Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gdpc-2.2.5/tooltips.h
Examining data/gdpc-2.2.5/colors.c
Examining data/gdpc-2.2.5/drawatoms.c
Examining data/gdpc-2.2.5/sort.c
Examining data/gdpc-2.2.5/init.c
Examining data/gdpc-2.2.5/main.c
Examining data/gdpc-2.2.5/parameters.h
Examining data/gdpc-2.2.5/readinput.c
Examining data/gdpc-2.2.5/rotate.c
Examining data/gdpc-2.2.5/setup.c
FINAL RESULTS:
data/gdpc-2.2.5/init.c:221:14: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
control=sscanf(argv[argl+2],"%s",params->timedelim);
data/gdpc-2.2.5/init.c:331:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(argv[argl+3],"%s",params->fstring);
data/gdpc-2.2.5/init.c:335:14: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
control=sscanf(argv[argl+2],"%s",params->dumpname);
data/gdpc-2.2.5/init.c:345:14: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
control=sscanf(argv[argl+2],"%s",params->dumpname);
data/gdpc-2.2.5/init.c:396:14: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
control=sscanf(c,"%s",params->file);
data/gdpc-2.2.5/main.c:509:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (params->dumpnum) sprintf(picname,"%s-%d.png",
data/gdpc-2.2.5/main.c:511:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(picname,"%s-%5.3f.png",
data/gdpc-2.2.5/main.c:519:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (params->dumpnum) sprintf(picname,"%s-%d.jpg",
data/gdpc-2.2.5/main.c:522:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(picname,"%s-%5.3f.jpg",
data/gdpc-2.2.5/main.c:638:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"gdpc "GDPCVER" : %s",params->file);
data/gdpc-2.2.5/main.c:971:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params.timedelim,TIMESTRING);
data/gdpc-2.2.5/readinput.c:112:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
n=sscanf(buf,"%s %s %s %s %s %s %s %s %s %s %s %s %s"
data/gdpc-2.2.5/readinput.c:121:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) timestr,(char *) arg[i-1]);
data/gdpc-2.2.5/readinput.c:151:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
n=sscanf(buf,"%s %s %s %s %s %s %s %s %s %s %s %s %s"
data/gdpc-2.2.5/readinput.c:175:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(AType[numtypes],arg[0]);
data/gdpc-2.2.5/readinput.c:275:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
n=sscanf(buf,"%s %s %s %s %s %s %s %s %s %s %s %s %s "
data/gdpc-2.2.5/setup.c:97:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->file,"%s",gtk_entry_get_text(GTK_ENTRY (file_entry)));
data/gdpc-2.2.5/setup.c:152:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->fstring,"%s",gtk_entry_get_text(GTK_ENTRY (scol_entry)));
data/gdpc-2.2.5/setup.c:160:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->dumpname,"%s",gtk_entry_get_text(GTK_ENTRY (dump_entry)));
data/gdpc-2.2.5/setup.c:166:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->timedelim,"%s",gtk_entry_get_text(GTK_ENTRY (timedel_entry)));
data/gdpc-2.2.5/setup.c:192:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->file,"%s",gtk_entry_get_text(GTK_ENTRY (file_entry)));
data/gdpc-2.2.5/setup.c:246:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->fstring,"%s",gtk_entry_get_text(GTK_ENTRY (scol_entry)));
data/gdpc-2.2.5/setup.c:254:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(params->dumpname,"%s",gtk_entry_get_text(GTK_ENTRY (dump_entry)));
data/gdpc-2.2.5/main.c:107:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
NewFP=fopen(params->file,"r");
data/gdpc-2.2.5/main.c:300:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xstr[64];
data/gdpc-2.2.5/main.c:330:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xstr, "X: %5.3f Y: %5.3f",
data/gdpc-2.2.5/main.c:371:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
params->fp=fopen(params->file,"r");
data/gdpc-2.2.5/main.c:426:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[64];
data/gdpc-2.2.5/main.c:427:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char picname[128];
data/gdpc-2.2.5/main.c:428:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pictype[16];
data/gdpc-2.2.5/main.c:480:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"X: %4.3f - %4.3f",
data/gdpc-2.2.5/main.c:484:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"Y: %4.3f - %4.3f",
data/gdpc-2.2.5/main.c:488:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"Z: %4.3f - %4.3f",
data/gdpc-2.2.5/main.c:493:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"Time: %5.3f fs",FrameTime);
data/gdpc-2.2.5/main.c:508:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pictype,"png");
data/gdpc-2.2.5/main.c:518:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pictype,"jpeg");
data/gdpc-2.2.5/main.c:573:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"X angle: %f",params->xc);
data/gdpc-2.2.5/main.c:575:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"Y angle: %f",params->yc);
data/gdpc-2.2.5/main.c:577:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tstr,"Z angle: %f",params->zc);
data/gdpc-2.2.5/main.c:632:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/gdpc-2.2.5/main.c:830:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
params->fp=fopen(params->file,"r");
data/gdpc-2.2.5/readinput.c:121:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcpy((char *) timestr,(char *) arg[i-1]);
data/gdpc-2.2.5/readinput.c:121:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcpy((char *) timestr,(char *) arg[i-1]);
data/gdpc-2.2.5/setup.c:304:5: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp=fopen(gtk_entry_get_text(GTK_ENTRY (file_entry)),"r");
data/gdpc-2.2.5/init.c:111:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(c,argv[argl+1],strlen(argv[argl+1]));
data/gdpc-2.2.5/init.c:111:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(c,argv[argl+1],strlen(argv[argl+1]));
data/gdpc-2.2.5/init.c:112:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c[strlen(argv[argl+1])] = '\0';
data/gdpc-2.2.5/main.c:369:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(params->file)>0) {
data/gdpc-2.2.5/setup.c:301:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(gtk_entry_get_text(GTK_ENTRY (file_entry))) > 0
data/gdpc-2.2.5/setup.c:302:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!usescol || strlen(gtk_entry_get_text(GTK_ENTRY (scol_entry))) > 0)
data/gdpc-2.2.5/setup.c:303:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (!usedump || strlen(gtk_entry_get_text(GTK_ENTRY (dump_entry))) > 0) ) {
data/gdpc-2.2.5/setup.c:1096:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(params->dumpname)==0) gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (dumpcheck), TRUE);
data/gdpc-2.2.5/setup.c:1103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(params->dumpname)>0 && params->tifjpg) {
data/gdpc-2.2.5/setup.c:1112:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(params->dumpname)>0 && !params->tifjpg) {
ANALYSIS SUMMARY:
Hits = 54
Lines analyzed = 4270 in approximately 0.20 seconds (21154 lines/second)
Physical Source Lines of Code (SLOC) = 3079
Hits@level = [0] 205 [1] 10 [2] 21 [3] 0 [4] 23 [5] 0
Hits@level+ = [0+] 259 [1+] 54 [2+] 44 [3+] 23 [4+] 23 [5+] 0
Hits/KSLOC@level+ = [0+] 84.1182 [1+] 17.5382 [2+] 14.2904 [3+] 7.46996 [4+] 7.46996 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.