Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/hodie-1.5.0/src/version.c
Examining data/hodie-1.5.0/src/includes.h
Examining data/hodie-1.5.0/src/hodie.h
Examining data/hodie-1.5.0/src/help.c
Examining data/hodie-1.5.0/src/date_to_roman.c
Examining data/hodie-1.5.0/src/strings.h
Examining data/hodie-1.5.0/src/to_roman_numerals.c
Examining data/hodie-1.5.0/src/to_roman.c
Examining data/hodie-1.5.0/src/version.h
Examining data/hodie-1.5.0/src/isleap.c
Examining data/hodie-1.5.0/src/parse_date.c
Examining data/hodie-1.5.0/src/to_roman.h
Examining data/hodie-1.5.0/src/hodie.c

FINAL RESULTS:

data/hodie-1.5.0/src/date_to_roman.c:244:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s,"%s %s %s",terse[kni],month_terse[month], 
data/hodie-1.5.0/src/date_to_roman.c:252:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s",pripost_terse[POS],terse[kni],
data/hodie-1.5.0/src/date_to_roman.c:258:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s",pripost_terse[PR],terse[kni],
data/hodie-1.5.0/src/date_to_roman.c:268:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(s,"%s %s %s %s bis %s",pripost_terse[AD], 
data/hodie-1.5.0/src/date_to_roman.c:274:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(s,"%s %s %s bis %s", numeral, terse[kni],
data/hodie-1.5.0/src/date_to_roman.c:284:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(s,"%s %s %s %s %s",pripost_terse[AD], 
data/hodie-1.5.0/src/date_to_roman.c:288:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(s,"%s %s %s %s", numeral, terse[kni],
data/hodie-1.5.0/src/date_to_roman.c:308:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s,"%s %s %s",abl[kni],month_abl[month],num_year);
data/hodie-1.5.0/src/date_to_roman.c:315:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s",pripost[POS],ack[kni],
data/hodie-1.5.0/src/date_to_roman.c:321:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s",pripost[PR],ack[kni],
data/hodie-1.5.0/src/date_to_roman.c:342:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s bis %s", pripost[AD], numeral, 
data/hodie-1.5.0/src/date_to_roman.c:345:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s bis %s", numeral, 
data/hodie-1.5.0/src/date_to_roman.c:352:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s %s", pripost[AD], numeral, ack[kni],
data/hodie-1.5.0/src/date_to_roman.c:355:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"%s %s %s %s", numeral, ack[kni],
data/hodie-1.5.0/src/to_roman.c:227:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s %s et %s", tmp1, milia[m.casus], tmp);
data/hodie-1.5.0/src/to_roman.c:229:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s %s %s", tmp1, milia[m.casus], tmp);
data/hodie-1.5.0/src/to_roman.c:237:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "mille et %s", tmp);
data/hodie-1.5.0/src/to_roman.c:239:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "mille %s", tmp);
data/hodie-1.5.0/src/to_roman.c:246:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s%s et %s", cent[(n-(n%100))/100], 
data/hodie-1.5.0/src/to_roman.c:249:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s%s %s", cent[(n-(n%100))/100], 
data/hodie-1.5.0/src/to_roman.c:258:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s et %s", cent[1], tmp);
data/hodie-1.5.0/src/to_roman.c:260:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s %s", cent[1], tmp);	    
data/hodie-1.5.0/src/to_roman.c:267:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s et %s", one[n%10], ten[9]);
data/hodie-1.5.0/src/to_roman.c:269:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s %s", one[n%10], ten[9]);
data/hodie-1.5.0/src/to_roman.c:277:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s", ten[n/10]);
data/hodie-1.5.0/src/to_roman.c:281:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s et %s", 
data/hodie-1.5.0/src/to_roman.c:284:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s %s", ten[(n-1)/10], 
data/hodie-1.5.0/src/to_roman.c:289:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s et %s", 
data/hodie-1.5.0/src/to_roman.c:292:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s %s", ten[(n-1)/10], 
data/hodie-1.5.0/src/to_roman.c:297:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s et %s", 
data/hodie-1.5.0/src/to_roman.c:300:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s %s", ten[(n-1)/10], 
data/hodie-1.5.0/src/to_roman.c:304:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s%s", duode[1], ten[(n+2)/10]);
data/hodie-1.5.0/src/to_roman.c:307:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s%s", duode[0], ten[(n+1)/10]);
data/hodie-1.5.0/src/to_roman.c:311:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s et %s", one[n%10],ten[(n-(n%10))/10]);
data/hodie-1.5.0/src/to_roman.c:313:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(str,"%s %s", ten[(n-(n%10))/10], one[n%10]);
data/hodie-1.5.0/src/to_roman.c:323:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s", unus[15*m.numerus+3*m.casus+m.genus]);
data/hodie-1.5.0/src/to_roman.c:326:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s", duo[3*m.casus+m.genus]);
data/hodie-1.5.0/src/to_roman.c:329:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s", tres[3*m.casus+m.genus]);
data/hodie-1.5.0/src/to_roman.c:332:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s%s", duode[1], ten[2]);
data/hodie-1.5.0/src/to_roman.c:335:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s%s", duode[0], ten[2]);
data/hodie-1.5.0/src/to_roman.c:338:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s", one[n]);
data/hodie-1.5.0/src/to_roman.c:353:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str,"%s%s",primus[n],regular[m.numerus*15+m.casus*3+m.genus]);
data/hodie-1.5.0/src/to_roman.c:358:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str,"%s%s %s%s",decimus[1],
data/hodie-1.5.0/src/to_roman.c:370:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s %s%s", tmp, millesimus, 
data/hodie-1.5.0/src/to_roman.c:375:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str, "%s%s", millesimus, 
data/hodie-1.5.0/src/to_roman.c:385:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s %s%s %s", tmp1, millesimus,
data/hodie-1.5.0/src/to_roman.c:390:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(str,"%s%s %s", millesimus,
data/hodie-1.5.0/src/to_roman.c:400:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(tmp1,"%s%s",centesimus[(n-(n%100))/100],
data/hodie-1.5.0/src/to_roman.c:403:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s %s",tmp1, tmp);
data/hodie-1.5.0/src/to_roman.c:405:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s",tmp1);
data/hodie-1.5.0/src/to_roman.c:412:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s%s%s",duode[9-n%10],decimus[(n+(10-n%10))/10],
data/hodie-1.5.0/src/to_roman.c:418:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s%s",decimus[n/10],
data/hodie-1.5.0/src/to_roman.c:422:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str,"%s%s %s%s",decimus[(n-(n%10))/10],
data/hodie-1.5.0/src/to_roman.c:446:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str,"%s",milies);    
data/hodie-1.5.0/src/to_roman.c:455:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s %s %s",tmp1, milies, tmp);
data/hodie-1.5.0/src/to_roman.c:457:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s %s",tmp1, milies);
data/hodie-1.5.0/src/to_roman.c:467:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str, "%s %s", centies[n_hi], tmp);
data/hodie-1.5.0/src/to_roman.c:475:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str,"%s",decies[n/10]);
data/hodie-1.5.0/src/to_roman.c:484:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s et %s", semel[n%10], decies[(n-(n%10))/10]);
data/hodie-1.5.0/src/to_roman.c:488:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(str, "%s%s", duode[9-(n%10)], decies[(n+10-(n%10))/10]);
data/hodie-1.5.0/src/to_roman.c:493:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(str,"%s", semel[n]);
data/hodie-1.5.0/src/to_roman_numerals.c:15:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str,"%s",naught);
data/hodie-1.5.0/src/to_roman_numerals.c:33:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(str, "%s%s%s%s",mils[m],cents[c],tens[t],ones[o]);
data/hodie-1.5.0/src/hodie.c:56:13:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
        c = getopt_long(argc, argv, 
data/hodie-1.5.0/src/date_to_roman.c:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char numeral[80], num_year[80];
data/hodie-1.5.0/src/hodie.c:9:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sec[16],min[16],hrs[16],day[16],mon[16],year[16],verbose[80],datetype[16],dateval[16];
data/hodie-1.5.0/src/hodie.c:102:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                auc_base = atoi(optarg);
data/hodie-1.5.0/src/hodie.c:106:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                p_ts->tm_year = atoi(optarg);
data/hodie-1.5.0/src/hodie.c:110:32:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                p_ts->tm_mon = atoi(optarg)-1; // 0-indexed months
data/hodie-1.5.0/src/hodie.c:114:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                p_ts->tm_mday = atoi(optarg);
data/hodie-1.5.0/src/to_roman.c:3:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *unus[32]={
data/hodie-1.5.0/src/to_roman.c:16:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *duo[16]={
data/hodie-1.5.0/src/to_roman.c:23:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *tres[16]={
data/hodie-1.5.0/src/to_roman.c:30:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *duode[2]={"unde","duode"};
data/hodie-1.5.0/src/to_roman.c:32:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *one[20]={"",
data/hodie-1.5.0/src/to_roman.c:51:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *ten[15]={"",
data/hodie-1.5.0/src/to_roman.c:62:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *cent[15]={"",
data/hodie-1.5.0/src/to_roman.c:73:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *regular[32]={"us","a","um",
data/hodie-1.5.0/src/to_roman.c:85:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *milia[16]={"milia",
data/hodie-1.5.0/src/to_roman.c:91:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *primus[13]={"",
data/hodie-1.5.0/src/to_roman.c:210:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[80], tmp1[80];
data/hodie-1.5.0/src/to_roman.c:349:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[80], tmp1[80];
data/hodie-1.5.0/src/to_roman.c:431:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(str,"Distributives coming soon");
data/hodie-1.5.0/src/to_roman.c:437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[80], tmp1[80];
data/hodie-1.5.0/src/hodie.c:95:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(datetype,optarg,16);
data/hodie-1.5.0/src/hodie.c:134:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(dateval,argv[optind++],16);
data/hodie-1.5.0/src/to_roman.c:217:2:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
	sprintf(str, " ");

ANALYSIS SUMMARY:

Hits = 87
Lines analyzed = 1260 in approximately 0.13 seconds (9862 lines/second)
Physical Source Lines of Code (SLOC) = 1132
Hits@level = [0]  31 [1]   3 [2]  20 [3]   1 [4]  63 [5]   0
Hits@level+ = [0+] 118 [1+]  87 [2+]  84 [3+]  64 [4+]  63 [5+]   0
Hits/KSLOC@level+ = [0+] 104.24 [1+] 76.8551 [2+] 74.2049 [3+] 56.5371 [4+] 55.6537 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.