stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tp-smapi-0.43/hdaps.c
Examining data/tp-smapi-0.43/thinkpad_ec.c
Examining data/tp-smapi-0.43/thinkpad_ec.h
Examining data/tp-smapi-0.43/tp_smapi.c

FINAL RESULTS:

data/tp-smapi-0.43/tp_smapi.c:625:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		return sprintf(buf, "%s\n", na_msg);
data/tp-smapi-0.43/tp_smapi.c:927:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	return sprintf(buf, "%s\n", txt);  /* type: string from fixed set */
data/tp-smapi-0.43/hdaps.c:515:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "(%d,%d)\n", pos_x, pos_y);
data/tp-smapi-0.43/hdaps.c:524:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", temperature);
data/tp-smapi-0.43/hdaps.c:534:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%u\n",
data/tp-smapi-0.43/hdaps.c:545:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%u\n",
data/tp-smapi-0.43/hdaps.c:552:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "(%d,%d)\n", rest_x, rest_y);
data/tp-smapi-0.43/hdaps.c:566:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%u\n", hdaps_invert);
data/tp-smapi-0.43/hdaps.c:588:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", sampling_rate);
data/tp-smapi-0.43/hdaps.c:616:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%u\n", ec_rate / sampling_rate);
data/tp-smapi-0.43/hdaps.c:641:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%u\n", order);
data/tp-smapi-0.43/tp_smapi.c:522:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dataval, &data.val, TP_CONTROLLER_ROW_LEN);
data/tp-smapi-0.43/tp_smapi.c:627:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		return sprintf(buf, "%u\n", mul*(unsigned int)val);
data/tp-smapi-0.43/tp_smapi.c:648:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", mul*(s16)val+add);
data/tp-smapi-0.43/tp_smapi.c:698:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", milliamp*millivolt/1000); /* units: mW */
data/tp-smapi-0.43/tp_smapi.c:728:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%04d-%02d-%02d\n", year, month, day);
data/tp-smapi-0.43/tp_smapi.c:745:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", thresh);  /* units: percent */
data/tp-smapi-0.43/tp_smapi.c:756:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", thresh);  /* units: percent */
data/tp-smapi-0.43/tp_smapi.c:853:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", minutes);  /* units: minutes */
data/tp-smapi-0.43/tp_smapi.c:882:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", enabled);  /* type: boolean */
data/tp-smapi-0.43/tp_smapi.c:906:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", ret); /* type: boolean */
data/tp-smapi-0.43/tp_smapi.c:917:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		return sprintf(buf, "none\n");
data/tp-smapi-0.43/tp_smapi.c:925:20:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	default:   return sprintf(buf, "unknown (0x%x)\n", row[1]);
data/tp-smapi-0.43/tp_smapi.c:1168:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				p += sprintf(p, "-- "); /* unused by EC */
data/tp-smapi-0.43/tp_smapi.c:1170:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				p += sprintf(p, "%02x ", rowa[i]);
data/tp-smapi-0.43/tp_smapi.c:1188:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	return sprintf(buf, "%d\n", ret);  /* type: boolean */
data/tp-smapi-0.43/tp_smapi.c:1199:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char smapi_attr_answer[MAX_SMAPI_ATTR_ANSWER_LEN] = "";
data/tp-smapi-0.43/tp_smapi.c:670:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(buf, (char *)row+offset, maxlen);
data/tp-smapi-0.43/tp_smapi.c:672:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(buf, "\n");
data/tp-smapi-0.43/tp_smapi.c:673:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return strlen(buf);
data/tp-smapi-0.43/tp_smapi.c:1172:8:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
		p += sprintf(p, "\n");

ANALYSIS SUMMARY:

Hits = 31
Lines analyzed = 2957 in approximately 0.11 seconds (26950 lines/second)
Physical Source Lines of Code (SLOC) = 2008
Hits@level = [0]  11 [1]   4 [2]  25 [3]   0 [4]   2 [5]   0
Hits@level+ = [0+]  42 [1+]  31 [2+]  27 [3+]   2 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 20.9163 [1+] 15.4382 [2+] 13.4462 [3+] 0.996016 [4+] 0.996016 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.