Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gdpc-2.2.5/tooltips.h Examining data/gdpc-2.2.5/colors.c Examining data/gdpc-2.2.5/drawatoms.c Examining data/gdpc-2.2.5/sort.c Examining data/gdpc-2.2.5/init.c Examining data/gdpc-2.2.5/main.c Examining data/gdpc-2.2.5/parameters.h Examining data/gdpc-2.2.5/readinput.c Examining data/gdpc-2.2.5/rotate.c Examining data/gdpc-2.2.5/setup.c FINAL RESULTS: data/gdpc-2.2.5/init.c:221:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. control=sscanf(argv[argl+2],"%s",params->timedelim); data/gdpc-2.2.5/init.c:331:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(argv[argl+3],"%s",params->fstring); data/gdpc-2.2.5/init.c:335:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. control=sscanf(argv[argl+2],"%s",params->dumpname); data/gdpc-2.2.5/init.c:345:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. control=sscanf(argv[argl+2],"%s",params->dumpname); data/gdpc-2.2.5/init.c:396:14: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. control=sscanf(c,"%s",params->file); data/gdpc-2.2.5/main.c:509:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. if (params->dumpnum) sprintf(picname,"%s-%d.png", data/gdpc-2.2.5/main.c:511:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. else sprintf(picname,"%s-%5.3f.png", data/gdpc-2.2.5/main.c:519:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. if (params->dumpnum) sprintf(picname,"%s-%d.jpg", data/gdpc-2.2.5/main.c:522:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. else sprintf(picname,"%s-%5.3f.jpg", data/gdpc-2.2.5/main.c:638:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"gdpc "GDPCVER" : %s",params->file); data/gdpc-2.2.5/main.c:971:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(params.timedelim,TIMESTRING); data/gdpc-2.2.5/readinput.c:112:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. n=sscanf(buf,"%s %s %s %s %s %s %s %s %s %s %s %s %s" data/gdpc-2.2.5/readinput.c:121:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *) timestr,(char *) arg[i-1]); data/gdpc-2.2.5/readinput.c:151:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. n=sscanf(buf,"%s %s %s %s %s %s %s %s %s %s %s %s %s" data/gdpc-2.2.5/readinput.c:175:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(AType[numtypes],arg[0]); data/gdpc-2.2.5/readinput.c:275:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. n=sscanf(buf,"%s %s %s %s %s %s %s %s %s %s %s %s %s " data/gdpc-2.2.5/setup.c:97:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->file,"%s",gtk_entry_get_text(GTK_ENTRY (file_entry))); data/gdpc-2.2.5/setup.c:152:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->fstring,"%s",gtk_entry_get_text(GTK_ENTRY (scol_entry))); data/gdpc-2.2.5/setup.c:160:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->dumpname,"%s",gtk_entry_get_text(GTK_ENTRY (dump_entry))); data/gdpc-2.2.5/setup.c:166:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->timedelim,"%s",gtk_entry_get_text(GTK_ENTRY (timedel_entry))); data/gdpc-2.2.5/setup.c:192:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->file,"%s",gtk_entry_get_text(GTK_ENTRY (file_entry))); data/gdpc-2.2.5/setup.c:246:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->fstring,"%s",gtk_entry_get_text(GTK_ENTRY (scol_entry))); data/gdpc-2.2.5/setup.c:254:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(params->dumpname,"%s",gtk_entry_get_text(GTK_ENTRY (dump_entry))); data/gdpc-2.2.5/main.c:107:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). NewFP=fopen(params->file,"r"); data/gdpc-2.2.5/main.c:300:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xstr[64]; data/gdpc-2.2.5/main.c:330:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(xstr, "X: %5.3f Y: %5.3f", data/gdpc-2.2.5/main.c:371:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). params->fp=fopen(params->file,"r"); data/gdpc-2.2.5/main.c:426:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[64]; data/gdpc-2.2.5/main.c:427:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char picname[128]; data/gdpc-2.2.5/main.c:428:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pictype[16]; data/gdpc-2.2.5/main.c:480:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"X: %4.3f - %4.3f", data/gdpc-2.2.5/main.c:484:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"Y: %4.3f - %4.3f", data/gdpc-2.2.5/main.c:488:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"Z: %4.3f - %4.3f", data/gdpc-2.2.5/main.c:493:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"Time: %5.3f fs",FrameTime); data/gdpc-2.2.5/main.c:508:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pictype,"png"); data/gdpc-2.2.5/main.c:518:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pictype,"jpeg"); data/gdpc-2.2.5/main.c:573:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"X angle: %f",params->xc); data/gdpc-2.2.5/main.c:575:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"Y angle: %f",params->yc); data/gdpc-2.2.5/main.c:577:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tstr,"Z angle: %f",params->zc); data/gdpc-2.2.5/main.c:632:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/gdpc-2.2.5/main.c:830:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). params->fp=fopen(params->file,"r"); data/gdpc-2.2.5/readinput.c:121:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcpy((char *) timestr,(char *) arg[i-1]); data/gdpc-2.2.5/readinput.c:121:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcpy((char *) timestr,(char *) arg[i-1]); data/gdpc-2.2.5/setup.c:304:5: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen(gtk_entry_get_text(GTK_ENTRY (file_entry)),"r"); data/gdpc-2.2.5/init.c:111:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(c,argv[argl+1],strlen(argv[argl+1])); data/gdpc-2.2.5/init.c:111:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(c,argv[argl+1],strlen(argv[argl+1])); data/gdpc-2.2.5/init.c:112:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c[strlen(argv[argl+1])] = '\0'; data/gdpc-2.2.5/main.c:369:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(params->file)>0) { data/gdpc-2.2.5/setup.c:301:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(gtk_entry_get_text(GTK_ENTRY (file_entry))) > 0 data/gdpc-2.2.5/setup.c:302:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (!usescol || strlen(gtk_entry_get_text(GTK_ENTRY (scol_entry))) > 0) data/gdpc-2.2.5/setup.c:303:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && (!usedump || strlen(gtk_entry_get_text(GTK_ENTRY (dump_entry))) > 0) ) { data/gdpc-2.2.5/setup.c:1096:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(params->dumpname)==0) gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (dumpcheck), TRUE); data/gdpc-2.2.5/setup.c:1103:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(params->dumpname)>0 && params->tifjpg) { data/gdpc-2.2.5/setup.c:1112:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(params->dumpname)>0 && !params->tifjpg) { ANALYSIS SUMMARY: Hits = 54 Lines analyzed = 4270 in approximately 0.20 seconds (21154 lines/second) Physical Source Lines of Code (SLOC) = 3079 Hits@level = [0] 205 [1] 10 [2] 21 [3] 0 [4] 23 [5] 0 Hits@level+ = [0+] 259 [1+] 54 [2+] 44 [3+] 23 [4+] 23 [5+] 0 Hits/KSLOC@level+ = [0+] 84.1182 [1+] 17.5382 [2+] 14.2904 [3+] 7.46996 [4+] 7.46996 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.