/src/transport.cpp Examining data/ams.lv2-1.2.2/src/transport.hpp Examining data/ams.lv2-1.2.2/src/transport_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcaexp.cpp Examining data/ams.lv2-1.2.2/src/vcaexp.hpp Examining data/ams.lv2-1.2.2/src/vcaexp_gui.cpp Examining data/ams.lv2-1.2.2/src/vcaexp_gui.hpp Examining data/ams.lv2-1.2.2/src/vcaexp_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcalin.cpp Examining data/ams.lv2-1.2.2/src/vcalin.hpp Examining data/ams.lv2-1.2.2/src/vcalin_gui.cpp Examining data/ams.lv2-1.2.2/src/vcalin_gui.hpp Examining data/ams.lv2-1.2.2/src/vcalin_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcdelay.cpp Examining data/ams.lv2-1.2.2/src/vcdelay.hpp Examining data/ams.lv2-1.2.2/src/vcdelay_gui.cpp Examining data/ams.lv2-1.2.2/src/vcdelay_gui.hpp Examining data/ams.lv2-1.2.2/src/vcdelay_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcdoubledecay.cpp Examining data/ams.lv2-1.2.2/src/vcdoubledecay.hpp Examining data/ams.lv2-1.2.2/src/vcdoubledecay_gui.cpp Examining data/ams.lv2-1.2.2/src/vcdoubledecay_gui.hpp Examining data/ams.lv2-1.2.2/src/vcdoubledecay_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcenv.cpp Examining data/ams.lv2-1.2.2/src/vcenv.hpp Examining data/ams.lv2-1.2.2/src/vcenv_gui.cpp Examining data/ams.lv2-1.2.2/src/vcenv_gui.hpp Examining data/ams.lv2-1.2.2/src/vcenv_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcenvii.cpp Examining data/ams.lv2-1.2.2/src/vcenvii.hpp Examining data/ams.lv2-1.2.2/src/vcenvii_gui.cpp Examining data/ams.lv2-1.2.2/src/vcenvii_gui.hpp Examining data/ams.lv2-1.2.2/src/vcenvii_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcf.cpp Examining data/ams.lv2-1.2.2/src/vcf.hpp Examining data/ams.lv2-1.2.2/src/vcf_gui.cpp Examining data/ams.lv2-1.2.2/src/vcf_gui.hpp Examining data/ams.lv2-1.2.2/src/vcf_ttl.hpp Examining data/ams.lv2-1.2.2/src/vco2.cpp Examining data/ams.lv2-1.2.2/src/vco2.hpp Examining data/ams.lv2-1.2.2/src/vco2_gui.cpp Examining data/ams.lv2-1.2.2/src/vco2_gui.hpp Examining data/ams.lv2-1.2.2/src/vco2_ttl.hpp Examining data/ams.lv2-1.2.2/src/vco3.cpp Examining data/ams.lv2-1.2.2/src/vco3.hpp Examining data/ams.lv2-1.2.2/src/vco3_gui.cpp Examining data/ams.lv2-1.2.2/src/vco3_gui.hpp Examining data/ams.lv2-1.2.2/src/vco3_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan.cpp Examining data/ams.lv2-1.2.2/src/vcorgan.hpp Examining data/ams.lv2-1.2.2/src/vcorgan2.cpp Examining data/ams.lv2-1.2.2/src/vcorgan2.hpp Examining data/ams.lv2-1.2.2/src/vcorgan2_4_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan2_6_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan2_8_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan2_gui.cpp Examining data/ams.lv2-1.2.2/src/vcorgan2_gui.hpp Examining data/ams.lv2-1.2.2/src/vcorgan_4_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan_6_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan_8_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcorgan_gui.cpp Examining data/ams.lv2-1.2.2/src/vcorgan_gui.hpp Examining data/ams.lv2-1.2.2/src/vcpanning.cpp Examining data/ams.lv2-1.2.2/src/vcpanning.hpp Examining data/ams.lv2-1.2.2/src/vcpanning_gui.cpp Examining data/ams.lv2-1.2.2/src/vcpanning_gui.hpp Examining data/ams.lv2-1.2.2/src/vcpanning_ttl.hpp Examining data/ams.lv2-1.2.2/src/vcswitch.cpp Examining data/ams.lv2-1.2.2/src/vcswitch.hpp Examining data/ams.lv2-1.2.2/src/vcswitch_gui.cpp Examining data/ams.lv2-1.2.2/src/vcswitch_gui.hpp Examining data/ams.lv2-1.2.2/src/vcswitch_ttl.hpp Examining data/ams.lv2-1.2.2/src/vctohz.cpp Examining data/ams.lv2-1.2.2/src/vctohz.hpp Examining data/ams.lv2-1.2.2/src/vctohz_gui.cpp Examining data/ams.lv2-1.2.2/src/vctohz_gui.hpp Examining data/ams.lv2-1.2.2/src/vctohz_ttl.hpp FINAL RESULTS: data/ams.lv2-1.2.2/src/ad.cpp:17:32: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. drift_a[l1] = 0.4 * (double) random() / (double) RAND_MAX - 0.2; data/ams.lv2-1.2.2/src/ad.cpp:18:32: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. drift_c[l1] = 0.4 * (double) random() / (double) RAND_MAX - 0.2; data/ams.lv2-1.2.2/src/ad.cpp:20:28: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. detune_a = 0.4 * (double) random() / (double) RAND_MAX - 0.2; data/ams.lv2-1.2.2/src/ad.cpp:21:28: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. detune_c = 0.4 * (double) random() / (double) RAND_MAX - 0.2; data/ams.lv2-1.2.2/src/ad.cpp:78:31: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. detune_c = 2.0 * (double) random() / (double) RAND_MAX - 1.0; data/ams.lv2-1.2.2/src/ad.cpp:85:35: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. drift_c[l5] = 2.0 * (double) random() / (double) RAND_MAX - 1.0; data/ams.lv2-1.2.2/src/lfo.cpp:28:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(abs(tm - 10000 * (tm % 100))); data/ams.lv2-1.2.2/src/lfo2_freq.cpp:30:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(abs(tm - 10000 * (tm % 100))); data/ams.lv2-1.2.2/src/lfo2_tempo.cpp:30:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(abs(tm - 10000 * (tm % 100))); data/ams.lv2-1.2.2/src/noise2.cpp:22:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(abs(t - 10000 * (t % 100))); ANALYSIS SUMMARY: Hits = 10 Lines analyzed = 20028 in approximately 0.53 seconds (37676 lines/second) Physical Source Lines of Code (SLOC) = 16717 Hits@level = [0] 0 [1] 0 [2] 0 [3] 10 [4] 0 [5] 0 Hits@level+ = [0+] 10 [1+] 10 [2+] 10 [3+] 10 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.598193 [1+] 0.598193 [2+] 0.598193 [3+] 0.598193 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.