Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_filter_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_erreverb_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/widgets.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/widgets.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/lamp.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/lamp.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_input_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_phaser_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_tube_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_meter_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_testtone_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_delay_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_compressor_gui.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_compressor_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_delay_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_erreverb_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_filter_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_input_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_meter_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_phaser_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_testtone_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_tube_gui.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_phaser.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_testtone.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_tube.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_delay.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_filter.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_filter.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_tube.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_phaser.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_input.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_erreverb.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_testtone.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_input.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_erreverb.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_delay.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/library/common.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/library/common.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_compressor.c
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_compressor.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_meter.h
Examining data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/inv_meter.c
FINAL RESULTS:
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:546:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label,clow);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:579:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label,chigh);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:604:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label,cmid);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:828:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.0fµ%s",value*1000000,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:830:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.0fm%s",value*1000,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:832:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.0f%s",value,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:834:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.0fk%s",value/1000,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:836:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.0fM%s",value/1000000,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:839:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.0f%s",value,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:845:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.3g µ%s",rounded,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:848:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.3g m%s",rounded,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:851:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.3g %s",rounded,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:854:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.3g k%s",rounded,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:857:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.3g M%s",rounded,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:861:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(label,"%0.3g %s",rounded,units);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugin/library/common.c:179:11: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
er->rand=drand48();
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_delay_gui.c:775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char notelabel[8];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_delay_gui.c:795:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(notelabel,"1/%i",(int)pow(2,i));
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_testtone_gui.c:519:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char notelabel[8];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_testtone_gui.c:538:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(notelabel,"%ix ",mul);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_testtone_gui.c:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char notelabel[8];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_testtone_gui.c:761:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(notelabel,"%i",i);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[50];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:385:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Detector And Envelope");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:390:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Audio");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:394:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Detected Signal");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:398:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Envelope");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:439:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Compressor");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:463:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%3idB",-(i*6));
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:467:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%idB",-(i*6));
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:487:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Original");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Compressor.c:491:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Compressed");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:353:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[30];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:446:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Source And Listener Position");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:457:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"(click and drag to move)");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:469:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Room Shape");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:474:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Impulse Response");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:684:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Pre-Delay:");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:689:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%.1fms",min_delay);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:694:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Length:");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:699:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%.1fms",max_delay);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:848:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"Source");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-ErReverb.c:886:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"Listener");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c:359:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string,"%i0Hz",j);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c:362:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string,"%i00Hz",j);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c:365:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string,"%ikHz",j);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c:368:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string,"%i0kHz",j);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-FrequencyGain.c:398:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string,"%3idB",j);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:155:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[0],"20");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:156:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[1],"25");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:157:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[2],"31");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:158:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[3],"40");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:159:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[4],"50");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:160:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[5],"63");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:161:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[6],"80");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:162:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[7],"100");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:163:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[8],"125");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:164:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[9],"160");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:165:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[10],"200");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:166:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[11],"250");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:167:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[12],"315");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:168:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[13],"400");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:169:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[14],"500");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:170:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[15],"630");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:171:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[16],"800");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:172:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[17],"1k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:173:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[18],"1.2k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:174:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[19],"1.6k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:175:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[20],"2k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:176:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[21],"2.5k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:177:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[22],"3.1k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:178:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[23],"4k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:179:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[24],"5k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:180:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[25],"6.3k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:181:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[26],"8k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:182:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[27],"10k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:183:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[28],"12k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:184:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[29],"16k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:185:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(display_spec->label[30],"20k");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[31][6];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[20];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:535:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"Left");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:568:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"Right");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:599:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"Centre");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:878:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Centre");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:880:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%i%% L",pan);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:885:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"Centre");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:887:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%i%% R",pan);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char units[5];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clow[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.h:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmid[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chigh[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.c:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.c:413:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%i",(12*i)-60);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.c:435:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%i",30-(6*i));
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.c:457:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"+%i",(6*i)-60);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-peak.c:459:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label,"%i",(6*i)-60);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c:235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c:305:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"-90");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c:310:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"-45");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c:321:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"45");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c:326:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"90");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[10];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:388:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"VU");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:428:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"20");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:433:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(label,"10");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char character[2];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.h:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char on_text[15];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char off_text[15];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.h:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[15];
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/inv_delay_gui.c:793:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(notelabel,"1");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/display-Spectrograph.c:352:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"0");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:118:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(knob->clow, label, 9);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:121:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(knob->cmid, label, 9);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:124:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(knob->chigh, label, 9);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:145:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(knob->units, units, 4);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:224:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(knob->units,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:225:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(knob->clow,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:226:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(knob->cmid,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:227:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(knob->chigh,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:539:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"L");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/knob.c:572:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"R");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-phase.c:315:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"0");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:438:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"7");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:443:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"5");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:448:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"3");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:453:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"2");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:458:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"1");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:498:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"0");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:502:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"1");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:506:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"2");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/meter-vu.c:510:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label,"3");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:154:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(switch_toggle->on_text,text,14);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:157:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(switch_toggle->off_text,text,14);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:164:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(switch_toggle->label,text,14);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:217:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(switch_toggle->on_text,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:218:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(switch_toggle->off_text,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:219:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(switch_toggle->label,"");
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:238:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(INV_SWITCH_TOGGLE(widget)->label)>0) {
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:282:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(INV_SWITCH_TOGGLE(widget)->label)>0) {
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:377:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
indent = strlen(label)>0 ? 12.0 : 0.0;
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:409:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(label)>0) {
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:424:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
topdent=42.0-(8.0*(float)(strlen(label))/2);
data/invada-studio-plugins-lv2-1.2.0+repack0/plugingui/widgets/switch-toggle.c:425:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(label); i++) {
ANALYSIS SUMMARY:
Hits = 146
Lines analyzed = 20790 in approximately 0.55 seconds (37878 lines/second)
Physical Source Lines of Code (SLOC) = 15703
Hits@level = [0] 0 [1] 34 [2] 96 [3] 1 [4] 15 [5] 0
Hits@level+ = [0+] 146 [1+] 146 [2+] 112 [3+] 16 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 9.29759 [1+] 9.29759 [2+] 7.1324 [3+] 1.01891 [4+] 0.955231 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.