Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/lv2-1.18.0/lv2/atom/atom-test-utils.c Examining data/lv2-1.18.0/lv2/atom/atom-test.c Examining data/lv2-1.18.0/lv2/atom/atom.h Examining data/lv2-1.18.0/lv2/atom/forge-overflow-test.c Examining data/lv2-1.18.0/lv2/atom/forge.h Examining data/lv2-1.18.0/lv2/atom/util.h Examining data/lv2-1.18.0/lv2/buf-size/buf-size.h Examining data/lv2-1.18.0/lv2/core/attributes.h Examining data/lv2-1.18.0/lv2/core/lv2.h Examining data/lv2-1.18.0/lv2/core/lv2_util.h Examining data/lv2-1.18.0/lv2/data-access/data-access.h Examining data/lv2-1.18.0/lv2/dynmanifest/dynmanifest.h Examining data/lv2-1.18.0/lv2/event/event-helpers.h Examining data/lv2-1.18.0/lv2/event/event.h Examining data/lv2-1.18.0/lv2/instance-access/instance-access.h Examining data/lv2-1.18.0/lv2/log/log.h Examining data/lv2-1.18.0/lv2/log/logger.h Examining data/lv2-1.18.0/lv2/midi/midi.h Examining data/lv2-1.18.0/lv2/morph/morph.h Examining data/lv2-1.18.0/lv2/options/options.h Examining data/lv2-1.18.0/lv2/parameters/parameters.h Examining data/lv2-1.18.0/lv2/patch/patch.h Examining data/lv2-1.18.0/lv2/port-groups/port-groups.h Examining data/lv2-1.18.0/lv2/port-props/port-props.h Examining data/lv2-1.18.0/lv2/presets/presets.h Examining data/lv2-1.18.0/lv2/resize-port/resize-port.h Examining data/lv2-1.18.0/lv2/state/state.h Examining data/lv2-1.18.0/lv2/time/time.h Examining data/lv2-1.18.0/lv2/ui/ui.h Examining data/lv2-1.18.0/lv2/units/units.h Examining data/lv2-1.18.0/lv2/uri-map/uri-map.h Examining data/lv2-1.18.0/lv2/urid/urid.h Examining data/lv2-1.18.0/lv2/worker/worker.h Examining data/lv2-1.18.0/plugins/eg-amp.lv2/amp.c Examining data/lv2-1.18.0/plugins/eg-fifths.lv2/fifths.c Examining data/lv2-1.18.0/plugins/eg-fifths.lv2/uris.h Examining data/lv2-1.18.0/plugins/eg-metro.lv2/metro.c Examining data/lv2-1.18.0/plugins/eg-midigate.lv2/midigate.c Examining data/lv2-1.18.0/plugins/eg-params.lv2/params.c Examining data/lv2-1.18.0/plugins/eg-params.lv2/state_map.h Examining data/lv2-1.18.0/plugins/eg-sampler.lv2/atom_sink.h Examining data/lv2-1.18.0/plugins/eg-sampler.lv2/peaks.h Examining data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler.c Examining data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler_ui.c Examining data/lv2-1.18.0/plugins/eg-sampler.lv2/uris.h Examining data/lv2-1.18.0/plugins/eg-scope.lv2/examploscope.c Examining data/lv2-1.18.0/plugins/eg-scope.lv2/examploscope_ui.c Examining data/lv2-1.18.0/plugins/eg-scope.lv2/uris.h FINAL RESULTS: data/lv2-1.18.0/lv2/atom/atom-test-utils.c:68:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, args); data/lv2-1.18.0/lv2/log/log.h:51:59: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define LV2_LOG_FUNC(fmt, arg1) __attribute__((format(printf, fmt, arg1))) data/lv2-1.18.0/lv2/log/log.h:83:8: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int (*printf)(LV2_Log_Handle handle, data/lv2-1.18.0/lv2/log/log.h:96:8: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int (*vprintf)(LV2_Log_Handle handle, data/lv2-1.18.0/lv2/log/logger.h:98:25: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ? logger->log->vprintf(logger->log->handle, type, fmt, args) data/lv2-1.18.0/lv2/log/logger.h:99:12: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. : vfprintf(stderr, fmt, args)); data/lv2-1.18.0/lv2/atom/atom-test-utils.c:34:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dup, str, len + 1); data/lv2-1.18.0/lv2/atom/atom.h:76:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char lv2_atom_assert_double_fits_in_64_bits[ data/lv2-1.18.0/lv2/atom/forge.h:297:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem, data, size); data/lv2-1.18.0/lv2/atom/util.h:176:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(e, event, total_size); data/lv2-1.18.0/lv2/event/event-helpers.h:192:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uint8_t*)ev + sizeof(LV2_Event), data, size); data/lv2-1.18.0/lv2/event/event-helpers.h:252:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((uint8_t*)write_ev + sizeof(LV2_Event), data, ev->size); data/lv2-1.18.0/plugins/eg-midigate.lv2/midigate.c:128:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self->out + offset, self->in + offset, len * sizeof(float)); data/lv2-1.18.0/plugins/eg-params.lv2/params.c:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[MAX_STRING]; data/lv2-1.18.0/plugins/eg-params.lv2/params.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_STRING]; data/lv2-1.18.0/plugins/eg-params.lv2/params.c:121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urid_buf[12]; data/lv2-1.18.0/plugins/eg-params.lv2/params.c:247:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(entry->value + 1, body, size); data/lv2-1.18.0/plugins/eg-sampler.lv2/atom_sink.h:30:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char*)atom + offset, buf, size); data/lv2-1.18.0/plugins/eg-sampler.lv2/peaks.h:264:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(receiver->peaks + offset->body, data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sample->path, path, path_len + 1); data/lv2-1.18.0/plugins/eg-scope.lv2/examploscope.c:303:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(self->output[c], self->input[c], sizeof(float) * n_samples); data/lv2-1.18.0/lv2/atom/atom-test-utils.c:32:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(str); data/lv2-1.18.0/lv2/atom/atom-test.c:110:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const uint32_t pstr_len = (uint32_t)strlen(pstr); data/lv2-1.18.0/lv2/atom/atom-test.c:121:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const uint32_t ustr_len = (uint32_t)strlen(ustr); data/lv2-1.18.0/lv2/atom/atom-test.c:143:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). &forge, "hello", strlen("hello"))); data/lv2-1.18.0/lv2/atom/atom-test.c:153:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). &forge, "bonjour", strlen("bonjour"), data/lv2-1.18.0/lv2/atom/atom-test.c:167:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). &forge, "foo", strlen("foo"))); data/lv2-1.18.0/plugins/eg-params.lv2/params.c:301:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(apath) + 1, data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler.c:112:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t path_len = strlen(path); data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler.c:493:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(apath) + 1, data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler.c:555:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). LV2_Atom* buf = (LV2_Atom*)calloc(1, strlen(path) + 128); data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler.c:558:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write_set_file(&forge, &self->uris, path, strlen(path)); data/lv2-1.18.0/plugins/eg-sampler.lv2/sampler_ui.c:89:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filename, strlen(filename)); ANALYSIS SUMMARY: Hits = 33 Lines analyzed = 10628 in approximately 0.35 seconds (30432 lines/second) Physical Source Lines of Code (SLOC) = 5637 Hits@level = [0] 12 [1] 12 [2] 15 [3] 0 [4] 6 [5] 0 Hits@level+ = [0+] 45 [1+] 33 [2+] 21 [3+] 6 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 7.98297 [1+] 5.85418 [2+] 3.72539 [3+] 1.0644 [4+] 1.0644 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.