Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/corsix-th-0.64/AnimView/app.cpp
Examining data/corsix-th-0.64/AnimView/app.h
Examining data/corsix-th-0.64/AnimView/backdrop.h
Examining data/corsix-th-0.64/AnimView/frmMain.cpp
Examining data/corsix-th-0.64/AnimView/frmMain.h
Examining data/corsix-th-0.64/AnimView/frmSprites.cpp
Examining data/corsix-th-0.64/AnimView/frmSprites.h
Examining data/corsix-th-0.64/AnimView/th.cpp
Examining data/corsix-th-0.64/AnimView/th.h
Examining data/corsix-th-0.64/CorsixTH/CppTest/example.cpp
Examining data/corsix-th-0.64/CorsixTH/CppTest/test_main.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/bootstrap.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/bootstrap.h
Examining data/corsix-th-0.64/CorsixTH/Src/cp437_table.h
Examining data/corsix-th-0.64/CorsixTH/Src/cp936_table.h
Examining data/corsix-th-0.64/CorsixTH/Src/iso_fs.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/iso_fs.h
Examining data/corsix-th-0.64/CorsixTH/Src/lua.hpp
Examining data/corsix-th-0.64/CorsixTH/Src/lua_rnc.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/lua_rnc.h
Examining data/corsix-th-0.64/CorsixTH/Src/lua_sdl.h
Examining data/corsix-th-0.64/CorsixTH/Src/main.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/main.h
Examining data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/persist_lua.h
Examining data/corsix-th-0.64/CorsixTH/Src/random.c
Examining data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.h
Examining data/corsix-th-0.64/CorsixTH/Src/sdl_audio.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/sdl_core.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/sdl_wm.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_font.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_font.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_anims.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_gfx.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_internal.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_iso.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_lfs_ext.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_map.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_movie.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_sound.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_strings.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_ui.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_map.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_map.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_map_overlays.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_map_overlays.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_movie.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_movie.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_pathfind.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_pathfind.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_sound.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_sound.h
Examining data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/xmi2mid.h
Examining data/corsix-th-0.64/CorsixTH/SrcUnshared/main.cpp
Examining data/corsix-th-0.64/CorsixTH/resource.h
Examining data/corsix-th-0.64/SpriteEncoder/ast.cpp
Examining data/corsix-th-0.64/SpriteEncoder/ast.h
Examining data/corsix-th-0.64/SpriteEncoder/encode.cpp
Examining data/corsix-th-0.64/SpriteEncoder/image.cpp
Examining data/corsix-th-0.64/SpriteEncoder/image.h
Examining data/corsix-th-0.64/SpriteEncoder/output.cpp
Examining data/corsix-th-0.64/SpriteEncoder/output.h
Examining data/corsix-th-0.64/SpriteEncoder/parser.cpp
Examining data/corsix-th-0.64/SpriteEncoder/scanner.cpp
Examining data/corsix-th-0.64/SpriteEncoder/tokens.h
Examining data/corsix-th-0.64/libs/rnc/rnc.cpp
Examining data/corsix-th-0.64/libs/rnc/rnc.h

FINAL RESULTS:

data/corsix-th-0.64/CorsixTH/Src/iso_fs.cpp:618:8:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  std::vsnprintf(error, 1024, sFormat, a);
data/corsix-th-0.64/SpriteEncoder/parser.cpp:657:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define YYFPRINTF fprintf
data/corsix-th-0.64/AnimView/frmMain.cpp:623:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(imgCanvas.GetData(), m_imgBackground.GetData(), 400 * 400 * 3);
data/corsix-th-0.64/AnimView/th.cpp:39:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char palette_upscale_map[0x40] = {
data/corsix-th-0.64/AnimView/th.cpp:91:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(m_ptr, data, npixels);
data/corsix-th-0.64/AnimView/th.cpp:444:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(m_pData, pData, iWidth * iHeight);
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1063:33:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if (pBytes != nullptr) std::memcpy(pBytes, data, iCount);
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1190:27:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  std::FILE* fFile = std::fopen(sFilename, "r");
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1204:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      std::memcpy(lua_newuserdata(L, iBufferSize),
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1240:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  std::memcpy(lua_newuserdata(L, iBufferUsed + 1), sFile, iBufferUsed + 1);
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1244:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  std::memcpy(sFile, lua_touserdata(L, iBufferCopyIndex), iBufferUsed + 1);
data/corsix-th-0.64/CorsixTH/Src/sdl_audio.cpp:95:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(async->err, Mix_GetError(), iLen);
data/corsix-th-0.64/CorsixTH/Src/th_gfx.cpp:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/corsix-th-0.64/CorsixTH/Src/th_gfx.cpp:1041:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(ptr, in_data, npixels);
data/corsix-th-0.64/CorsixTH/Src/th_gfx_font.cpp:549:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(pEntry->message, sMessage, iMessageLength);
data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.cpp:601:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(pDest, pPixelData, iLength);
data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.cpp:950:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(pNewData, pData, iDataLength);
data/corsix-th-0.64/CorsixTH/Src/th_lua_lfs_ext.cpp:51:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char sName[4] = {cDrive, ':', '\\', 0};
data/corsix-th-0.64/CorsixTH/Src/th_movie.cpp:885:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(pbStream, (uint8_t*)audio_buffer + audio_buffer_index,
data/corsix-th-0.64/CorsixTH/Src/th_movie.h:362:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char error_buffer[movie_error_buffer_capacity];
data/corsix-th-0.64/CorsixTH/Src/th_sound.cpp:62:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  std::memcpy(data, pData, iDataLength);
data/corsix-th-0.64/CorsixTH/Src/th_sound.h:73:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sound_name[18];
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:93:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(values, pointer, sizeof(T) * count);
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:125:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    std::memcpy(pointer - sizeof(T) * count, values, sizeof(T) * count);
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:174:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      std::memcpy(pNewData, data, size > iOldLength ? iOldLength : size);
data/corsix-th-0.64/SpriteEncoder/ast.h:49:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char m_aNumber[256]; // Layer number of the recolouring.
data/corsix-th-0.64/SpriteEncoder/encode.cpp:43:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        pInfile = fopen(pArgv[1], "r");
data/corsix-th-0.64/SpriteEncoder/encode.cpp:48:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        pInfile = fopen(pArgv[1], "r");
data/corsix-th-0.64/SpriteEncoder/image.cpp:92:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *pFile = fopen(sFilename.c_str(), "rb");
data/corsix-th-0.64/SpriteEncoder/image.cpp:99:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char header[4];
data/corsix-th-0.64/SpriteEncoder/output.cpp:131:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *handle = fopen(fname, "wb");
data/corsix-th-0.64/SpriteEncoder/output.h:37:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buffer[BUF_SIZE];
data/corsix-th-0.64/SpriteEncoder/parser.cpp:955:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/corsix-th-0.64/SpriteEncoder/parser.cpp:1185:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char yymsgbuf[128];
data/corsix-th-0.64/SpriteEncoder/scanner.cpp:867:35:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                  yylval.number = atoi(yytext);
data/corsix-th-0.64/CorsixTH/Src/bootstrap.cpp:295:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      *size = std::strlen(s);
data/corsix-th-0.64/CorsixTH/Src/iso_fs.cpp:529:14:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        std::equal(normalised_path.begin(), normalised_path.end(),
data/corsix-th-0.64/CorsixTH/Src/main.cpp:62:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (iLength != std::strlen(LUA_VERSION) ||
data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.cpp:247:38:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
uint32_t integer_run_length_decoder::read() {
data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.h:113:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  uint32_t read();
data/corsix-th-0.64/CorsixTH/Src/sdl_audio.cpp:93:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t iLen = std::strlen(Mix_GetError()) + 1;
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1618:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[0] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1619:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[1] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1620:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[2] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1621:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[3] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1622:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iParcelId = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1623:53:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iRoomId = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1629:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[0] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1630:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[1] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1631:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iBlock[2] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1632:55:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->iParcelId = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1633:29:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    pNode->flags = oDecoder.read();
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:86:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  bool read(T& value) {
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:87:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    return read(&value, 1);
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:91:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  bool read(T* values, size_t count) {
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:100:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(iByte0) && read(iByte1) && read(iByte2))
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:100:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(iByte0) && read(iByte1) && read(iByte2))
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:100:41:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(iByte0) && read(iByte1) && read(iByte2))
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:110:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if (!read(iByte)) return false;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:229:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if (!bufInput.read(iTokenType)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:241:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if (!bufInput.read(pToken->data)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:248:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if (!bufInput.read(pToken->data)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:252:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if (!bufInput.read(iExtendedType)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:265:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
          if (!bufInput.read(iExtendedType)) return nullptr;
data/corsix-th-0.64/SpriteEncoder/parser.cpp:839:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#   define yystrlen strlen
data/corsix-th-0.64/SpriteEncoder/scanner.cpp:630:14:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			     (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/corsix-th-0.64/SpriteEncoder/scanner.cpp:1689:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return yy_scan_bytes(yystr,strlen(yystr) );

ANALYSIS SUMMARY:

Hits = 67
Lines analyzed = 32135 in approximately 1.02 seconds (31649 lines/second)
Physical Source Lines of Code (SLOC) = 23438
Hits@level = [0]  54 [1]  32 [2]  33 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+] 121 [1+]  67 [2+]  35 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 5.16256 [1+] 2.85861 [2+] 1.4933 [3+] 0.0853315 [4+] 0.0853315 [5+]   0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.