Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/transfermii-0.6.1/cwiid/bluetooth.c
Examining data/transfermii-0.6.1/cwiid/command.c
Examining data/transfermii-0.6.1/cwiid/connect.c
Examining data/transfermii-0.6.1/cwiid/cwiid.h
Examining data/transfermii-0.6.1/cwiid/cwiid_internal.h
Examining data/transfermii-0.6.1/cwiid/interface.c
Examining data/transfermii-0.6.1/cwiid/process.c
Examining data/transfermii-0.6.1/cwiid/state.c
Examining data/transfermii-0.6.1/cwiid/thread.c
Examining data/transfermii-0.6.1/cwiid/util.c
Examining data/transfermii-0.6.1/gui/pageAbout.c
Examining data/transfermii-0.6.1/gui/pageAbout.h
Examining data/transfermii-0.6.1/gui/pageLocal.c
Examining data/transfermii-0.6.1/gui/pageLocal.h
Examining data/transfermii-0.6.1/gui/pageWiimote.c
Examining data/transfermii-0.6.1/gui/pageWiimote.h
Examining data/transfermii-0.6.1/gui/transfermii_gui.c
Examining data/transfermii-0.6.1/tmii/filefunctions.c
Examining data/transfermii-0.6.1/tmii/miifunctions.c
Examining data/transfermii-0.6.1/tmii/others.c
Examining data/transfermii-0.6.1/tmii/tmii.h
Examining data/transfermii-0.6.1/tmii/wiimotefunctions.c
Examining data/transfermii-0.6.1/transfermii_cli.c
FINAL RESULTS:
data/transfermii-0.6.1/cwiid/util.c:76:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, str, ap);
data/transfermii-0.6.1/transfermii_cli.c:68:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((arg=getopt(argc, argv, "b:dhi:lm:s:t:u:")) != EOF) {
data/transfermii-0.6.1/cwiid/command.c:128:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[RPT_READ_REQ_LEN];
data/transfermii-0.6.1/cwiid/command.c:187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cursor, &mesg.data, mesg.len);
data/transfermii-0.6.1/cwiid/command.c:202:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)data)[i] = DECODE(((unsigned char *)data)[i]);
data/transfermii-0.6.1/cwiid/command.c:202:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)data)[i] = DECODE(((unsigned char *)data)[i]);
data/transfermii-0.6.1/cwiid/command.c:213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[RPT_WRITE_LEN];
data/transfermii-0.6.1/cwiid/command.c:240:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+5, data+sent, buf[4]);
data/transfermii-0.6.1/cwiid/command.c:309:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[SOUND_BUF_LEN] = { 0xA0, 0xC3, 0xC3, 0xC3, 0xC3,
data/transfermii-0.6.1/cwiid/cwiid.h:297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BT_NAME_LEN];
data/transfermii-0.6.1/cwiid/cwiid_internal.h:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[16];
data/transfermii-0.6.1/cwiid/interface.c:134:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state, &wiimote->state, sizeof *state);
data/transfermii-0.6.1/cwiid/interface.c:150:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[7];
data/transfermii-0.6.1/cwiid/process.c:244:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rw_mesg.data, data+3, rw_mesg.len);
data/transfermii-0.6.1/cwiid/state.c:51:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiimote->state.acc, mesg->acc_mesg.acc,
data/transfermii-0.6.1/cwiid/state.c:55:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiimote->state.ir_src, mesg->ir_mesg.src,
data/transfermii-0.6.1/cwiid/state.c:59:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiimote->state.ext.nunchuk.stick,
data/transfermii-0.6.1/cwiid/state.c:62:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiimote->state.ext.nunchuk.acc,
data/transfermii-0.6.1/cwiid/state.c:68:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiimote->state.ext.classic.l_stick,
data/transfermii-0.6.1/cwiid/state.c:71:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiimote->state.ext.classic.r_stick,
data/transfermii-0.6.1/cwiid/state.c:126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[RPT_MODE_BUF_LEN];
data/transfermii-0.6.1/cwiid/thread.c:65:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[READ_BUF_LEN];
data/transfermii-0.6.1/cwiid/util.c:114:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[SEND_RPT_BUF_LEN];
data/transfermii-0.6.1/cwiid/util.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+2, data, len);
data/transfermii-0.6.1/gui/pageLocal.c:136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffMiiName[MII_NAME_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageLocal.c:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffMiiCreator[MII_CREATOR_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufferchar[1024];
data/transfermii-0.6.1/gui/pageWiimote.c:158:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bufferchar, "Slot %i", i);
data/transfermii-0.6.1/gui/pageWiimote.c:419:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[11];
data/transfermii-0.6.1/gui/pageWiimote.c:445:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpmac[19];
data/transfermii-0.6.1/gui/pageWiimote.c:512:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, buff[MII_NAME_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:567:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffMiiName[MII_NAME_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffMiiCreator[MII_CREATOR_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:582:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, buff[MII_NAME_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:631:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mactmp[3];
data/transfermii-0.6.1/gui/pageWiimote.c:632:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labtmp[23+9+9];
data/transfermii-0.6.1/gui/pageWiimote.c:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffMiiName[MII_NAME_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:657:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffMiiCreator[MII_CREATOR_LENGTH_CHAR+1];
data/transfermii-0.6.1/gui/pageWiimote.c:658:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mactmp[3];
data/transfermii-0.6.1/gui/pageWiimote.c:659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labtmp[23+9+9];
data/transfermii-0.6.1/tmii/filefunctions.c:47:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(miifile, "r"))) {
data/transfermii-0.6.1/tmii/filefunctions.c:89:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(miifile, "w"))) {
data/transfermii-0.6.1/tmii/filefunctions.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MII_NAME_LENGTH_CHAR+1];
data/transfermii-0.6.1/tmii/miifunctions.c:36:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mii[MII_SIZE];
data/transfermii-0.6.1/tmii/miifunctions.c:37:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char miiblock[BLOCK_SIZE];
data/transfermii-0.6.1/tmii/miifunctions.c:38:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char wii_mac[3];
data/transfermii-0.6.1/tmii/miifunctions.c:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(miibuf?miibuf:mii, miiAddress(slot), MII_SIZE);
data/transfermii-0.6.1/tmii/miifunctions.c:75:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return !memcpy(str, src, MII_CREATOR_LENGTH_BYTE);
data/transfermii-0.6.1/tmii/miifunctions.c:98:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return !memcpy(dest, str, MII_CREATOR_LENGTH_BYTE);
data/transfermii-0.6.1/tmii/miifunctions.c:131:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, creatorsname, MII_CREATOR_LENGTH_BYTE);
data/transfermii-0.6.1/tmii/miifunctions.c:179:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, miisname, MII_NAME_LENGTH_BYTE);
data/transfermii-0.6.1/tmii/miifunctions.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MII_NAME_LENGTH_CHAR];
data/transfermii-0.6.1/tmii/miifunctions.c:337:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (!memcpy(pmii, mii, MII_SIZE)) {
data/transfermii-0.6.1/tmii/others.c:31:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char wii_mac[3];
data/transfermii-0.6.1/tmii/tmii.h:102:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char mii[MII_SIZE];
data/transfermii-0.6.1/tmii/tmii.h:103:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char miiblock[BLOCK_SIZE];
data/transfermii-0.6.1/tmii/wiimotefunctions.c:33:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char miiblock[BLOCK_SIZE];
data/transfermii-0.6.1/transfermii_cli.c:89:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 's' : if (!slot) slot=atoi(optarg); break;
data/transfermii-0.6.1/transfermii_cli.c:90:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 't' : if (!slot2) slot2=atoi(optarg); break;
data/transfermii-0.6.1/cwiid/command.c:249:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(wiimote->rw_pipe[0], &mesg, sizeof mesg) != sizeof mesg) {
data/transfermii-0.6.1/cwiid/thread.c:72:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(wiimote->int_socket, buf, READ_BUF_LEN);
data/transfermii-0.6.1/cwiid/util.c:94:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(wiimote->ctl_socket, &handshake, 1) != 1) {
data/transfermii-0.6.1/cwiid/util.c:167:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((last_len = read(fd, buf, len)) == -1) {
data/transfermii-0.6.1/gui/pageWiimote.c:333:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(fname)+strlen("Writing file ")+1;
data/transfermii-0.6.1/gui/pageWiimote.c:333:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(fname)+strlen("Writing file ")+1;
data/transfermii-0.6.1/gui/pageWiimote.c:376:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(fname)+strlen("Reading file ")+1;
data/transfermii-0.6.1/gui/pageWiimote.c:376:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(fname)+strlen("Reading file ")+1;
data/transfermii-0.6.1/gui/pageWiimote.c:424:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, (char*)gtk_entry_get_text(GTK_ENTRY(wiiMacEntry)), 10);
data/transfermii-0.6.1/tmii/miifunctions.c:332:7: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getchar() != 'y')
ANALYSIS SUMMARY:
Hits = 69
Lines analyzed = 4930 in approximately 0.15 seconds (32523 lines/second)
Physical Source Lines of Code (SLOC) = 3401
Hits@level = [0] 68 [1] 10 [2] 57 [3] 1 [4] 1 [5] 0
Hits@level+ = [0+] 137 [1+] 69 [2+] 59 [3+] 2 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 40.2823 [1+] 20.2882 [2+] 17.3478 [3+] 0.588062 [4+] 0.294031 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.