Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qxgedit-0.6.3/skulpture/sk_plugin.h
Examining data/qxgedit-0.6.3/skulpture/skulpture.cpp
Examining data/qxgedit-0.6.3/skulpture/skulpture_p.h
Examining data/qxgedit-0.6.3/skulpture/skulpture.h
Examining data/qxgedit-0.6.3/skulpture/sk_factory.h
Examining data/qxgedit-0.6.3/src/qxgeditFilter.h
Examining data/qxgedit-0.6.3/src/XGParamSysex.cpp
Examining data/qxgedit-0.6.3/src/qxgeditScale.h
Examining data/qxgedit-0.6.3/src/qxgeditPartEg.h
Examining data/qxgedit-0.6.3/src/qxgeditDrumEg.h
Examining data/qxgedit-0.6.3/src/qxgeditDial.cpp
Examining data/qxgedit-0.6.3/src/qxgeditAmpEg.cpp
Examining data/qxgedit-0.6.3/src/qxgeditPartEg.cpp
Examining data/qxgedit-0.6.3/src/qxgeditMidiRpn.h
Examining data/qxgedit-0.6.3/src/qxgeditPitch.cpp
Examining data/qxgedit-0.6.3/src/qxgeditMainForm.cpp
Examining data/qxgedit-0.6.3/src/qxgeditCheck.cpp
Examining data/qxgedit-0.6.3/src/qxgeditSpin.cpp
Examining data/qxgedit-0.6.3/src/qxgeditAbout.h
Examining data/qxgedit-0.6.3/src/qxgeditCombo.h
Examining data/qxgedit-0.6.3/src/qxgeditOptions.cpp
Examining data/qxgedit-0.6.3/src/qxgeditEdit.h
Examining data/qxgedit-0.6.3/src/XGParam.h
Examining data/qxgedit-0.6.3/src/qxgeditDrumEg.cpp
Examining data/qxgedit-0.6.3/src/qxgeditMainForm.h
Examining data/qxgedit-0.6.3/src/qxgeditPaletteForm.cpp
Examining data/qxgedit-0.6.3/src/qxgeditCombo.cpp
Examining data/qxgedit-0.6.3/src/XGParamWidget.h
Examining data/qxgedit-0.6.3/src/qxgeditXGMasterMap.h
Examining data/qxgedit-0.6.3/src/qxgeditPaletteForm.h
Examining data/qxgedit-0.6.3/src/qxgeditUserEg.h
Examining data/qxgedit-0.6.3/src/qxgeditAmpEg.h
Examining data/qxgedit-0.6.3/src/qxgeditVibra.h
Examining data/qxgedit-0.6.3/src/qxgeditMidiDevice.cpp
Examining data/qxgedit-0.6.3/src/qxgeditCheck.h
Examining data/qxgedit-0.6.3/src/XGParamSysex.h
Examining data/qxgedit-0.6.3/src/qxgeditEdit.cpp
Examining data/qxgedit-0.6.3/src/qxgeditMidiRpn.cpp
Examining data/qxgedit-0.6.3/src/qxgeditMidiDevice.h
Examining data/qxgedit-0.6.3/src/qxgeditOptionsForm.h
Examining data/qxgedit-0.6.3/src/qxgeditFilter.cpp
Examining data/qxgedit-0.6.3/src/qxgeditDrop.h
Examining data/qxgedit-0.6.3/src/qxgeditOptionsForm.cpp
Examining data/qxgedit-0.6.3/src/main.cpp
Examining data/qxgedit-0.6.3/src/qxgeditUserEg.cpp
Examining data/qxgedit-0.6.3/src/qxgeditPitch.h
Examining data/qxgedit-0.6.3/src/qxgeditKnob.cpp
Examining data/qxgedit-0.6.3/src/qxgeditOptions.h
Examining data/qxgedit-0.6.3/src/XGParamObserver.h
Examining data/qxgedit-0.6.3/src/qxgedit.h
Examining data/qxgedit-0.6.3/src/qxgeditVibra.cpp
Examining data/qxgedit-0.6.3/src/qxgedit.cpp
Examining data/qxgedit-0.6.3/src/XGParamWidget.cpp
Examining data/qxgedit-0.6.3/src/XGParam.cpp
Examining data/qxgedit-0.6.3/src/qxgeditDial.h
Examining data/qxgedit-0.6.3/src/qxgeditDrop.cpp
Examining data/qxgedit-0.6.3/src/qxgeditScale.cpp
Examining data/qxgedit-0.6.3/src/qxgeditXGMasterMap.cpp
Examining data/qxgedit-0.6.3/src/qxgeditKnob.h
Examining data/qxgedit-0.6.3/src/XGParamObserver.cpp
Examining data/qxgedit-0.6.3/src/qxgeditSpin.h
FINAL RESULTS:
data/qxgedit-0.6.3/src/XGParam.cpp:1964:19: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char * (*gets)(unsigned short); // enumerated string value.
data/qxgedit-0.6.3/src/XGParam.cpp:2643:19: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char * (*gets)(unsigned short); // enumerated string value.
data/qxgedit-0.6.3/src/XGParam.cpp:3460:22: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char *XGParam::gets ( unsigned short u ) const
data/qxgedit-0.6.3/src/XGParam.cpp:3462:30: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
return (m_param && m_param->gets ? m_param->gets(u) : nullptr);
data/qxgedit-0.6.3/src/XGParam.cpp:3462:46: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
return (m_param && m_param->gets ? m_param->gets(u) : nullptr);
data/qxgedit-0.6.3/src/XGParam.cpp:3522:6: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
if (gets(min()) && !gets(u))
data/qxgedit-0.6.3/src/XGParam.cpp:3522:22: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
if (gets(min()) && !gets(u))
data/qxgedit-0.6.3/src/XGParam.cpp:3656:6: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
if (gets(v))
data/qxgedit-0.6.3/src/XGParam.cpp:3755:28: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char *XGEffectParam::gets ( unsigned short u ) const
data/qxgedit-0.6.3/src/XGParam.cpp:3757:32: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
return (m_eparam && m_eparam->gets ? m_eparam->gets(u) : XGParam::gets(u));
data/qxgedit-0.6.3/src/XGParam.cpp:3757:49: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
return (m_eparam && m_eparam->gets ? m_eparam->gets(u) : XGParam::gets(u));
data/qxgedit-0.6.3/src/XGParam.cpp:3757:68: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
return (m_eparam && m_eparam->gets ? m_eparam->gets(u) : XGParam::gets(u));
data/qxgedit-0.6.3/src/XGParam.h:205:22: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
virtual const char *gets(unsigned short u) const;
data/qxgedit-0.6.3/src/XGParam.h:293:14: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char *gets(unsigned short u) const;
data/qxgedit-0.6.3/src/qxgeditDial.cpp:167:15: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
if (pParam->gets(pParam->min())) {
data/qxgedit-0.6.3/src/qxgeditDrop.cpp:100:36: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char *pszItem = m_pParam->gets(iValue);
data/qxgedit-0.6.3/src/qxgeditXGMasterMap.cpp:270:27: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
const char *s = pParam->gets(c);
data/qxgedit-0.6.3/skulpture/skulpture.cpp:1639:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pixmapName.sprintf("scp-cbp-%x-%x-%x-%x-%llx-%x", features, uint(bgrole), state, option->direction, option->palette.cacheKey(), r.height());
data/qxgedit-0.6.3/skulpture/skulpture.cpp:1853:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pixmapName.sprintf("scp-icb-%x-%x-%llx-%x-%x", state, option->direction, option->palette.cacheKey(), option->rect.width(), option->rect.height());
data/qxgedit-0.6.3/skulpture/skulpture.cpp:1944:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pixmapName.sprintf("scp-irb-%x-%x-%llx-%x-%x", state, option->direction, option->palette.cacheKey(), option->rect.width(), option->rect.height());
data/qxgedit-0.6.3/skulpture/skulpture.cpp:2140:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pixmapName.sprintf("scp-isg-%x-%x-%s-%x-%x", state, option->direction, colorName.constData(), option->rect.width(), option->rect.height());
data/qxgedit-0.6.3/skulpture/skulpture.cpp:2296:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pixmapName.sprintf("scp-qdb-%x-%x-%llx-%x", state, option->direction, option->palette.cacheKey(), d);
data/qxgedit-0.6.3/skulpture/skulpture.cpp:2345:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
pixmapName.sprintf("scp-qibc-%x-%x-%llx-%x", state, option->direction, option->palette.cacheKey(), d);
data/qxgedit-0.6.3/src/main.cpp:259:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd), format, (int) getpid());
data/qxgedit-0.6.3/src/main.cpp:269:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(shell, shell, "-c", cmd, NULL);
data/qxgedit-0.6.3/src/qxgedit.cpp:414:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(cmd, sizeof(cmd), format, (int) getpid());
data/qxgedit-0.6.3/src/qxgedit.cpp:424:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(shell, shell, "-c", cmd, nullptr);
data/qxgedit-0.6.3/src/XGParam.cpp:4056:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
::srand(::time(nullptr));
data/qxgedit-0.6.3/skulpture/skulpture.cpp:107:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly)) {
data/qxgedit-0.6.3/src/XGParam.cpp:642:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char chan[4];
data/qxgedit-0.6.3/src/XGParam.cpp:664:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vpan[3];
data/qxgedit-0.6.3/src/XGParam.cpp:680:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char note[8];
data/qxgedit-0.6.3/src/XGParam.cpp:3794:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(m_data, data, len);
data/qxgedit-0.6.3/src/XGParamSysex.cpp:124:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&m_data[i], dataparam->data(), dataparam->size());
data/qxgedit-0.6.3/src/main.cpp:251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[80];
data/qxgedit-0.6.3/src/qxgedit.cpp:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szHostName[255];
data/qxgedit-0.6.3/src/qxgedit.cpp:405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[80];
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:1526:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:1548:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(pBuff, pTemp, i);
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:1609:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadWrite | QIODevice::Truncate))
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:2513:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly))
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:2523:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[len];
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:2572:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadWrite | QIODevice::Truncate))
data/qxgedit-0.6.3/src/qxgeditMidiRpn.cpp:232:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(new_events + m_read, old_events + m_read,
data/qxgedit-0.6.3/src/qxgeditMidiRpn.cpp:237:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(new_events + m_read, old_events + m_read,
data/qxgedit-0.6.3/src/qxgeditMidiRpn.cpp:240:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(new_events + old_size, old_events,
data/qxgedit-0.6.3/src/qxgeditXGMasterMap.cpp:155:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[pParam->size()];
data/qxgedit-0.6.3/src/qxgedit.cpp:373:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const QByteArray data = pSocket->read(nread);
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:1284:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (::read(g_fdSigusr1[1], &c, sizeof(c)) > 0)
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:1297:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (::read(g_fdSigterm[1], &c, sizeof(c)) > 0)
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:1553:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unsigned short iRead = file.read((char *) pBuff + i, iBuff - i) + i;
data/qxgedit-0.6.3/src/qxgeditMainForm.cpp:2525:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (file.read((char *) data, len)) {
ANALYSIS SUMMARY:
Hits = 52
Lines analyzed = 31106 in approximately 0.78 seconds (39920 lines/second)
Physical Source Lines of Code (SLOC) = 22636
Hits@level = [0] 24 [1] 5 [2] 19 [3] 1 [4] 10 [5] 17
Hits@level+ = [0+] 76 [1+] 52 [2+] 47 [3+] 28 [4+] 27 [5+] 17
Hits/KSLOC@level+ = [0+] 3.35748 [1+] 2.29723 [2+] 2.07634 [3+] 1.23697 [4+] 1.19279 [5+] 0.751016
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.