Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kmflcomp-11.0.101/include/kmfl.h
Examining data/kmflcomp-11.0.101/include/kmflcomp.h
Examining data/kmflcomp-11.0.101/include/kmflutfconv.h
Examining data/kmflcomp-11.0.101/kmfl_compiler/kmfl_compiler.c
Examining data/kmflcomp-11.0.101/src/compiler.h
Examining data/kmflcomp-11.0.101/src/kmflcomp.c
Examining data/kmflcomp-11.0.101/src/lex.c
Examining data/kmflcomp-11.0.101/src/memman.c
Examining data/kmflcomp-11.0.101/src/memman.h
Examining data/kmflcomp-11.0.101/src/utfconv.c
Examining data/kmflcomp-11.0.101/src/yacc.c
Examining data/kmflcomp-11.0.101/src/yacc.h

FINAL RESULTS:

data/kmflcomp-11.0.101/src/compiler.h:161:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define snprintf _snprintf
data/kmflcomp-11.0.101/src/compiler.h:161:18:  [4] (format) _snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define snprintf _snprintf
data/kmflcomp-11.0.101/src/compiler.h:162:9:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define vsnprintf _vsnprintf
data/kmflcomp-11.0.101/src/kmflcomp.c:80:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(outfile,infile); pdot = rindex(outfile,'.');
data/kmflcomp-11.0.101/src/kmflcomp.c:142:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(ftmp,infile); strcat(ftmp,".kmn");
data/kmflcomp-11.0.101/src/kmflcomp.c:1004:16:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	*p = (char)q; strcpy(p+1, sp);
data/kmflcomp-11.0.101/src/kmflcomp.c:1207:2:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	vsnprintf(t,511,s,v1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1227:2:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	vsnprintf(t,511,s,v1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1245:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stderr,fmt,args);
data/kmflcomp-11.0.101/src/kmflcomp.c:1256:2:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vfprintf(stderr,s,v1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1275:2:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	vsnprintf(t,511,s,v1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1474:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(bmp_path+(p-fname+1),tname);
data/kmflcomp-11.0.101/src/kmflcomp.c:1479:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(bmp_path,tname);
data/kmflcomp-11.0.101/src/kmflcomp.c:1504:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(icons_path+(p-fname+1+6),tname);
data/kmflcomp-11.0.101/src/kmflcomp.c:1509:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(icons_path, bmp_path);
data/kmflcomp-11.0.101/src/memman.c:116:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(s, str);
data/kmflcomp-11.0.101/src/yacc.c:846:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define YYFPRINTF fprintf
data/kmflcomp-11.0.101/kmfl_compiler/kmfl_compiler.c:63:13:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
	while((opt=getopt(argc,argv,"dfhVvy"))!=EOF) 
data/kmflcomp-11.0.101/include/kmfl.h:149:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char id[4]; 						// always KMFL
data/kmflcomp-11.0.101/include/kmfl.h:150:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char version[5];				// keyboard version(4) and file version(1)
data/kmflcomp-11.0.101/include/kmfl.h:151:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[NAMELEN+1];			// utf8 version of keyboard name
data/kmflcomp-11.0.101/include/kmfl.h:169:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char kbd_name[NAMELEN+1];		// name of currently attached keyboard
data/kmflcomp-11.0.101/src/compiler.h:21:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[NAMELEN+1];		// name of deadkey
data/kmflcomp-11.0.101/src/compiler.h:29:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[NAMELEN+1];		// name of store
data/kmflcomp-11.0.101/src/compiler.h:52:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[NAMELEN+1];				// name of group
data/kmflcomp-11.0.101/src/compiler.h:67:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char id[4]; 					// always KMFL
data/kmflcomp-11.0.101/src/compiler.h:68:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char version[5];			// initially 1000
data/kmflcomp-11.0.101/src/compiler.h:69:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[NAMELEN+1];		// utf8 version of keyboard name
data/kmflcomp-11.0.101/src/kmflcomp.c:52:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char Version[6]=BASE_VERSION FILE_VERSION;	// Concatenate keyboard version and file version
data/kmflcomp-11.0.101/src/kmflcomp.c:81:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	if(pdot) strcpy(pdot, ".kmfl"); else strcat(outfile,".kmfl");
data/kmflcomp-11.0.101/src/kmflcomp.c:81:39:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	if(pdot) strcpy(pdot, ".kmfl"); else strcat(outfile,".kmfl");
data/kmflcomp-11.0.101/src/kmflcomp.c:85:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if((out=open(outfile,O_WRONLY|O_BINARY|O_CREAT|O_TRUNC,00666)) < 0) return(-2);
data/kmflcomp-11.0.101/src/kmflcomp.c:137:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	yyin =  fopen(infile,"r");
data/kmflcomp-11.0.101/src/kmflcomp.c:142:24:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcpy(ftmp,infile); strcat(ftmp,".kmn");
data/kmflcomp-11.0.101/src/kmflcomp.c:143:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		yyin = fopen(ftmp,"r");
data/kmflcomp-11.0.101/src/kmflcomp.c:255:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer+(*bufsize), chunk, chunk_size);
data/kmflcomp-11.0.101/src/kmflcomp.c:284:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&xkbd,kbp,sizeof(XKEYBOARD));	
data/kmflcomp-11.0.101/src/kmflcomp.c:287:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&xkbd.id,"KMFL",4);
data/kmflcomp-11.0.101/src/kmflcomp.c:288:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&xkbd.version,Version,5);
data/kmflcomp-11.0.101/src/kmflcomp.c:1045:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char temp[256];
data/kmflcomp-11.0.101/src/kmflcomp.c:1057:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sp += sprintf(sp,"[0x%x]",(*p&0xffffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1062:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[key %x,0x%x]",(*p&0xff0000)>>16,(*p&0xff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1065:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[any %u]",(unsigned)(*p&0xffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1068:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[index %d,%u]",(*p&0xff0000)>>16,(*p&0xffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1071:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[outs %u]",(*p&0xffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1074:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[dk %u]",(*p&0xffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1078:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sp += sprintf(sp,"[context %u]",(*p&0xff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1080:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sp += sprintf(sp,"[context]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1083:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[nul]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1086:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[return]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1089:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[beep]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1092:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[use %u]",(*p&0xffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1095:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[match]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1098:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[nomatch]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1101:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[+]");
data/kmflcomp-11.0.101/src/kmflcomp.c:1104:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sp += sprintf(sp,"[use %u]",(*p&0xffff));
data/kmflcomp-11.0.101/src/kmflcomp.c:1169:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(Version,"%4.4d%1.1s",kbver,FILE_VERSION);
data/kmflcomp-11.0.101/src/kmflcomp.c:1203:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char t[512];
data/kmflcomp-11.0.101/src/kmflcomp.c:1221:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char t[512];
data/kmflcomp-11.0.101/src/kmflcomp.c:1269:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char t[512];
data/kmflcomp-11.0.101/src/kmflcomp.c:1430:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *p, *ptr, tname[128];
data/kmflcomp-11.0.101/src/kmflcomp.c:1484:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(bmp_path,".png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1503:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(icons_path+(p-fname+1),"icons/");
data/kmflcomp-11.0.101/src/kmflcomp.c:1508:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(icons_path,"icons/");
data/kmflcomp-11.0.101/src/kmflcomp.c:1518:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(bmp_path,".bmp");
data/kmflcomp-11.0.101/src/kmflcomp.c:1523:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
			strcat(icons_path,".bmp");
data/kmflcomp-11.0.101/src/kmflcomp.c:1529:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(bmp_path+strlen(bmp_path)-4,".png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1535:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(icons_path+strlen(icons_path)-4,".png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1541:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(bmp_path+strlen(bmp_path)-4,".ico.png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1549:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(bmp_path, ".png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1589:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char t8[2048];
data/kmflcomp-11.0.101/src/kmflcomp.c:1593:10:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
	if((fp8=tmpfile()) == NULL) return NULL;
data/kmflcomp-11.0.101/src/kmflcomp.c:1627:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char FileName[MAX_PATH], KeyboardName[32];
data/kmflcomp-11.0.101/src/lex.c:1775:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
{yylval.number=atoi(yytext+1);return(TOK_NUMBER);}
data/kmflcomp-11.0.101/src/yacc.c:1092:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/kmflcomp-11.0.101/src/yacc.c:1279:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char yymsgbuf[128];
data/kmflcomp-11.0.101/src/yacc.c:1937:52:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			(yyval.number) = MAKE_PARAMETER_ITEM(ITEM_INDEX,atoi((yyvsp[-1].string)),n);
data/kmflcomp-11.0.101/src/yacc.c:1984:43:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		(yyval.number) = MAKE_ITEM(ITEM_CONTEXT,atoi((yyvsp[-1].string)));
data/kmflcomp-11.0.101/src/kmflcomp.c:77:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	n = strlen(infile)+6;
data/kmflcomp-11.0.101/src/kmflcomp.c:141:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		ftmp = (char *)checked_alloc(strlen(infile)+6,1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1002:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	n = strlen(sp);
data/kmflcomp-11.0.101/src/kmflcomp.c:1016:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	n = strlen(sp);
data/kmflcomp-11.0.101/src/kmflcomp.c:1296:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(dst, src, len);
data/kmflcomp-11.0.101/src/kmflcomp.c:1300:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(src) > len)
data/kmflcomp-11.0.101/src/kmflcomp.c:1330:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(str) > 3)
data/kmflcomp-11.0.101/src/kmflcomp.c:1472:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		bmp_path = (char *)checked_alloc((p-fname+1)+strlen(tname)+10,1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1473:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(bmp_path,fname,p-fname+1); 
data/kmflcomp-11.0.101/src/kmflcomp.c:1478:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		bmp_path = (char *)checked_alloc(strlen(tname)+10,1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1482:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strncmp(bmp_path+strlen(bmp_path)-4, ".ico", 4) == 0)
data/kmflcomp-11.0.101/src/kmflcomp.c:1499:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		icons_path = (char *)checked_alloc(strlen(bmp_path)+12,1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1502:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(icons_path,fname,p-fname+1);
data/kmflcomp-11.0.101/src/kmflcomp.c:1529:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			strcpy(bmp_path+strlen(bmp_path)-4,".png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1535:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			strcpy(icons_path+strlen(icons_path)-4,".png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1541:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			strcpy(bmp_path+strlen(bmp_path)-4,".ico.png");
data/kmflcomp-11.0.101/src/kmflcomp.c:1570:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		titems = (UTF32 *)checked_alloc(strlen(p)+1,sizeof(UTF32));
data/kmflcomp-11.0.101/src/kmflcomp.c:1572:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		IConvertUTF8toUTF32((const UTF8 **)&p2,(UTF8*)(p+strlen(p)),(UTF32 **)&p1,p1+strlen(p));
data/kmflcomp-11.0.101/src/kmflcomp.c:1572:80:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		IConvertUTF8toUTF32((const UTF8 **)&p2,(UTF8*)(p+strlen(p)),(UTF32 **)&p1,p1+strlen(p));
data/kmflcomp-11.0.101/src/lex.c:1325:14:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			     (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/kmflcomp-11.0.101/src/lex.c:3562:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return yy_scan_bytes( yystr, (int) strlen(yystr) );
data/kmflcomp-11.0.101/src/memman.c:113:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    s= mem_alloc(strlen(str) + 1);
data/kmflcomp-11.0.101/src/yacc.c:992:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#   define yystrlen strlen

ANALYSIS SUMMARY:

Hits = 101
Lines analyzed = 8866 in approximately 0.57 seconds (15440 lines/second)
Physical Source Lines of Code (SLOC) = 6777
Hits@level = [0]  27 [1]  23 [2]  60 [3]   1 [4]  17 [5]   0
Hits@level+ = [0+] 128 [1+] 101 [2+]  78 [3+]  18 [4+]  17 [5+]   0
Hits/KSLOC@level+ = [0+] 18.8874 [1+] 14.9033 [2+] 11.5095 [3+] 2.65604 [4+] 2.50848 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.