stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sigrok-firmware-fx2lafw-0.1.7/gpif-acquisition.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lafw.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/include/gpif-acquisition.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/include/command.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/include/fx2lafw.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/eputils.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/serial.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/delay.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/i2c.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/gpif.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/setupdat.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep6pf_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/usbreset_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep6_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep8isoerr_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep2pf_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep8ef_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep2_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep1ping_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/sof_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep0ack_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep2ping_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/sudav_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep1in_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep4isoerr_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep6ping_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep4ff_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep6isoerr_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/gpifwf_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep8ping_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep2isoerr_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep6ef_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/errlimit_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ibn_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep2ff_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep6ff_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep1out_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep0in_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep8pf_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep0out_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/hispeed_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep4ping_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/spare_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep8_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep4_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep4ef_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/gpifdone_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/suspend_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep2ef_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/sutok_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep4pf_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep0ping_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/interrupts/ep8ff_isr.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/fx2ints.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/gpif.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/eputils.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/delay.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/fx2regs.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/serial.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/fx2macros.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/fx2types.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/autovector.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/lights.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/setupdat.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/i2c.h
Examining data/sigrok-firmware-fx2lafw-0.1.7/hw/yixingdianzi-mdso/fw.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/hw/hantek-6022be/fw.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/hw/sainsmart-dds120/fw.c
Examining data/sigrok-firmware-fx2lafw-0.1.7/hw/hantek-6022bl/fw.c

FINAL RESULTS:

data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/eputils.c:28:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define printf(...)
data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/i2c.c:29:25:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define i2c_printf(...) printf(__VA_ARGS__)
data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/setupdat.c:23:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define printf(...)
data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/include/serial.h:54:6:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
char getchar();
data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/eputils.c:34:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while (read < len) {
data/sigrok-firmware-fx2lafw-0.1.7/fx2lib/lib/serial.c:71:6:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
char getchar() {

ANALYSIS SUMMARY:

Hits = 6
Lines analyzed = 5071 in approximately 0.17 seconds (29923 lines/second)
Physical Source Lines of Code (SLOC) = 2135
Hits@level = [0]  14 [1]   3 [2]   0 [3]   0 [4]   3 [5]   0
Hits@level+ = [0+]  20 [1+]   6 [2+]   3 [3+]   3 [4+]   3 [5+]   0
Hits/KSLOC@level+ = [0+] 9.36768 [1+] 2.8103 [2+] 1.40515 [3+] 1.40515 [4+] 1.40515 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.