Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gtans-1.99.0/src/callbacks.c
Examining data/gtans-1.99.0/src/callbacks.h
Examining data/gtans-1.99.0/src/interface.c
Examining data/gtans-1.99.0/src/interface.h
Examining data/gtans-1.99.0/src/main.c
Examining data/gtans-1.99.0/src/main.h
Examining data/gtans-1.99.0/src/support.c
Examining data/gtans-1.99.0/src/support.h

FINAL RESULTS:

data/gtans-1.99.0/src/callbacks.c:309:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf (helpfile, 1023, HELPFILE_PATH, filext);
data/gtans-1.99.0/src/callbacks.c:310:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf (helpfiledef, 1023, HELPFILE_PATH, "");
data/gtans-1.99.0/src/main.c:196:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(*pnt,name);
data/gtans-1.99.0/src/main.c:990:35:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
#define SPESC if (lres==1) lres = fscanf
data/gtans-1.99.0/src/main.c:1134:38:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define SPEPRINT if (lres>=0) lres = fprintf
data/gtans-1.99.0/src/main.c:1234:49:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
#define SPESCAN if ( lres!=EOF && lres ) lres = fscanf
data/gtans-1.99.0/src/support.c:150:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy (full_filename, directory);
data/gtans-1.99.0/src/support.c:151:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat (full_filename, G_DIR_SEPARATOR_S);
data/gtans-1.99.0/src/support.c:152:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat (full_filename, filename);
data/gtans-1.99.0/src/main.c:1855:27:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
  usergtdir = g_strconcat(g_get_home_dir(), G_DIR_SEPARATOR_S USERHOMEDIR, NULL);
data/gtans-1.99.0/src/callbacks.c:293:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[1024];
data/gtans-1.99.0/src/callbacks.c:295:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char helpfile[1024], *helpfile_ext;
data/gtans-1.99.0/src/callbacks.c:296:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char helpfiledef[1024];
data/gtans-1.99.0/src/callbacks.c:297:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filext[4];
data/gtans-1.99.0/src/callbacks.c:312:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (hlpfile=fopen(helpfile,"r"))!=NULL ||
data/gtans-1.99.0/src/callbacks.c:313:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
       (hlpfile=fopen(helpfiledef,"r"))!=NULL ) {
data/gtans-1.99.0/src/main.c:122:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *dumtabpxnam[3],**tabpxnam=dumtabpxnam-PXSTART;
data/gtans-1.99.0/src/main.c:936:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (hand = fopen(statusfilename, "r"))!=NULL ){
data/gtans-1.99.0/src/main.c:958:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( (hand = fopen(statusfilename, "w"))!=NULL ){
data/gtans-1.99.0/src/main.c:976:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[100];
data/gtans-1.99.0/src/main.c:1002:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
 if ( (hand = fopen(name, "r"))!=NULL &&
data/gtans-1.99.0/src/main.c:1143:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (hand=fopen(userconf, "w"))!=NULL){
data/gtans-1.99.0/src/main.c:1238:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dumname[1024]; 
data/gtans-1.99.0/src/main.c:1247:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (hand = fopen(filename, "r"))!=NULL &&
data/gtans-1.99.0/src/main.c:1254:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(dumname, "ErrorInConfigFile");
data/gtans-1.99.0/src/main.c:1285:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(dumname, "ErrorInConfigFile");
data/gtans-1.99.0/src/main.c:1827:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
 if ( (hand=fopen("pouet.fig", "w"))!=NULL){
data/gtans-1.99.0/src/callbacks.c:308:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy (filext, helpfile_ext, 2);
data/gtans-1.99.0/src/main.c:195:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *pnt=(char *)g_malloc(strlen(name)+1);
data/gtans-1.99.0/src/main.c:938:12:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if ( fgetc(hand)=='y' )
data/gtans-1.99.0/src/main.c:980:13:  [1] (buffer) fscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
    *lres = fscanf(fhd, "%99s",buf);
data/gtans-1.99.0/src/support.c:148:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  full_filename = (gchar*) g_malloc (strlen (directory) + 1
data/gtans-1.99.0/src/support.c:149:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     + strlen (filename) + 1);

ANALYSIS SUMMARY:

Hits = 33
Lines analyzed = 4484 in approximately 0.68 seconds (6588 lines/second)
Physical Source Lines of Code (SLOC) = 3357
Hits@level = [0]   7 [1]   6 [2]  17 [3]   1 [4]   9 [5]   0
Hits@level+ = [0+]  40 [1+]  33 [2+]  27 [3+]  10 [4+]   9 [5+]   0
Hits/KSLOC@level+ = [0+] 11.9154 [1+] 9.83021 [2+] 8.0429 [3+] 2.97885 [4+] 2.68097 [5+]   0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.