Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/konquest-20.04.3/sector.h
Examining data/konquest-20.04.3/localgame.cpp
Examining data/konquest-20.04.3/Konquest.cc
Examining data/konquest-20.04.3/fleet.h
Examining data/konquest-20.04.3/players/localplayer.cpp
Examining data/konquest-20.04.3/players/player_gui.cpp
Examining data/konquest-20.04.3/players/localplayer.h
Examining data/konquest-20.04.3/players/localplayer_gui.h
Examining data/konquest-20.04.3/players/computerplayer.cpp
Examining data/konquest-20.04.3/players/neutralplayer.cpp
Examining data/konquest-20.04.3/players/player.cpp
Examining data/konquest-20.04.3/players/spectatorplayer.h
Examining data/konquest-20.04.3/players/computerplayer.h
Examining data/konquest-20.04.3/players/neutralplayer.h
Examining data/konquest-20.04.3/players/spectatorplayer_gui.h
Examining data/konquest-20.04.3/players/localplayer_gui.cpp
Examining data/konquest-20.04.3/players/player_gui.h
Examining data/konquest-20.04.3/players/spectatorplayer_gui.cpp
Examining data/konquest-20.04.3/players/player.h
Examining data/konquest-20.04.3/players/ai/becai/becai_gui.h
Examining data/konquest-20.04.3/players/ai/becai/becai_gui.cpp
Examining data/konquest-20.04.3/players/ai/becai/becai.h
Examining data/konquest-20.04.3/players/ai/becai/becai.cpp
Examining data/konquest-20.04.3/players/ai/default/normal.cpp
Examining data/konquest-20.04.3/players/ai/default/hard_gui.cpp
Examining data/konquest-20.04.3/players/ai/default/weak.cpp
Examining data/konquest-20.04.3/players/ai/default/default.cpp
Examining data/konquest-20.04.3/players/ai/default/hard.h
Examining data/konquest-20.04.3/players/ai/default/normal_gui.h
Examining data/konquest-20.04.3/players/ai/default/weak.h
Examining data/konquest-20.04.3/players/ai/default/hard_gui.h
Examining data/konquest-20.04.3/players/ai/default/weak_gui.cpp
Examining data/konquest-20.04.3/players/ai/default/hard.cpp
Examining data/konquest-20.04.3/players/ai/default/normal.h
Examining data/konquest-20.04.3/players/ai/default/normal_gui.cpp
Examining data/konquest-20.04.3/players/ai/default/weak_gui.h
Examining data/konquest-20.04.3/players/ai/default/default.h
Examining data/konquest-20.04.3/players/ai/example/example.cpp
Examining data/konquest-20.04.3/players/ai/example/example_gui.h
Examining data/konquest-20.04.3/players/ai/example/example_gui.cpp
Examining data/konquest-20.04.3/players/ai/example/example.h
Examining data/konquest-20.04.3/players/spectatorplayer.cpp
Examining data/konquest-20.04.3/game.cpp
Examining data/konquest-20.04.3/gameview.h
Examining data/konquest-20.04.3/map/map.h
Examining data/konquest-20.04.3/map/map.cc
Examining data/konquest-20.04.3/map/mapscene.h
Examining data/konquest-20.04.3/map/mapview.cc
Examining data/konquest-20.04.3/map/mapview.h
Examining data/konquest-20.04.3/map/mapitems.cc
Examining data/konquest-20.04.3/map/mapscene.cc
Examining data/konquest-20.04.3/map/mapitems.h
Examining data/konquest-20.04.3/mainwin.h
Examining data/konquest-20.04.3/view/standingswidget.cpp
Examining data/konquest-20.04.3/view/standingswidget.h
Examining data/konquest-20.04.3/mainwin.cc
Examining data/konquest-20.04.3/fleet.cc
Examining data/konquest-20.04.3/sector.cc
Examining data/konquest-20.04.3/dialogs/fleetdlg.h
Examining data/konquest-20.04.3/dialogs/newgamedlg.cc
Examining data/konquest-20.04.3/dialogs/scoredlg.cc
Examining data/konquest-20.04.3/dialogs/scoredlg.h
Examining data/konquest-20.04.3/dialogs/newgamedlg.h
Examining data/konquest-20.04.3/dialogs/fleetdlg.cc
Examining data/konquest-20.04.3/gameview.cc
Examining data/konquest-20.04.3/game.h
Examining data/konquest-20.04.3/minimapview.h
Examining data/konquest-20.04.3/minimapview.cc
Examining data/konquest-20.04.3/planet.cc
Examining data/konquest-20.04.3/localgame.h
Examining data/konquest-20.04.3/images.h
Examining data/konquest-20.04.3/planet.h
FINAL RESULTS:
data/konquest-20.04.3/game.cpp:60:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return Coordinate(random.getLong(x), random.getLong(y));
data/konquest-20.04.3/game.cpp:60:42: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return Coordinate(random.getLong(x), random.getLong(y));
data/konquest-20.04.3/game.cpp:66:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return 0.30 + random.getDouble()*0.60;
data/konquest-20.04.3/game.cpp:72:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return 5 + random.getLong(10);
data/konquest-20.04.3/game.cpp:130:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double attackerRoll = random.getDouble();
data/konquest-20.04.3/game.cpp:131:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double defenderRoll = random.getDouble();
data/konquest-20.04.3/game.h:96:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static KRandomSequence random;
ANALYSIS SUMMARY:
Hits = 7
Lines analyzed = 7346 in approximately 0.48 seconds (15436 lines/second)
Physical Source Lines of Code (SLOC) = 4044
Hits@level = [0] 0 [1] 0 [2] 0 [3] 7 [4] 0 [5] 0
Hits@level+ = [0+] 7 [1+] 7 [2+] 7 [3+] 7 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.73096 [1+] 1.73096 [2+] 1.73096 [3+] 1.73096 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.