Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/blockout2-2.5+dfsg1/BlockOut/BlockOrientation.h Examining data/blockout2-2.5+dfsg1/BlockOut/BlockOut.h Examining data/blockout2-2.5+dfsg1/BlockOut/BotMatrix.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/BotMatrix.h Examining data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.h Examining data/blockout2-2.5+dfsg1/BlockOut/BotPlayerAI.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.h Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLMatrix.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLMatrix.h Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.h Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.h Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Game.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Game.h Examining data/blockout2-2.5+dfsg1/BlockOut/Http.h Examining data/blockout2-2.5+dfsg1/BlockOut/InitPolyCube.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Menu.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/MenuGrid.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/MenuGrid.h Examining data/blockout2-2.5+dfsg1/BlockOut/MenuPage.h Examining data/blockout2-2.5+dfsg1/BlockOut/PageChangeSetup.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageChooseSetup.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageControls.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageCredits.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageGSOptions.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageMainMenu.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageOptions.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PageStartGame.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Pit.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Pit.h Examining data/blockout2-2.5+dfsg1/BlockOut/PolyCube.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/PolyCube.h Examining data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Sprites.h Examining data/blockout2-2.5+dfsg1/BlockOut/SoundManager.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Types.h Examining data/blockout2-2.5+dfsg1/BlockOut/MenuGraphics.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Menu.h Examining data/blockout2-2.5+dfsg1/BlockOut/SetupManager.h Examining data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/EditControl.h Examining data/blockout2-2.5+dfsg1/BlockOut/SoundManager.h Examining data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/BlockOut.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Http.cpp Examining data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp Examining data/blockout2-2.5+dfsg1/ImageLib/include/CImage.h Examining data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.h Examining data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c Examining data/blockout2-2.5+dfsg1/ImageLib/src/CImage.h Examining data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp FINAL RESULTS: data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:225:6: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(bl2Dir,S_IRWXU); data/blockout2-2.5+dfsg1/BlockOut/BlockOut.cpp:249:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"Failed to initialize sound manager.\nNo sound will be played.\n%s\n",theSound.GetErrorMsg()); data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:40:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(editText,text); data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:152:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(vText,editText+startPos); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:47:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"SDL_SetVideoMode() failed : %s\n",SDL_GetError()); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:111:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"SDL_Init() failed : %s\n" , SDL_GetError() ); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.cpp:27:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"Failed to load %s\n",LID((char *)"images/font.png")); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp:70:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"Failed to load \"%s\"\n",LID(diffName)); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp:83:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"Failed to load \"%s\"\n",LID(alphaName)); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:193:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(err_str, "Unknown host: %s", site); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:249:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(err_str, "Cannot connect to host: %s\n", site); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:305:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(page,remotePHP); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:307:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(page,"/%s",remotePHP); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:315:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(link,"http://%s%s",url,page); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:324:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(req,"PUT %s HTTP/1.0\r\n" data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:402:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(site,link+7); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:409:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(page,p); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:426:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(req,"GET %s HTTP/1.0\r\n" data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:47:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pInfo.name , allScore[selItem].name); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:64:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"HALL OF FAME %s",mParent->GetSetup()->GetName()); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:72:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"[%s]",FormatDateShort(allScore[i].date)); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:133:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(editScore->name,editText); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:36:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pInfo.name , allScore[selItem].name); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:55:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(link,"http://%s/getscore.php?setupid=%d&max=99", data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:63:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(errMsg,mParent->GetHttp()->GetError()); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:168:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"SCORE %s",mParent->GetSetup()->GetName()); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:195:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"[%s]",FormatDateShort(allScore[j].date)); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:32:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ret,str); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:96:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp,mParent->GetSetup()->GetHttpHome()); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:104:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp,mParent->GetSetup()->GetProxyName()); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:38:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"Setup: %s" , mParent->GetSetup()->GetName()); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:40:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"Score: %d by %s" , score->score, score->name); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:42:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"Date : %s" , FormatDate(score->date)); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:44:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"Time : %s" , FormatTime(score->gameTime)); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:382:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ret,"[%dx%dx%d,%s]",pitWidth,pitHeight,pitDepth,GetBlockSetName()); data/blockout2-2.5+dfsg1/BlockOut/SoundManager.cpp:90:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(errMsg, "Failed to initialise %s : %s",fileName,SDL_GetError()); data/blockout2-2.5+dfsg1/BlockOut/SoundManager.cpp:150:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"Music cannot be played: %s\n",SDL_GetError()); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:189:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"SHCreateDirectoryEx() failed\nCannot create directory\n%s",strPath); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:195:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(usrHome,strPath); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:214:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( bl2Home , blockoutHome ); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:217:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(bl2Dir,"%s/.bl2",homePath); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:227:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( usrHome , bl2Dir ); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:246:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ret,"%s/%s",bl2Home,fileName); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:261:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ret,"%s\\%s",usrHome,fileName); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:267:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ret,"%s/%s",usrHome,fileName); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:288:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"CreateTexture(): %s\nFile: %s\n",img.GetErrorMessage(),imgName); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:301:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message,"CreateTexture(): Wrong image dimension (%dx%d required)\nFile: %s\n",width,height,LID(imgName)); data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:43:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ext,p+1); data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:58:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(img.FileName,FileName); data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:60:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(m_LastError,PngErrorMessage); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:10:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(PngErrorMessage,message); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:32:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(PngErrorMessage,"Unable to open the file %s.",d->FileName); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:142:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(PngErrorMessage,"Unable to open the file %s for writing",file_name); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:780:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:823:11: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(GetTickCount()+rand()*100); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:101:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if( getenv("DISPLAY")==NULL ) { data/blockout2-2.5+dfsg1/BlockOut/Game.cpp:392:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((uint32)time(NULL)); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:205:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char *homePath = getenv("HOME"); data/blockout2-2.5+dfsg1/BlockOut/BlockOut.cpp:248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/BlockOut.h:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extendedTitle[256]; data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:182:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f=fopen("BlockOrientation.h","w"); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:301:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(matrix,matrixOrg,mSize*sizeof(int)); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:314:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(matrixOrg,matrix,mSize*sizeof(int)); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:427:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(moves,bestPath,nbBestPath * sizeof(AI_MOVE)); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:454:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(transCube,cubes,nbCube*sizeof(BLOCKITEM)); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:514:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bestPath,curPath,nbCurPath * sizeof(AI_MOVE)); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:569:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(transCube,transCubeOrg,nbCube*sizeof(BLOCKITEM)); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:788:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). avgFile = fopen("fDepth.txt","w"); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.h:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char infoStr[4096]; // Debug info data/blockout2-2.5+dfsg1/BlockOut/BotPlayerAI.cpp:366:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(infoStr, data/blockout2-2.5+dfsg1/BlockOut/BotPlayerAI.cpp:396:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(infoStr, data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vText[256]; data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vChar[2]; data/blockout2-2.5+dfsg1/BlockOut/EditControl.h:50:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char editText[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:110:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:213:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(m_strFrameStats,"%.2f fps (%dx%dx%d)",m_fFPS,m_screenWidth,m_screenHeight,m_bitsPerPixel); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:261:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:266:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message,"OpenGL failure: An unacceptable value is specified for an enumerated argument. The offending function is ignored, having no side effect other than to set the error flag."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:269:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "OpenGL failure: A numeric argument is out of range. The offending function is ignored, having no side effect other than to set the error flag."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:272:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "OpenGL failure: The specified operation is not allowed in the current state. The offending function is ignored, having no side effect other than to set the error flag."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:275:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "OpenGL failure: This function would cause a stack overflow. The offending function is ignored, having no side effect other than to set the error flag."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:278:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "OpenGL failure: This function would cause a stack underflow. The offending function is ignored, having no side effect other than to set the error flag."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:281:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "OpenGL failure: There is not enough memory left to execute the function. The state of OpenGL is undefined, except for the state of the error flags, after this error is recorded."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:284:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message, "Application failure."); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.h:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_strFrameStats[90]; // String to hold frame stats data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.h:105:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[512]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.cpp:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.cpp:70:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.cpp:71:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message,"GLFont2D::RestoreDeviceObjects(): Failed to create font texture: glcode=%d\n",glGetError()); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp:69:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp:82:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp:152:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLSprite.cpp:153:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message,"Sprite2D::RestoreDeviceObjects(): Failed to create font texture: glcode=%d\n",glGetError()); data/blockout2-2.5+dfsg1/BlockOut/Game.cpp:198:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(matView , mView , 16*sizeof(GLfloat)); data/blockout2-2.5+dfsg1/BlockOut/Game.cpp:367:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pitMatrix , matView , sizeof(GLfloat) * 16); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:40:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message,"WSAStartup failed (code=%d).\nNetwork features won't be available\n",iResult); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:52:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(err_str,"No error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:102:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"The operation timed out"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:104:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Tranmission error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:139:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Tranmission error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:175:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Tranmission error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:204:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Permission denied"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:207:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Descriptor table is full"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:210:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Specified protocol is not supported"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:213:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: code:%d",errCode); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:219:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Permission denied"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:222:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Descriptor table is full"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:225:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Insufficient user memory is available"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:229:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Insufficient STREAMS resources available"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:233:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Specified protocol is not supported"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:236:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Socket error: Unknown code:%d",errno); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:246:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char*)&server.sin_addr, host_info->h_addr,host_info->h_length); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:263:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err[4]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:266:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(err); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:277:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Invalid HTTP proxy name"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:282:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Invalid HTTP proxy port number"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:297:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char page[256]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:298:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char req[1024]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:300:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link[512]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:336:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP send error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:345:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP send error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:354:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP receive error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:366:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP error code %d",httpCode); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:373:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Invalid HTTP response"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:388:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char site[256]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:389:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char page[256]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:390:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char req[1024]; data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:398:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Invalid URL address"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:405:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Invalid URL address"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:438:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP send error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:447:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP receive error"); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:459:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"HTTP error code %d",httpCode); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:466:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(err_str,"Invalid HTTP response"); data/blockout2-2.5+dfsg1/BlockOut/Http.h:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_str[4096]; data/blockout2-2.5+dfsg1/BlockOut/Http.h:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char response[262144]; data/blockout2-2.5+dfsg1/BlockOut/Http.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char proxyName[256]; data/blockout2-2.5+dfsg1/BlockOut/MenuGraphics.cpp:82:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(matView , mView , 16*sizeof(GLfloat)); data/blockout2-2.5+dfsg1/BlockOut/MenuPage.h:91:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char editText[11]; data/blockout2-2.5+dfsg1/BlockOut/MenuPage.h:114:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[512]; data/blockout2-2.5+dfsg1/BlockOut/MenuPage.h:150:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[512]; data/blockout2-2.5+dfsg1/BlockOut/PageChangeSetup.cpp:27:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageChangeSetup.cpp:36:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetPitWidth()); data/blockout2-2.5+dfsg1/BlockOut/PageChangeSetup.cpp:38:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetPitHeight()); data/blockout2-2.5+dfsg1/BlockOut/PageChangeSetup.cpp:40:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetPitDepth()); data/blockout2-2.5+dfsg1/BlockOut/PageControls.cpp:81:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageControls.cpp:84:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"[%c]",k); data/blockout2-2.5+dfsg1/BlockOut/PageControls.cpp:386:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( mat , mRes.GetGL() , 16 * sizeof(GLfloat) ); data/blockout2-2.5+dfsg1/BlockOut/PageCredits.cpp:72:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( matBlock , res.GetGL() , 16 * sizeof(GLfloat) ); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:30:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(editText," "); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:62:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:67:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%2d ",i+1); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:70:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%7d ",allScore[i].score); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char link[512]; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:71:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg,"HTTP error"); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:87:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(allScore[i].name , ".........." ); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:107:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[256]; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:166:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:190:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%2d ", j+1); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:193:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%7d ",allScore[j].score); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:31:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[256]; data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:57:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetTimeout()); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:75:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetProxyPort()); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:87:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:100:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetTimeout()); data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:108:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d",mParent->GetSetup()->GetProxyPort()); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:33:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:35:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"SCORE DETAILS [Rank %d]",(rank+1)&0xFF); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:46:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"Cubes: %d" , score->nbCube); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:48:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"Level: From %d To " , score->startLevel); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:55:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d" , score->startLevel); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:57:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d" , endLevel); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:63:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"Flush: %d",score->emptyPit); data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:68:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"Lines: %3d %02d[x1] %02d[x2] %02d[x3]" , nbLine , data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:71:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp," %02d[x4] %02d[x5]" , score->nbLine4, score->nbLine5); data/blockout2-2.5+dfsg1/BlockOut/PageStartGame.cpp:29:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/blockout2-2.5+dfsg1/BlockOut/PageStartGame.cpp:30:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"Level %d",i); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:114:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(httpHome,"www.blockout.net/blockout2"); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:369:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[32]; data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:510:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nPtr,score,sizeof(SCOREREC)); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:572:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if(pos<10) memcpy(hScore + pos,ptr,sizeof(SCOREREC)); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:581:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( hScore[pos].name , ".........." ); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:628:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(LHD(STR("hscore.dat")),"rb"); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:679:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(LHD(STR("hscore.dat")),"wb"); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:713:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(LHD(STR("setup.dat")),"wb"); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:760:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(LHD(STR("setup.dat")),"rb"); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.h:182:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char httpHome[256]; data/blockout2-2.5+dfsg1/BlockOut/SetupManager.h:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char httpProxy[256]; data/blockout2-2.5+dfsg1/BlockOut/SoundManager.cpp:53:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errMsg, "SDL_mixer: Audio initialisation error"); data/blockout2-2.5+dfsg1/BlockOut/SoundManager.cpp:149:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/SoundManager.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[1024]; data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:99:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%u",score); data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:103:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%u",cubes); data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:118:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%u",hScore); data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:122:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%ux%ux%u",x,y,z); data/blockout2-2.5+dfsg1/BlockOut/Types.h:170:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[11]; data/blockout2-2.5+dfsg1/BlockOut/Types.h:181:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[11]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:39:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bl2Home[512]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char usrHome[512]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:92:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[32]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:95:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ret,"%dmin %02dsec",min,sec); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:107:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[32]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:116:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ret,"%02d-%02d-%04d %02d:%02d:%02d",ts->tm_mday,ts->tm_mon+1,ts->tm_year+1900, data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:132:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[32]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:141:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ret,"%02d-%02d-%04d",ts->tm_mday,ts->tm_mon+1,ts->tm_year+1900); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:143:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ret,".........."); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:180:2: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR strPath[MAX_PATH]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:188:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:216:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bl2Dir[512]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:245:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[512]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:257:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ret[512]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:340:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(message,"CreateTexture(): OpenGL error (code=%d)\n",glGetError()); data/blockout2-2.5+dfsg1/ImageLib/include/CImage.h:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_LastError[1024]; /* Error message */ data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:21:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(m_LastError,"No errors"); data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:36:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ext[12]; data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:39:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(m_LastError,"Does not have extensions."); data/blockout2-2.5+dfsg1/ImageLib/src/CImage.cpp:49:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(m_LastError,"Not gif,jpg or png."); data/blockout2-2.5+dfsg1/ImageLib/src/CImage.h:44:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_LastError[1024]; /* Error message */ data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:7:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char PngErrorMessage[1024]; data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:29:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(d->FileName, "rb"); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:40:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(PngErrorMessage,"Failed to create the PNG handle."); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:140:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(file_name, "wb"); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:152:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(PngErrorMessage,"png_create_write_struct() failed"); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.c:160:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(PngErrorMessage,"png_create_info_struct() failed"); data/blockout2-2.5+dfsg1/ImageLib/src/png/hpng.h:6:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char FileName[512]; /* PNG file Name */ data/blockout2-2.5+dfsg1/BlockOut/BlockOut.cpp:167:23: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. if(toSleep>0) usleep(toSleep*1000); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:118:36: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. while( j<block->GetNbCube() && equal ) { data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:119:15: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. equal = equal && FindCube(transCube[j].x,transCube[j].y,transCube[j].z,&(allTransform[idx].c[i])); data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:120:10: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(equal) j++; data/blockout2-2.5+dfsg1/BlockOut/BotPlayer.cpp:122:13: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. found = equal; data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:35:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(text)>=255 ) { data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:36:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(editText,text,255); data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:41:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(editText," "); data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:70:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(editText); data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:168:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(editText); data/blockout2-2.5+dfsg1/BlockOut/EditControl.cpp:180:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(editText); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLApp.cpp:24:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy((char *)m_strFrameStats,""); data/blockout2-2.5+dfsg1/BlockOut/GLApp/GLFont.cpp:102:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(text); data/blockout2-2.5+dfsg1/BlockOut/Game.cpp:432:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int fSize = 9 * (int)strlen(helpStr); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:54:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(proxyName,""); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:67:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(proxyName,name,255); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:264:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( err , &(response[9]) , 3); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:276:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(proxyName)==0 ) { data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:299:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(err_str,""); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:332:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(req); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:335:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(err_str)==0 ) data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:344:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(err_str)==0 ) data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:353:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(err_str)==0 ) data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:391:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(err_str,""); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:434:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(req); data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:437:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(err_str)==0 ) data/blockout2-2.5+dfsg1/BlockOut/Http.cpp:446:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(err_str)==0 ) data/blockout2-2.5+dfsg1/BlockOut/MenuGraphics.cpp:443:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(title); data/blockout2-2.5+dfsg1/BlockOut/MenuGraphics.cpp:463:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(text); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFame.cpp:48:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i = (int)strlen(pInfo.name) - 1; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:37:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i = (int)strlen(pInfo.name) - 1; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:133:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(s->name,field,10); data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:135:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(int i=(int)strlen(s->name);i<10;i++) (s->name)[i]=' '; data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:206:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while( strlen(errMsg+p) > 34 ) { data/blockout2-2.5+dfsg1/BlockOut/PageHallOfFameOnLine.cpp:207:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp,errMsg+p,34); tmp[34]=0; data/blockout2-2.5+dfsg1/BlockOut/PageHttp.cpp:34:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(str)>21 ) { data/blockout2-2.5+dfsg1/BlockOut/PageScoreDetails.cpp:60:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(tmp,"#"); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:115:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(httpProxy,""); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:306:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(httpHome,home,255); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:319:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(httpProxy,name,255); data/blockout2-2.5+dfsg1/BlockOut/SetupManager.cpp:370:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ret,""); data/blockout2-2.5+dfsg1/BlockOut/SoundManager.cpp:43:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(errMsg,""); data/blockout2-2.5+dfsg1/BlockOut/Sprites.cpp:150:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int lgth = (int)strlen(strMumber); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:119:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(ret,""); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:178:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(usrHome,""); data/blockout2-2.5+dfsg1/BlockOut/Utils.cpp:260:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen(usrHome)>0 ) { ANALYSIS SUMMARY: Hits = 278 Lines analyzed = 16383 in approximately 0.46 seconds (35703 lines/second) Physical Source Lines of Code (SLOC) = 10934 Hits@level = [0] 87 [1] 46 [2] 174 [3] 5 [4] 52 [5] 1 Hits@level+ = [0+] 365 [1+] 278 [2+] 232 [3+] 58 [4+] 53 [5+] 1 Hits/KSLOC@level+ = [0+] 33.3821 [1+] 25.4253 [2+] 21.2182 [3+] 5.30455 [4+] 4.84727 [5+] 0.0914578 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.