Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/sjeng-11.2/crazy.c Examining data/sjeng-11.2/partner.c Examining data/sjeng-11.2/epd.c Examining data/sjeng-11.2/see.c Examining data/sjeng-11.2/learn.c Examining data/sjeng-11.2/leval.c Examining data/sjeng-11.2/segtb.c Examining data/sjeng-11.2/seval.c Examining data/sjeng-11.2/ttable.c Examining data/sjeng-11.2/sjeng.c Examining data/sjeng-11.2/sjeng.h Examining data/sjeng-11.2/book.c Examining data/sjeng-11.2/draw.c Examining data/sjeng-11.2/eval.c Examining data/sjeng-11.2/moves.c Examining data/sjeng-11.2/neval.c Examining data/sjeng-11.2/search.c Examining data/sjeng-11.2/squares.h Examining data/sjeng-11.2/rcfile.c Examining data/sjeng-11.2/utils.c Examining data/sjeng-11.2/ecache.c Examining data/sjeng-11.2/newbook.c Examining data/sjeng-11.2/protos.h Examining data/sjeng-11.2/blob2.c Examining data/sjeng-11.2/extvars.h Examining data/sjeng-11.2/attacks.c Examining data/sjeng-11.2/probe.c Examining data/sjeng-11.2/proof.c FINAL RESULTS: data/sjeng-11.2/partner.c:65:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(input+1, "%s", my_partner); data/sjeng-11.2/proof.c:1399:8: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (PV, output); data/sjeng-11.2/proof.c:1467:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (PV, output); data/sjeng-11.2/segtb.c:512:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fname, THREE_PIECE_FILE); data/sjeng-11.2/segtb.c:973:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fname, THREE_PIECE_FILE); data/sjeng-11.2/sjeng.c:299:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(opening_history, output); data/sjeng-11.2/sjeng.c:302:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(opening_history, output); data/sjeng-11.2/sjeng.c:455:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(opening_history, input); data/sjeng-11.2/sjeng.c:458:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(opening_history, input); data/sjeng-11.2/utils.c:553:8: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(str, output); data/sjeng-11.2/utils.c:573:12: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (str, output); data/sjeng-11.2/book.c:62:4: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned) time (NULL)); data/sjeng-11.2/book.c:185:4: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(0)); data/sjeng-11.2/newbook.c:466:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(0)); data/sjeng-11.2/book.c:28:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char book[4000][161]; data/sjeng-11.2/book.c:29:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char book_flags[4000][41]; data/sjeng-11.2/book.c:33:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char opening_history[STR_BUFF]; data/sjeng-11.2/book.c:66:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f_book = fopen ("normal.opn", "r")) == NULL) data/sjeng-11.2/book.c:71:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f_book = fopen ("zh.opn", "r")) == NULL) data/sjeng-11.2/book.c:76:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f_book = fopen ("suicide.opn", "r")) == NULL) data/sjeng-11.2/book.c:81:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f_book = fopen ("losers.opn", "r")) == NULL) data/sjeng-11.2/book.c:86:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f_book = fopen ("bug.opn", "r")) == NULL) data/sjeng-11.2/book.c:180:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char possible_move[5], coord_move[5]; data/sjeng-11.2/crazy.c:32:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realholdings[255]; data/sjeng-11.2/epd.c:67:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). for (j = 0; j < atoi(&inbuff[i]); j++) data/sjeng-11.2/epd.c:70:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fileoffset += atoi(&inbuff[i]); data/sjeng-11.2/epd.c:193:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char san[STR_BUFF]; data/sjeng-11.2/epd.c:222:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuff[2000]; data/sjeng-11.2/epd.c:223:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char testname[FILENAME_MAX]; data/sjeng-11.2/epd.c:224:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempbuff[2000]; data/sjeng-11.2/epd.c:240:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). thinktime = atol(readbuff); data/sjeng-11.2/epd.c:245:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). testsuite = fopen(testname, "r"); data/sjeng-11.2/eval.c:305:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char p_tropism[144][144]; data/sjeng-11.2/eval.c:306:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char q_tropism[144][144]; data/sjeng-11.2/eval.c:307:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n_tropism[144][144]; data/sjeng-11.2/eval.c:308:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char r_tropism[144][144]; data/sjeng-11.2/eval.c:309:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char b_tropism[144][144]; data/sjeng-11.2/extvars.h:24:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char divider[50]; data/sjeng-11.2/extvars.h:78:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char book[4000][161]; data/sjeng-11.2/extvars.h:82:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char opening_history[STR_BUFF]; data/sjeng-11.2/extvars.h:94:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char ponder_input[STR_BUFF]; data/sjeng-11.2/extvars.h:113:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char my_partner[STR_BUFF]; data/sjeng-11.2/extvars.h:171:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char realholdings[255]; data/sjeng-11.2/extvars.h:178:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char searching_move[20]; data/sjeng-11.2/extvars.h:180:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char setcode[30]; data/sjeng-11.2/extvars.h:187:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char EGTBDir[STR_BUFF]; data/sjeng-11.2/newbook.c:64:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[STR_BUFF]; data/sjeng-11.2/newbook.c:161:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char movebuff[STR_BUFF], sjmove[STR_BUFF]; data/sjeng-11.2/newbook.c:379:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bookname[FILENAME_MAX], kks[STR_BUFF]; data/sjeng-11.2/newbook.c:384:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pgnbook = fopen(bookname, "r"); data/sjeng-11.2/newbook.c:411:12: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). kksize = atol(kks); data/sjeng-11.2/newbook.c:463:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[6]; data/sjeng-11.2/partner.c:84:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char howmuch[80] = "is...uh...what did you say?\n"; data/sjeng-11.2/partner.c:167:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(howmuch, "mates"); data/sjeng-11.2/partner.c:172:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(howmuch, "is VERY good (ptell me 'x' to play normal again)"); data/sjeng-11.2/partner.c:177:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(howmuch, "is good (ptell me 'x' to play normal again)"); data/sjeng-11.2/partner.c:322:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(howmuch, "mates you (ptell me 'x' when it no longer mates you)"); data/sjeng-11.2/partner.c:327:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(howmuch, "is VERY bad (ptell me 'x' when it is no longer bad)"); data/sjeng-11.2/partner.c:332:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(howmuch, "is bad (ptell me 'x' when it is no longer bad)"); data/sjeng-11.2/probe.c:91:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char EGTBDir[STR_BUFF]; data/sjeng-11.2/proof.c:1031:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[8]; data/sjeng-11.2/proof.c:1313:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[8192]; data/sjeng-11.2/proof.c:1314:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char PV[8192]; data/sjeng-11.2/rcfile.c:30:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[STR_BUFF]; data/sjeng-11.2/rcfile.c:55:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((rcfile = fopen ("sjeng.rc", "r")) == NULL) data/sjeng-11.2/rcfile.c:63:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(EGTBDir, "TB"); data/sjeng-11.2/rcfile.c:85:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(setcode, "%u", setc); data/sjeng-11.2/rcfile.c:182:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(setcode, "%u", setc); data/sjeng-11.2/search.c:38:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postpv[STR_BUFF]; data/sjeng-11.2/search.c:40:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char searching_move[20]; data/sjeng-11.2/search.c:1451:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char postmove[STR_BUFF]; data/sjeng-11.2/search.c:1461:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[8]; data/sjeng-11.2/segtb.c:487:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(f = fopen(TWO_PIECE_FILE, "w"))) return 0; data/sjeng-11.2/segtb.c:506:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. signed char fname[13]; data/sjeng-11.2/segtb.c:517:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(f = fopen(fname,"w"))) return 0; data/sjeng-11.2/segtb.c:950:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(f = fopen(TWO_PIECE_FILE, "r"))) return 0; data/sjeng-11.2/segtb.c:967:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. signed char fname[13]; data/sjeng-11.2/segtb.c:978:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(f = fopen(fname,"r"))) return 0; data/sjeng-11.2/sjeng.c:35:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char divider[50] = "-------------------------------------------------"; data/sjeng-11.2/sjeng.c:60:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char setcode[30]; data/sjeng-11.2/sjeng.c:81:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char my_partner[STR_BUFF]; data/sjeng-11.2/sjeng.c:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[STR_BUFF], *p, output[STR_BUFF]; data/sjeng-11.2/sjeng.c:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char readbuff[STR_BUFF]; data/sjeng-11.2/sjeng.c:116:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, std_material, sizeof(std_material)); data/sjeng-11.2/sjeng.c:122:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_standard = fopen ("standard.lrn", "rb+")) == NULL) data/sjeng-11.2/sjeng.c:126:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_standard = fopen ("standard.lrn", "wb+")) == NULL) data/sjeng-11.2/sjeng.c:133:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lrn_standard = fopen ("standard.lrn", "rb+"); data/sjeng-11.2/sjeng.c:136:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_zh = fopen ("bug.lrn", "rb+")) == NULL) data/sjeng-11.2/sjeng.c:140:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_zh = fopen ("bug.lrn", "wb+")) == NULL) data/sjeng-11.2/sjeng.c:147:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lrn_zh = fopen ("bug.lrn", "rb+"); data/sjeng-11.2/sjeng.c:150:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_suicide = fopen ("suicide.lrn", "rb+")) == NULL) data/sjeng-11.2/sjeng.c:154:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_suicide = fopen ("suicide.lrn", "wb+")) == NULL) data/sjeng-11.2/sjeng.c:161:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lrn_suicide = fopen ("suicide.lrn", "rb+"); data/sjeng-11.2/sjeng.c:164:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_losers = fopen ("losers.lrn", "rb+")) == NULL) data/sjeng-11.2/sjeng.c:168:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((lrn_losers = fopen ("losers.lrn", "wb+")) == NULL) data/sjeng-11.2/sjeng.c:175:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lrn_losers = fopen ("losers.lrn", "rb+"); data/sjeng-11.2/sjeng.c:529:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, std_material, sizeof(std_material)); data/sjeng-11.2/sjeng.c:681:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, std_material, sizeof(std_material)); data/sjeng-11.2/sjeng.c:687:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, zh_material, sizeof(zh_material)); data/sjeng-11.2/sjeng.c:693:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, zh_material, sizeof(zh_material)); data/sjeng-11.2/sjeng.c:700:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, suicide_material, sizeof(suicide_material)); data/sjeng-11.2/sjeng.c:707:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, suicide_material, sizeof(suicide_material)); data/sjeng-11.2/sjeng.c:713:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, losers_material, sizeof(losers_material)); data/sjeng-11.2/sjeng.c:828:12: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pn_time = atol(readbuff) * 100; data/sjeng-11.2/sjeng.c:841:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(material, std_material, sizeof(std_material)); data/sjeng-11.2/utils.c:165:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c@%c%d", type_to_char[move.promoted], t_file, t_rank); data/sjeng-11.2/utils.c:173:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d", t_file, t_rank); data/sjeng-11.2/utils.c:177:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d=%c", t_file, t_rank, type_to_char[move.promoted]); data/sjeng-11.2/utils.c:184:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%cx%c%d", f_file, t_file, t_rank); data/sjeng-11.2/utils.c:188:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%cx%c%d=%c", f_file, t_file, t_rank, data/sjeng-11.2/utils.c:197:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "O-O"); data/sjeng-11.2/utils.c:201:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "O-O-O"); data/sjeng-11.2/utils.c:240:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%c%c%c%d", type_to_char[board[move.from]], data/sjeng-11.2/utils.c:243:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%c%d%c%d", type_to_char[board[move.from]], data/sjeng-11.2/utils.c:249:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%c%cx%c%d", type_to_char[board[move.from]], data/sjeng-11.2/utils.c:252:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%c%dx%c%d", type_to_char[board[move.from]], data/sjeng-11.2/utils.c:260:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%c%c%d", type_to_char[board[move.from]], data/sjeng-11.2/utils.c:265:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%cx%c%d", type_to_char[board[move.from]], data/sjeng-11.2/utils.c:277:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "illg"); data/sjeng-11.2/utils.c:331:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c@%c%d", type_to_char[prom], t_file, t_rank); data/sjeng-11.2/utils.c:337:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d%c%d", f_file, f_rank, t_file, t_rank); data/sjeng-11.2/utils.c:343:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d%c%dn", f_file, f_rank, t_file, t_rank); data/sjeng-11.2/utils.c:346:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d%c%dr", f_file, f_rank, t_file, t_rank); data/sjeng-11.2/utils.c:349:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d%c%db", f_file, f_rank, t_file, t_rank); data/sjeng-11.2/utils.c:353:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d%c%dk", f_file, f_rank, t_file, t_rank); data/sjeng-11.2/utils.c:357:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (str, "%c%d%c%dq", f_file, f_rank, t_file, t_rank); data/sjeng-11.2/utils.c:369:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *piece_rep[14] = {"!!", " P", "*P", " N", "*N", " K", "*K", " R", data/sjeng-11.2/utils.c:422:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (board, init_board, sizeof (init_board)); data/sjeng-11.2/utils.c:481:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[STR_BUFF], *p; data/sjeng-11.2/utils.c:493:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). depth = atoi (input); data/sjeng-11.2/utils.c:535:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[STR_BUFF]; data/sjeng-11.2/utils.c:554:8: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(str, "> "); data/sjeng-11.2/utils.c:564:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[STR_BUFF]; data/sjeng-11.2/utils.c:592:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[STR_BUFF]; data/sjeng-11.2/utils.c:593:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hashpv[STR_BUFF]; data/sjeng-11.2/utils.c:640:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[STR_BUFF]; data/sjeng-11.2/utils.c:658:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[STR_BUFF]; data/sjeng-11.2/utils.c:676:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[STR_BUFF]; data/sjeng-11.2/utils.c:712:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char move[STR_BUFF]; data/sjeng-11.2/utils.c:929:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[STR_BUFF]; data/sjeng-11.2/utils.c:938:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). depth = atoi (input); data/sjeng-11.2/utils.c:947:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((stream = fopen (input, "w")) == NULL) { data/sjeng-11.2/utils.c:974:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comp_move[6]; data/sjeng-11.2/utils.c:1251:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (board, init_board, sizeof (init_board)); data/sjeng-11.2/book.c:90:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(f_book)) != EOF) { data/sjeng-11.2/book.c:216:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(possible_move, book[i] + (book_ply * 4), 4); data/sjeng-11.2/crazy.c:113:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(realholdings, str, 200); data/sjeng-11.2/newbook.c:72:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(pgnbook); data/sjeng-11.2/newbook.c:83:24: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(((buff[b++] = getc(pgnbook)) != ']') && (b < STR_BUFF)); data/sjeng-11.2/newbook.c:178:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(pgnbook); data/sjeng-11.2/newbook.c:195:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xch = getc(pgnbook); data/sjeng-11.2/newbook.c:213:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xch = getc(pgnbook); data/sjeng-11.2/newbook.c:230:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((ch = getc(pgnbook)) != '[') && !feof(pgnbook)); data/sjeng-11.2/newbook.c:236:10: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). xch = getc(pgnbook); data/sjeng-11.2/newbook.c:245:21: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(((ch = getc(pgnbook)) != '.') && !feof(pgnbook)); data/sjeng-11.2/newbook.c:251:22: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((ch = getc(pgnbook)) != '[') && !feof(pgnbook)); data/sjeng-11.2/newbook.c:265:25: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). movebuff[ms++] = getc(pgnbook); data/sjeng-11.2/newbook.c:314:22: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((ch = getc(pgnbook)) != '[') && !feof(pgnbook)); data/sjeng-11.2/proof.c:1400:8: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (PV, " "); data/sjeng-11.2/proof.c:1468:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (PV, " "); data/sjeng-11.2/segtb.c:957:27: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). table[j] = (signed char) fgetc(f); data/sjeng-11.2/utils.c:301:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(str, "#"); data/sjeng-11.2/utils.c:303:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(str, "+"); data/sjeng-11.2/utils.c:552:8: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(str, "<"); data/sjeng-11.2/utils.c:574:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (str, " "); data/sjeng-11.2/utils.c:857:16: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc (stream)) != (int) '\n' && ch != EOF) { data/sjeng-11.2/utils.c:1046:11: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/sjeng-11.2/utils.c:1054:4: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getc(stdin); data/sjeng-11.2/utils.c:1084:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/sjeng-11.2/utils.c:1092:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getc(stdin); data/sjeng-11.2/utils.c:1105:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/sjeng-11.2/utils.c:1113:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getc(stdin); data/sjeng-11.2/utils.c:1133:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/sjeng-11.2/utils.c:1141:8: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getc(stdin); ANALYSIS SUMMARY: Hits = 174 Lines analyzed = 18035 in approximately 0.44 seconds (41390 lines/second) Physical Source Lines of Code (SLOC) = 13313 Hits@level = [0] 333 [1] 30 [2] 130 [3] 3 [4] 11 [5] 0 Hits@level+ = [0+] 507 [1+] 174 [2+] 144 [3+] 14 [4+] 11 [5+] 0 Hits/KSLOC@level+ = [0+] 38.0831 [1+] 13.0699 [2+] 10.8165 [3+] 1.0516 [4+] 0.82626 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.