Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dicelab-0.7/tree.h
Examining data/dicelab-0.7/par.h
Examining data/dicelab-0.7/roll.c
Examining data/dicelab-0.7/util.c
Examining data/dicelab-0.7/par.c
Examining data/dicelab-0.7/util.h
Examining data/dicelab-0.7/lex.c
Examining data/dicelab-0.7/roll.h
Examining data/dicelab-0.7/tree.c
Examining data/dicelab-0.7/main.c

FINAL RESULTS:

data/dicelab-0.7/lex.c:1003:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(yylval.tval, yytext);
data/dicelab-0.7/main.c:150:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy(fname, optarg);
data/dicelab-0.7/par.c:905:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define YYFPRINTF fprintf
data/dicelab-0.7/tree.c:808:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(emsg, "Variable \"%s\" not found", this->varname);
data/dicelab-0.7/tree.c:861:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(emsg, "Variable \"%s\" not found", this->varname);
data/dicelab-0.7/main.c:88:2:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	srand(time(NULL));
data/dicelab-0.7/main.c:100:7:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
		c = getopt_long(margc, margv, "?hvprecn:f:t:", 
data/dicelab-0.7/lex.c:853:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		yylval.ival = atoi(yytext);
data/dicelab-0.7/main.c:126:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				cmd_count = atoi(optarg);
data/dicelab-0.7/main.c:174:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		yyin = fopen(fname, "r");
data/dicelab-0.7/par.c:1202:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/dicelab-0.7/par.c:1219:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char yyformat[sizeof yyunexpected
data/dicelab-0.7/par.c:1387:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char yymsgbuf[128];
data/dicelab-0.7/tree.c:99:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(cdata, data, count * sizeof(int));
data/dicelab-0.7/tree.c:100:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&cdata[count], cv->values, cv->count * sizeof(int));
data/dicelab-0.7/tree.c:109:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(nst->rvalue->values, cv->values, sizeof(int) * cv->count);
data/dicelab-0.7/tree.c:144:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(current->values, data, current->count * sizeof(int));
data/dicelab-0.7/tree.c:262:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char data__[YYNODESTATE_BLKSIZ];
data/dicelab-0.7/tree.c:799:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(ret->values, nst->rvalue->values, 
data/dicelab-0.7/tree.c:854:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(ret->values, nst->rvalue->values, sizeof(int) * nst->rvalue->count);
data/dicelab-0.7/tree.c:1337:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&rv->values[rv->count], roll->values, 
data/dicelab-0.7/tree.c:1395:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&cret->values[cp], index[pos[i]]->values, 
data/dicelab-0.7/tree.c:1568:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&rv1->values[rv1->count], rv2->values, 
data/dicelab-0.7/tree.c:1590:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(cret->values, ce1->values, ce1->count * sizeof(int));
data/dicelab-0.7/tree.c:1591:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&cret->values[ce1->count], ce2->values, 
data/dicelab-0.7/tree.c:1683:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(nst->rvalue->values, ccnt->values, sizeof(int) * ccnt->count);
data/dicelab-0.7/tree.c:1750:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&ret->values[ret->count], cur->values, 
data/dicelab-0.7/tree.c:1796:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(item->values, cret->values, 
data/dicelab-0.7/tree.c:1798:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&item->values[cret->count], ccur->values, 
data/dicelab-0.7/tree.c:1869:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&ret->values[ret->count], cur->values, sizeof(int) * cur->count);
data/dicelab-0.7/tree.c:1879:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&ret->values[ret->count], cur->values, 
data/dicelab-0.7/tree.c:2020:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&exp->values[0], &exp->values[exp->count - i], 
data/dicelab-0.7/tree.c:2070:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(cret->values, &cexp->values[cexp->count - cret->count], 
data/dicelab-0.7/tree.c:2076:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(cret->values, cexp->values, cret->count * sizeof(int));
data/dicelab-0.7/tree.c:2138:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&exp->values[0], &exp->values[exp->count - num->values[0]],
data/dicelab-0.7/tree.c:2182:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(cret->values, cexp->values, cret->count * sizeof(int));
data/dicelab-0.7/tree.c:2187:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(cret->values, &cexp->values[cexp->count - cret->count], 
data/dicelab-0.7/tree.c:2251:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(slist, exp->values, sizeof(int) * exp->count);
data/dicelab-0.7/tree.c:2325:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(slist, cexp->values, sizeof(int) * cexp->count);
data/dicelab-0.7/tree.c:2427:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(slist, exp->values, sizeof(int) * exp->count);
data/dicelab-0.7/tree.c:2503:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(slist, cexp->values, sizeof(int) * cexp->count);
data/dicelab-0.7/lex.c:659:14:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			     (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/dicelab-0.7/lex.c:1002:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		yylval.tval = (char*)malloc((strlen(yytext)+1) * sizeof(char));
data/dicelab-0.7/lex.c:1754:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return yy_scan_bytes(yystr,strlen(yystr) );
data/dicelab-0.7/main.c:148:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				fname = (char*)malloc((strlen(optarg)+1)*sizeof(char));
data/dicelab-0.7/par.c:1083:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#   define yystrlen strlen
data/dicelab-0.7/tree.c:807:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		char *emsg = (char*)malloc(sizeof(char)*22+strlen(this->varname));
data/dicelab-0.7/tree.c:860:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		char *emsg = (char*)malloc(sizeof(char)*22+strlen(this->varname));

ANALYSIS SUMMARY:

Hits = 48
Lines analyzed = 9792 in approximately 0.27 seconds (36319 lines/second)
Physical Source Lines of Code (SLOC) = 7799
Hits@level = [0]  67 [1]   7 [2]  34 [3]   2 [4]   5 [5]   0
Hits@level+ = [0+] 115 [1+]  48 [2+]  41 [3+]   7 [4+]   5 [5+]   0
Hits/KSLOC@level+ = [0+] 14.7455 [1+] 6.15464 [2+] 5.25708 [3+] 0.897551 [4+] 0.641108 [5+]   0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.