Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pioneers-15.6/server/admin.h Examining data/pioneers-15.6/server/glib-driver.c Examining data/pioneers-15.6/server/resource.c Examining data/pioneers-15.6/server/gold.c Examining data/pioneers-15.6/server/buildutil.c Examining data/pioneers-15.6/server/gtk/server-resources.h Examining data/pioneers-15.6/server/gtk/main.c Examining data/pioneers-15.6/server/gtk/server-resources.c Examining data/pioneers-15.6/server/meta.c Examining data/pioneers-15.6/server/admin.c Examining data/pioneers-15.6/server/main.c Examining data/pioneers-15.6/server/develop.c Examining data/pioneers-15.6/server/player.c Examining data/pioneers-15.6/server/server.c Examining data/pioneers-15.6/server/robber.c Examining data/pioneers-15.6/server/discard.c Examining data/pioneers-15.6/server/avahi.c Examining data/pioneers-15.6/server/avahi.h Examining data/pioneers-15.6/server/trade.c Examining data/pioneers-15.6/server/server.h Examining data/pioneers-15.6/server/turn.c Examining data/pioneers-15.6/server/pregame.c Examining data/pioneers-15.6/server/glib-driver.h Examining data/pioneers-15.6/editor/gtk/game-buildings.c Examining data/pioneers-15.6/editor/gtk/game-devcards.h Examining data/pioneers-15.6/editor/gtk/editor-resources.c Examining data/pioneers-15.6/editor/gtk/editor-resources.h Examining data/pioneers-15.6/editor/gtk/game-devcards.c Examining data/pioneers-15.6/editor/gtk/game-resources.c Examining data/pioneers-15.6/editor/gtk/editor.c Examining data/pioneers-15.6/editor/gtk/game-buildings.h Examining data/pioneers-15.6/editor/gtk/game-resources.h Examining data/pioneers-15.6/common/map_query.c Examining data/pioneers-15.6/common/cards.h Examining data/pioneers-15.6/common/deck.c Examining data/pioneers-15.6/common/network.c Examining data/pioneers-15.6/common/cost.h Examining data/pioneers-15.6/common/gettext.h Examining data/pioneers-15.6/common/random.c Examining data/pioneers-15.6/common/game-list.h Examining data/pioneers-15.6/common/log.c Examining data/pioneers-15.6/common/state.h Examining data/pioneers-15.6/common/authors.h Examining data/pioneers-15.6/common/gtk/metaserver.c Examining data/pioneers-15.6/common/gtk/map-icons.h Examining data/pioneers-15.6/common/gtk/common_gtk.c Examining data/pioneers-15.6/common/gtk/theme.c Examining data/pioneers-15.6/common/gtk/game-settings.h Examining data/pioneers-15.6/common/gtk/game-rules.h Examining data/pioneers-15.6/common/gtk/polygon.c Examining data/pioneers-15.6/common/gtk/map-icons.c Examining data/pioneers-15.6/common/gtk/game-rules.c Examining data/pioneers-15.6/common/gtk/select-game.c Examining data/pioneers-15.6/common/gtk/common_gtk.h Examining data/pioneers-15.6/common/gtk/scrollable-text-view.h Examining data/pioneers-15.6/common/gtk/guimap.h Examining data/pioneers-15.6/common/gtk/config-gnome.c Examining data/pioneers-15.6/common/gtk/colors.c Examining data/pioneers-15.6/common/gtk/metaserver.h Examining data/pioneers-15.6/common/gtk/theme.h Examining data/pioneers-15.6/common/gtk/aboutbox.h Examining data/pioneers-15.6/common/gtk/scrollable-text-view.c Examining data/pioneers-15.6/common/gtk/player-icon.c Examining data/pioneers-15.6/common/gtk/select-game.h Examining data/pioneers-15.6/common/gtk/polygon.h Examining data/pioneers-15.6/common/gtk/config-gnome.h Examining data/pioneers-15.6/common/gtk/guimap.c Examining data/pioneers-15.6/common/gtk/aboutbox.c Examining data/pioneers-15.6/common/gtk/game-settings.c Examining data/pioneers-15.6/common/gtk/colors.h Examining data/pioneers-15.6/common/gtk/player-icon.h Examining data/pioneers-15.6/common/state.c Examining data/pioneers-15.6/common/buildrec.h Examining data/pioneers-15.6/common/version.h Examining data/pioneers-15.6/common/driver.c Examining data/pioneers-15.6/common/quoteinfo.c Examining data/pioneers-15.6/common/set.h Examining data/pioneers-15.6/common/random.h Examining data/pioneers-15.6/common/game-list.c Examining data/pioneers-15.6/common/set.c Examining data/pioneers-15.6/common/log.h Examining data/pioneers-15.6/common/gettext.c Examining data/pioneers-15.6/common/network.h Examining data/pioneers-15.6/common/quoteinfo.h Examining data/pioneers-15.6/common/notifying-string-private.h Examining data/pioneers-15.6/common/map.c Examining data/pioneers-15.6/common/deck.h Examining data/pioneers-15.6/common/common_glib.h Examining data/pioneers-15.6/common/game.h Examining data/pioneers-15.6/common/buildrec.c Examining data/pioneers-15.6/common/cards.c Examining data/pioneers-15.6/common/game.c Examining data/pioneers-15.6/common/common_glib.c Examining data/pioneers-15.6/common/driver.h Examining data/pioneers-15.6/common/notifying-string.c Examining data/pioneers-15.6/common/notifying-string.h Examining data/pioneers-15.6/common/map.h Examining data/pioneers-15.6/common/cost.c Examining data/pioneers-15.6/metaserver/main.c Examining data/pioneers-15.6/client/ai/greedy.c Examining data/pioneers-15.6/client/ai/lobbybot.c Examining data/pioneers-15.6/client/ai/genetic_core.c Examining data/pioneers-15.6/client/ai/ai.c Examining data/pioneers-15.6/client/ai/genetic.c Examining data/pioneers-15.6/client/ai/genetic_core.h Examining data/pioneers-15.6/client/ai/ai.h Examining data/pioneers-15.6/client/gtk/resource-view.c Examining data/pioneers-15.6/client/gtk/gui.h Examining data/pioneers-15.6/client/gtk/notification.c Examining data/pioneers-15.6/client/gtk/offline.c Examining data/pioneers-15.6/client/gtk/gui.c Examining data/pioneers-15.6/client/gtk/resource-table.c Examining data/pioneers-15.6/client/gtk/quote-view.h Examining data/pioneers-15.6/client/gtk/resource-view-private.h Examining data/pioneers-15.6/client/gtk/audio.c Examining data/pioneers-15.6/client/gtk/quote.c Examining data/pioneers-15.6/client/gtk/audio.h Examining data/pioneers-15.6/client/gtk/resource.c Examining data/pioneers-15.6/client/gtk/gold.c Examining data/pioneers-15.6/client/gtk/state.c Examining data/pioneers-15.6/client/gtk/identity.c Examining data/pioneers-15.6/client/gtk/develop.c Examining data/pioneers-15.6/client/gtk/chat.c Examining data/pioneers-15.6/client/gtk/player.c Examining data/pioneers-15.6/client/gtk/client-resources.c Examining data/pioneers-15.6/client/gtk/discard.c Examining data/pioneers-15.6/client/gtk/avahi.c Examining data/pioneers-15.6/client/gtk/resource-view.h Examining data/pioneers-15.6/client/gtk/histogram.h Examining data/pioneers-15.6/client/gtk/avahi.h Examining data/pioneers-15.6/client/gtk/frontend.h Examining data/pioneers-15.6/client/gtk/callbacks.c Examining data/pioneers-15.6/client/gtk/interface.c Examining data/pioneers-15.6/client/gtk/resource-table.h Examining data/pioneers-15.6/client/gtk/plenty.c Examining data/pioneers-15.6/client/gtk/trade.c Examining data/pioneers-15.6/client/gtk/avahi-browser.c Examining data/pioneers-15.6/client/gtk/frontend.c Examining data/pioneers-15.6/client/gtk/admin-gtk.c Examining data/pioneers-15.6/client/gtk/notification.h Examining data/pioneers-15.6/client/gtk/settingscreen.c Examining data/pioneers-15.6/client/gtk/avahi-browser.h Examining data/pioneers-15.6/client/gtk/monopoly.c Examining data/pioneers-15.6/client/gtk/name.c Examining data/pioneers-15.6/client/gtk/client-resources.h Examining data/pioneers-15.6/client/gtk/gameover.c Examining data/pioneers-15.6/client/gtk/quote-view.c Examining data/pioneers-15.6/client/gtk/connect.c Examining data/pioneers-15.6/client/gtk/legend.c Examining data/pioneers-15.6/client/gtk/histogram.c Examining data/pioneers-15.6/client/common/callback.c Examining data/pioneers-15.6/client/common/resource.c Examining data/pioneers-15.6/client/common/main.c Examining data/pioneers-15.6/client/common/develop.c Examining data/pioneers-15.6/client/common/player.c Examining data/pioneers-15.6/client/common/robber.c Examining data/pioneers-15.6/client/common/build.c Examining data/pioneers-15.6/client/common/turn.c Examining data/pioneers-15.6/client/common/client.h Examining data/pioneers-15.6/client/common/setup.c Examining data/pioneers-15.6/client/common/client.c Examining data/pioneers-15.6/client/common/stock.c Examining data/pioneers-15.6/client/callback.h FINAL RESULTS: data/pioneers-15.6/client/common/resource.c:241:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str, resource_name(idx, FALSE)); data/pioneers-15.6/client/common/resource.c:257:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "%d %s", num, data/pioneers-15.6/client/common/resource.c:260:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "%s", resource_name(idx, FALSE)); data/pioneers-15.6/client/gtk/gameover.c:52:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buff, _("%s has won the game with %d victory points!"), data/pioneers-15.6/client/gtk/gameover.c:58:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buff, _("All praise %s, Lord of the known world!"), data/pioneers-15.6/client/gtk/quote-view.c:306:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(desc, _("%d:1 %s for %s"), data/pioneers-15.6/client/gtk/resource-table.c:317:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buff, "%s", "++"); data/pioneers-15.6/client/gtk/trade.c:206:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(desc, resource_name(idx, FALSE)); data/pioneers-15.6/client/gtk/trade.c:222:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(desc, format, buf1); data/pioneers-15.6/client/gtk/trade.c:227:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(desc, format, buf1); data/pioneers-15.6/client/gtk/trade.c:233:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(desc, format, buf1, buf2); data/pioneers-15.6/client/ai/ai.c:53:7: [3] (random) g_rand_int_range: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (g_rand_int_range(chat_rand, 0, 101) > nochat_percent) { \ data/pioneers-15.6/client/ai/ai.c:54:18: [3] (random) g_rand_int_range: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. ai_chat(array[g_rand_int_range(chat_rand, 0, G_N_ELEMENTS(array))]); \ data/pioneers-15.6/client/ai/genetic_core.c:423:17: [3] (random) g_random_int_range: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. dice_roll1 = g_random_int_range(1, 7); /*(random() % 6) + 1; */ data/pioneers-15.6/client/ai/genetic_core.c:424:17: [3] (random) g_random_int_range: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. dice_roll2 = g_random_int_range(1, 7); /*(random() % 6) + 1; */ data/pioneers-15.6/common/random.c:44:15: [3] (random) g_rand_int: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. randomseed = g_rand_int(g_rand_ctx); data/pioneers-15.6/common/random.c:56:9: [3] (random) g_rand_int_range: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return g_rand_int_range(g_rand_ctx, 0, range); data/pioneers-15.6/server/player.c:349:9: [3] (random) g_random_int_range: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (g_random_int_range(0, num) == 0) { data/pioneers-15.6/client/ai/genetic.c:2787:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[80]; data/pioneers-15.6/client/ai/genetic.c:2794:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((chromFilePointer = fopen(chromosomeFile, "r")) == NULL) { data/pioneers-15.6/client/common/player.c:125:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, _("Spectator %d"), data/pioneers-15.6/client/common/player.c:128:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, _("spectator %d"), data/pioneers-15.6/client/common/player.c:137:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, _("Player %d"), player_num); data/pioneers-15.6/client/common/player.c:139:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, _("player %d"), player_num); data/pioneers-15.6/client/common/resource.c:225:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, _("nothing")); data/pioneers-15.6/client/common/resource.c:231:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, _("any resource")); data/pioneers-15.6/client/common/resource.c:253:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, " + "); data/pioneers-15.6/client/gtk/admin-gtk.c:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[ADMIN_BUFSIZE]; data/pioneers-15.6/client/gtk/avahi.c:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolved_hostname data/pioneers-15.6/client/gtk/connect.c:520:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(data, "%d", atoi(line + len)); data/pioneers-15.6/client/gtk/connect.c:520:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sprintf(data, "%d", atoi(line + len)); data/pioneers-15.6/client/gtk/connect.c:622:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(p); data/pioneers-15.6/client/gtk/connect.c:627:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(p + 1); data/pioneers-15.6/client/gtk/connect.c:1612:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(keyname1, "favorites/server%dname=", i); data/pioneers-15.6/client/gtk/connect.c:1613:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(keyname2, "favorites/server%dport=", i); data/pioneers-15.6/client/gtk/connect.c:1620:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(keyname1, "favorites/server%dname", i); data/pioneers-15.6/client/gtk/connect.c:1621:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(keyname2, "favorites/server%dport", i); data/pioneers-15.6/client/gtk/connect.c:1803:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp_str, "favorites/server%dname=", i); data/pioneers-15.6/client/gtk/connect.c:1810:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp_str, "favorites/server%dport=", i); data/pioneers-15.6/client/gtk/gameover.c:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[512]; data/pioneers-15.6/client/gtk/histogram.c:118:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", max); data/pioneers-15.6/client/gtk/histogram.c:151:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", i * max / GRID_DIVISIONS); data/pioneers-15.6/client/gtk/histogram.c:209:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", histogram_dice_retrieve(i)); data/pioneers-15.6/client/gtk/identity.c:114:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[10]; data/pioneers-15.6/client/gtk/identity.c:118:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", data->stock_num()); data/pioneers-15.6/client/gtk/identity.c:189:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[10]; data/pioneers-15.6/client/gtk/identity.c:192:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", data->stock_num()); data/pioneers-15.6/client/gtk/player.c:312:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(points, "%d", data/pioneers-15.6/client/gtk/resource-table.c:291:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", rt->total_current); data/pioneers-15.6/client/gtk/resource-table.c:298:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", row->amount); data/pioneers-15.6/client/gtk/resource-table.c:308:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", row->hand + row->amount); data/pioneers-15.6/client/gtk/resource-table.c:310:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", row->hand - row->amount); data/pioneers-15.6/client/gtk/resource-table.c:319:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d", data/pioneers-15.6/client/gtk/resource.c:109:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[16]; data/pioneers-15.6/client/gtk/trade.c:154:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%d", resource_asset(resource) - amount); data/pioneers-15.6/client/gtk/trade.c:203:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(desc, "%d ", resources[idx]); data/pioneers-15.6/common/game.c:502:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(line); data/pioneers-15.6/common/game.c:574:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(fname, "r")) == NULL) { data/pioneers-15.6/common/game.c:814:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(fname, "w")) == NULL) { data/pioneers-15.6/common/gtk/config-gnome.c:205:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). value = atoi(tokens[2]); data/pioneers-15.6/common/gtk/guimap.c:823:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(num, "<b>%d</b>", n); data/pioneers-15.6/common/gtk/player-icon.c:145:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, original_data, size); data/pioneers-15.6/common/gtk/player-icon.c:163:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(replace_here, color_new, 12); data/pioneers-15.6/common/gtk/player-icon.c:402:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *variant = atoi(style_parts[2]); data/pioneers-15.6/common/gtk/theme.c:586:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(filename, "r"))) { data/pioneers-15.6/common/map.c:958:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(bufferpos, "%d", hex->chit_pos); data/pioneers-15.6/common/network.c:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char read_buff[16 * 1024]; data/pioneers-15.6/common/network.c:376:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ses->port = atoi(port); data/pioneers-15.6/editor/gtk/editor.c:1144:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, data/pioneers-15.6/metaserver/main.c:259:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). && (atoi(scan->port) == free_port)) { data/pioneers-15.6/metaserver/main.c:356:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *data = atoi(line + len); data/pioneers-15.6/metaserver/main.c:413:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). client->protocol_major = atoi(p); data/pioneers-15.6/metaserver/main.c:416:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). client->protocol_minor = atoi(p + 1); data/pioneers-15.6/metaserver/main.c:568:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(pidfile, "w"); data/pioneers-15.6/metaserver/main.c:725:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). net_service_new(atoi(PIONEERS_DEFAULT_META_PORT), meta_event, data/pioneers-15.6/server/admin.c:221:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). register_server = atoi(argument); data/pioneers-15.6/server/admin.c:224:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg_set_num_players(params, atoi(argument)); data/pioneers-15.6/server/admin.c:227:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg_set_sevens_rule(params, atoi(argument)); data/pioneers-15.6/server/admin.c:230:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg_set_use_dice_deck(params, atoi(argument)); data/pioneers-15.6/server/admin.c:233:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg_set_num_dice_decks(params, atoi(argument)); data/pioneers-15.6/server/admin.c:237:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(argument)); data/pioneers-15.6/server/admin.c:240:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg_set_victory_points(params, atoi(argument)); data/pioneers-15.6/server/admin.c:243:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg_set_terrain_type(params, atoi(argument)); data/pioneers-15.6/server/admin.c:357:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). admin_dice_roll = CLAMP(atoi(argument), 0, 12); data/pioneers-15.6/server/admin.c:508:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). net_service_new(atoi(port), admin_event, NULL, &error_message); data/pioneers-15.6/server/avahi.c:139:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(game->server_port), data/pioneers-15.6/server/meta.c:229:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). metaserver_version_major = atoi(p); data/pioneers-15.6/server/meta.c:233:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(p + 1); data/pioneers-15.6/server/player.c:340:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). stream = fopen(filename, "r"); data/pioneers-15.6/server/player.c:458:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(name, "connecting"); data/pioneers-15.6/server/player.c:568:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nm, _("Spectator %d"), num++); data/pioneers-15.6/server/player.c:571:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nm, _("Player %d"), player->num); data/pioneers-15.6/server/resource.c:56:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(player->prev_assets, data/pioneers-15.6/server/server.c:169:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). net_service_new(atoi(game->server_port), player_connect, game, data/pioneers-15.6/client/common/resource.c:254:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str += strlen(str); data/pioneers-15.6/client/common/resource.c:262:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str += strlen(str); data/pioneers-15.6/client/gtk/admin-gtk.c:125:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(buff, "admin ", ADMIN_PREFIX_LEN); data/pioneers-15.6/client/gtk/chat.c:47:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buff, text, sizeof(buff) - 1); data/pioneers-15.6/client/gtk/client-resources.c:3071:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/pioneers-15.6/client/gtk/client-resources.c:3079:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/pioneers-15.6/client/gtk/client-resources.c:3091:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/pioneers-15.6/client/gtk/client-resources.c:3098:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/pioneers-15.6/client/gtk/connect.c:505:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(prefix); data/pioneers-15.6/client/gtk/connect.c:509:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(data, line + len, STRARG_LEN); data/pioneers-15.6/client/gtk/connect.c:516:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(prefix); data/pioneers-15.6/client/gtk/connect.c:1630:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cur_name) == 0) { data/pioneers-15.6/client/gtk/connect.c:1805:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (default_returned || !strlen(host_name)) { data/pioneers-15.6/client/gtk/connect.c:1812:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (default_returned || !strlen(host_port)) { data/pioneers-15.6/client/gtk/player.c:315:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(points, ""); data/pioneers-15.6/client/gtk/trade.c:204:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). desc += strlen(desc); data/pioneers-15.6/client/gtk/trade.c:207:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). desc += strlen(desc); data/pioneers-15.6/common/game-list.c:120:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(fname); data/pioneers-15.6/common/game.c:161:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). word_len = strlen(word); data/pioneers-15.6/common/game.c:216:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (name == NULL || strlen(name) == 0) { data/pioneers-15.6/common/game.c:282:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!str || strlen(str) < 1) { data/pioneers-15.6/common/game.c:549:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(part); data/pioneers-15.6/common/game.c:559:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(*line); data/pioneers-15.6/common/game.c:1102:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). offset += (ssize_t) strlen(*str); data/pioneers-15.6/common/game.c:1167:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (ssize_t) strlen(type); data/pioneers-15.6/common/gtk/player-icon.c:156:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g_assert(strlen(color_old) == 12); data/pioneers-15.6/common/gtk/player-icon.c:157:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g_assert(strlen(color_new) == 12); data/pioneers-15.6/common/map.c:959:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bufferpos += strlen(bufferpos); data/pioneers-15.6/common/network.c:140:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(data); data/pioneers-15.6/editor/gtk/editor-resources.c:1265:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/pioneers-15.6/editor/gtk/editor-resources.c:1273:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/pioneers-15.6/editor/gtk/editor-resources.c:1285:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/pioneers-15.6/editor/gtk/editor-resources.c:1292:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/pioneers-15.6/metaserver/main.c:339:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). guint len = strlen(prefix); data/pioneers-15.6/metaserver/main.c:352:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). guint len = strlen(prefix); data/pioneers-15.6/metaserver/main.c:602:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(0); data/pioneers-15.6/server/gtk/main.c:559:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (novar || !strlen(metaserver_name) data/pioneers-15.6/server/gtk/main.c:561:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(metaserver_name) + 1)) data/pioneers-15.6/server/gtk/server-resources.c:645:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/pioneers-15.6/server/gtk/server-resources.c:653:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). __pragma(section(".CRT$XCU",read)) \ data/pioneers-15.6/server/gtk/server-resources.c:665:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/pioneers-15.6/server/gtk/server-resources.c:672:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). section(".CRT$XCU",read) data/pioneers-15.6/server/player.c:140:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(text) > MAX_CHAT) data/pioneers-15.6/server/player.c:157:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(text) > MAX_NAME_LENGTH) data/pioneers-15.6/server/player.c:459:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(name); i < G_N_ELEMENTS(name) - 1; ++i) { data/pioneers-15.6/server/player.c:574:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(nm, name, G_N_ELEMENTS(nm)); data/pioneers-15.6/server/player.c:583:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(nm); i < G_N_ELEMENTS(nm) - 1; ++i) { data/pioneers-15.6/server/player.c:969:18: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. g_strdelimit(mismatch, "|", '_'); data/pioneers-15.6/server/player.c:972:12: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. mismatch, data/pioneers-15.6/server/player.c:975:12: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. g_free(mismatch); data/pioneers-15.6/server/server.c:229:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (hostname && strlen(hostname) > 0) { ANALYSIS SUMMARY: Hits = 145 Lines analyzed = 58806 in approximately 1.71 seconds (34328 lines/second) Physical Source Lines of Code (SLOC) = 44523 Hits@level = [0] 126 [1] 51 [2] 76 [3] 7 [4] 11 [5] 0 Hits@level+ = [0+] 271 [1+] 145 [2+] 94 [3+] 18 [4+] 11 [5+] 0 Hits/KSLOC@level+ = [0+] 6.08674 [1+] 3.25674 [2+] 2.11127 [3+] 0.404285 [4+] 0.247063 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.