Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/emu8051-2.0.1/src/cli/parser.c
Examining data/emu8051-2.0.1/src/cli/parser.h
Examining data/emu8051-2.0.1/src/cli/scanner.c
Examining data/emu8051-2.0.1/src/cli/scanner.h
Examining data/emu8051-2.0.1/src/cli/main.c
Examining data/emu8051-2.0.1/src/cli/menu.c
Examining data/emu8051-2.0.1/src/cli/menu.h
Examining data/emu8051-2.0.1/src/cli/keyboard.c
Examining data/emu8051-2.0.1/src/cli/keyboard.h
Examining data/emu8051-2.0.1/src/gtk/memwin.c
Examining data/emu8051-2.0.1/src/gtk/memwin.h
Examining data/emu8051-2.0.1/src/gtk/regwin.c
Examining data/emu8051-2.0.1/src/gtk/regwin.h
Examining data/emu8051-2.0.1/src/gtk/pswwin.c
Examining data/emu8051-2.0.1/src/gtk/pswwin.h
Examining data/emu8051-2.0.1/src/gtk/pgmwin.c
Examining data/emu8051-2.0.1/src/gtk/pgmwin.h
Examining data/emu8051-2.0.1/src/gtk/helpmenu.c
Examining data/emu8051-2.0.1/src/gtk/helpmenu.h
Examining data/emu8051-2.0.1/src/gtk/filemenu.c
Examining data/emu8051-2.0.1/src/gtk/filemenu.h
Examining data/emu8051-2.0.1/src/gtk/main.c
Examining data/emu8051-2.0.1/src/gtk/main.h
Examining data/emu8051-2.0.1/src/gtk/timerwin.c
Examining data/emu8051-2.0.1/src/gtk/timerwin.h
Examining data/emu8051-2.0.1/src/gtk/messagebox.c
Examining data/emu8051-2.0.1/src/gtk/messagebox.h
Examining data/emu8051-2.0.1/src/gtk/app-config.c
Examining data/emu8051-2.0.1/src/gtk/app-config.h
Examining data/emu8051-2.0.1/src/gtk/viewmenu.c
Examining data/emu8051-2.0.1/src/gtk/viewmenu.h
Examining data/emu8051-2.0.1/src/common/log.c
Examining data/emu8051-2.0.1/src/common/log.h
Examining data/emu8051-2.0.1/src/common/psw.c
Examining data/emu8051-2.0.1/src/common/psw.h
Examining data/emu8051-2.0.1/src/common/sfr.c
Examining data/emu8051-2.0.1/src/common/sfr.h
Examining data/emu8051-2.0.1/src/common/reg8051.h
Examining data/emu8051-2.0.1/src/common/opcodes.c
Examining data/emu8051-2.0.1/src/common/opcodes.h
Examining data/emu8051-2.0.1/src/common/cpu8051.c
Examining data/emu8051-2.0.1/src/common/cpu8051.h
Examining data/emu8051-2.0.1/src/common/common.h
Examining data/emu8051-2.0.1/src/common/hexfile.c
Examining data/emu8051-2.0.1/src/common/hexfile.h
Examining data/emu8051-2.0.1/src/common/options.c
Examining data/emu8051-2.0.1/src/common/timers.c
Examining data/emu8051-2.0.1/src/common/timers.h
Examining data/emu8051-2.0.1/src/common/operations.c
Examining data/emu8051-2.0.1/src/common/operations.h
Examining data/emu8051-2.0.1/src/common/instructions_8051.c
Examining data/emu8051-2.0.1/src/common/memory.c
Examining data/emu8051-2.0.1/src/common/memory.h
Examining data/emu8051-2.0.1/src/common/options.h
Examining data/emu8051-2.0.1/src/common/instructions_8051.h
FINAL RESULTS:
data/emu8051-2.0.1/src/cli/menu.c:65:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, line);
data/emu8051-2.0.1/src/cli/parser.c:763:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/emu8051-2.0.1/src/common/cpu8051.c:414:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s", opcodes_get_instr_type_str(opcode));
data/emu8051-2.0.1/src/common/cpu8051.c:440:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(&buf[len], "%s,", str);
data/emu8051-2.0.1/src/common/cpu8051.c:443:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(&buf[len], "%s", str);
data/emu8051-2.0.1/src/common/cpu8051.c:469:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(&buf[len], "%s", str);
data/emu8051-2.0.1/src/common/cpu8051.c:477:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(&buf[len], "%s.%X" , str,
data/emu8051-2.0.1/src/common/cpu8051.c:508:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(&buf[len], "/%s.%X", str,
data/emu8051-2.0.1/src/common/cpu8051.c:514:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len += sprintf(&buf[len], "%s",
data/emu8051-2.0.1/src/common/log.c:52:10: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stream, format, ap);
data/emu8051-2.0.1/src/common/log.c:70:10: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stream, format, ap);
data/emu8051-2.0.1/src/common/log.c:88:10: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stream, format, ap);
data/emu8051-2.0.1/src/common/log.c:104:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stream, format, ap);
data/emu8051-2.0.1/src/common/log.c:120:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stream, format, ap);
data/emu8051-2.0.1/src/gtk/app-config.c:119:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s.conf", PACKAGE);
data/emu8051-2.0.1/src/cli/menu.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[255];
data/emu8051-2.0.1/src/cli/parser.c:1059:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/emu8051-2.0.1/src/cli/parser.c:1294:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/emu8051-2.0.1/src/cli/scanner.c:840:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.number = atoi(yytext); return NUMBER; }
data/emu8051-2.0.1/src/common/cpu8051.c:366:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x80: return sprintf(text, "P0");
data/emu8051-2.0.1/src/common/cpu8051.c:367:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x81: return sprintf(text, "SP");
data/emu8051-2.0.1/src/common/cpu8051.c:368:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x82: return sprintf(text, "DPL");
data/emu8051-2.0.1/src/common/cpu8051.c:369:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x83: return sprintf(text, "DPH");
data/emu8051-2.0.1/src/common/cpu8051.c:370:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x87: return sprintf(text, "PCON");
data/emu8051-2.0.1/src/common/cpu8051.c:371:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x88: return sprintf(text, "TCON");
data/emu8051-2.0.1/src/common/cpu8051.c:372:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x89: return sprintf(text, "TMOD");
data/emu8051-2.0.1/src/common/cpu8051.c:373:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8A: return sprintf(text, "TL0");
data/emu8051-2.0.1/src/common/cpu8051.c:374:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8B: return sprintf(text, "TL1");
data/emu8051-2.0.1/src/common/cpu8051.c:375:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8C: return sprintf(text, "TH0");
data/emu8051-2.0.1/src/common/cpu8051.c:376:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8D: return sprintf(text, "TH1");
data/emu8051-2.0.1/src/common/cpu8051.c:377:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x90: return sprintf(text, "P1");
data/emu8051-2.0.1/src/common/cpu8051.c:378:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x98: return sprintf(text, "SCON");
data/emu8051-2.0.1/src/common/cpu8051.c:379:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x99: return sprintf(text, "SBUF");
data/emu8051-2.0.1/src/common/cpu8051.c:380:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xA0: return sprintf(text, "P2");
data/emu8051-2.0.1/src/common/cpu8051.c:381:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xA8: return sprintf(text, "IE");
data/emu8051-2.0.1/src/common/cpu8051.c:382:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xB0: return sprintf(text, "P3");
data/emu8051-2.0.1/src/common/cpu8051.c:383:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xB8: return sprintf(text, "IP");
data/emu8051-2.0.1/src/common/cpu8051.c:384:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xC8: return sprintf(text, "T2CON");
data/emu8051-2.0.1/src/common/cpu8051.c:385:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xCA: return sprintf(text, "RCAP2L");
data/emu8051-2.0.1/src/common/cpu8051.c:386:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xCB: return sprintf(text, "RCAP2H");
data/emu8051-2.0.1/src/common/cpu8051.c:387:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xCC: return sprintf(text, "TL2");
data/emu8051-2.0.1/src/common/cpu8051.c:388:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xCD: return sprintf(text, "TH2");
data/emu8051-2.0.1/src/common/cpu8051.c:389:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xD0: return sprintf(text, "PSW");
data/emu8051-2.0.1/src/common/cpu8051.c:390:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xE0: return sprintf(text, "ACC");
data/emu8051-2.0.1/src/common/cpu8051.c:392:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: return sprintf(text, "%.2XH", address);
data/emu8051-2.0.1/src/common/cpu8051.c:407:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&text[len], ".%X", bit_address);
data/emu8051-2.0.1/src/common/cpu8051.c:422:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/emu8051-2.0.1/src/common/cpu8051.c:452:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(&buf[len],
data/emu8051-2.0.1/src/common/cpu8051.c:459:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(
data/emu8051-2.0.1/src/common/cpu8051.c:484:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(&buf[len], "%.4XH", (address & 0xFF00) +
data/emu8051-2.0.1/src/common/cpu8051.c:491:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(&buf[len], "#%.2XH",
data/emu8051-2.0.1/src/common/cpu8051.c:497:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(&buf[len], "#%.4XH",
data/emu8051-2.0.1/src/common/cpu8051.c:534:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(text, " %.4X ", address);
data/emu8051-2.0.1/src/common/cpu8051.c:541:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len += sprintf(&text[len], " %.2X",
data/emu8051-2.0.1/src/common/hexfile.c:43:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str , "%.1X", (uint8_t) val);
data/emu8051-2.0.1/src/common/hexfile.c:45:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str , "%.2X", (uint8_t) val);
data/emu8051-2.0.1/src/common/hexfile.c:47:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str , "%.4X", (uint16_t) val);
data/emu8051-2.0.1/src/common/hexfile.c:49:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str , "Err");
data/emu8051-2.0.1/src/common/hexfile.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HEXFILE_LINE_BUFFER_LEN];
data/emu8051-2.0.1/src/common/hexfile.c:124:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/emu8051-2.0.1/src/common/opcodes.c:61:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *instr_type_str[45] = {
data/emu8051-2.0.1/src/common/opcodes.c:188:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *instr_arg_type_str[25] = {
data/emu8051-2.0.1/src/gtk/app-config.c:64:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*value = atoi(str);
data/emu8051-2.0.1/src/gtk/app-config.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_FILENAME_LENGTH];
data/emu8051-2.0.1/src/gtk/filemenu.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char previous_folder[MAX_FILENAME_LENGTH + 1];
data/emu8051-2.0.1/src/gtk/memwin.c:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char col_name[8];
data/emu8051-2.0.1/src/gtk/memwin.c:184:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(col_name, "B%1d", i - COL_DATA0);
data/emu8051-2.0.1/src/gtk/memwin.c:186:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(col_name, "B%02d", i - COL_DATA0);
data/emu8051-2.0.1/src/gtk/memwin.c:333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[4+1]; /* Max. str len for address column (4 digits) */
data/emu8051-2.0.1/src/gtk/memwin.c:334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_str[16+1]; /* Maximum 16 data columns. */
data/emu8051-2.0.1/src/gtk/memwin.c:373:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&ascii_str[col], "%c", data);
data/emu8051-2.0.1/src/gtk/pgmwin.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *col_names[N_COLUMNS] = {
data/emu8051-2.0.1/src/gtk/pgmwin.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/emu8051-2.0.1/src/gtk/pswwin.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *col_names[N_COLUMNS] = {
data/emu8051-2.0.1/src/gtk/pswwin.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10];
data/emu8051-2.0.1/src/gtk/pswwin.c:233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[4];
data/emu8051-2.0.1/src/gtk/regwin.c:205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8];
data/emu8051-2.0.1/src/gtk/timerwin.c:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/emu8051-2.0.1/src/gtk/timerwin.c:56:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf , "<b><big>%08d</big></b> cycles",
data/emu8051-2.0.1/src/gtk/timerwin.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[100];
data/emu8051-2.0.1/src/gtk/timerwin.c:88:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(title, "Emulator timer %c", 'A' + id);
data/emu8051-2.0.1/src/cli/keyboard.c:27:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(0, &ch, 1);
data/emu8051-2.0.1/src/cli/keyboard.c:50:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(0, &ch, 1);
data/emu8051-2.0.1/src/cli/menu.c:59:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(line) > max_len) {
data/emu8051-2.0.1/src/cli/menu.c:68:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\n");
data/emu8051-2.0.1/src/cli/menu.c:83:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(buf);
data/emu8051-2.0.1/src/cli/menu.c:148:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (k = 0; k < strlen(buffer); k++)
data/emu8051-2.0.1/src/cli/parser.c:943:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/emu8051-2.0.1/src/cli/scanner.c:648:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/emu8051-2.0.1/src/cli/scanner.c:1709:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,strlen(yystr) );
data/emu8051-2.0.1/src/common/cpu8051.c:391:20: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case 0xF0: return sprintf(text, "B");
data/emu8051-2.0.1/src/common/cpu8051.c:520:11: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(&buf[len], ",");
data/emu8051-2.0.1/src/common/cpu8051.c:546:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(&text[len], " ");
data/emu8051-2.0.1/src/common/cpu8051.c:553:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
len += sprintf(&text[len], " ");
data/emu8051-2.0.1/src/common/hexfile.c:65:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!length || (length > (int) strlen(str)))
data/emu8051-2.0.1/src/common/hexfile.c:66:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(str);
data/emu8051-2.0.1/src/gtk/filemenu.c:35:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(folder) >= MAX_FILENAME_LENGTH) {
data/emu8051-2.0.1/src/gtk/filemenu.c:40:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(previous_folder, folder, MAX_FILENAME_LENGTH);
data/emu8051-2.0.1/src/gtk/filemenu.c:66:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(previous_folder) == 0) {
data/emu8051-2.0.1/src/gtk/pgmwin.c:256:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(str, "*");
ANALYSIS SUMMARY:
Hits = 100
Lines analyzed = 15239 in approximately 0.44 seconds (34458 lines/second)
Physical Source Lines of Code (SLOC) = 10324
Hits@level = [0] 41 [1] 19 [2] 66 [3] 0 [4] 15 [5] 0
Hits@level+ = [0+] 141 [1+] 100 [2+] 81 [3+] 15 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 13.6575 [1+] 9.68617 [2+] 7.8458 [3+] 1.45293 [4+] 1.45293 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.