Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/vdr-plugin-femon-2.4.0/h264.c Examining data/vdr-plugin-femon-2.4.0/ac3.c Examining data/vdr-plugin-femon-2.4.0/receiver.c Examining data/vdr-plugin-femon-2.4.0/aac.h Examining data/vdr-plugin-femon-2.4.0/latm.c Examining data/vdr-plugin-femon-2.4.0/svdrpservice.h Examining data/vdr-plugin-femon-2.4.0/setup.h Examining data/vdr-plugin-femon-2.4.0/tools.c Examining data/vdr-plugin-femon-2.4.0/log.h Examining data/vdr-plugin-femon-2.4.0/config.h Examining data/vdr-plugin-femon-2.4.0/osd.h Examining data/vdr-plugin-femon-2.4.0/ac3.h Examining data/vdr-plugin-femon-2.4.0/audio.h Examining data/vdr-plugin-femon-2.4.0/video.h Examining data/vdr-plugin-femon-2.4.0/aac.c Examining data/vdr-plugin-femon-2.4.0/receiver.h Examining data/vdr-plugin-femon-2.4.0/femon.c Examining data/vdr-plugin-femon-2.4.0/h264.h Examining data/vdr-plugin-femon-2.4.0/symbol.c Examining data/vdr-plugin-femon-2.4.0/config.c Examining data/vdr-plugin-femon-2.4.0/h265.h Examining data/vdr-plugin-femon-2.4.0/femonservice.h Examining data/vdr-plugin-femon-2.4.0/setup.c Examining data/vdr-plugin-femon-2.4.0/tools.h Examining data/vdr-plugin-femon-2.4.0/mpeg.c Examining data/vdr-plugin-femon-2.4.0/iptvservice.h Examining data/vdr-plugin-femon-2.4.0/latm.h Examining data/vdr-plugin-femon-2.4.0/symbol.h Examining data/vdr-plugin-femon-2.4.0/h265.c Examining data/vdr-plugin-femon-2.4.0/osd.c Examining data/vdr-plugin-femon-2.4.0/mpeg.h FINAL RESULTS: data/vdr-plugin-femon-2.4.0/femon.c:246:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("Tracing mode: 0x%04X\n", FemonConfig.GetTraceMode()); data/vdr-plugin-femon-2.4.0/femon.c:269:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("Switching to next device: %s", cFemonOsd::Instance()->DeviceSwitch(1) ? "ok" : "failed"); data/vdr-plugin-femon-2.4.0/femon.c:275:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("Switching to previous device: %s", cFemonOsd::Instance()->DeviceSwitch(-1) ? "ok" : "failed"); data/vdr-plugin-femon-2.4.0/femon.c:289:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%d on device #%d", dev->SignalStrength(), dev->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:292:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%d on device #%d", dev->SignalQuality(), dev->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:295:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.2f dBm on device #%d", getSignal(dev), dev->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:298:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.2f dB on device #%d", getCNR(dev), dev->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:301:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.0f on device #%d", getBER(dev), dev->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:304:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.0f on device #%d", getPER(dev), dev->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:308:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s on device #%d", *getBitrateMbits(cFemonOsd::Instance()->GetVideoBitrate()), cDevice::ActualDevice()->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:310:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("--- Mbit/s on device #%d", cDevice::ActualDevice()->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:314:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s on device #%d", *getBitrateKbits(cFemonOsd::Instance()->GetAudioBitrate()), cDevice::ActualDevice()->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:316:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("--- kbit/s on device #%d", cDevice::ActualDevice()->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:320:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s on device #%d", *getBitrateKbits(cFemonOsd::Instance()->GetDolbyBitrate()), cDevice::ActualDevice()->CardIndex()); data/vdr-plugin-femon-2.4.0/femon.c:322:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("--- kbit/s on device #%d", cDevice::ActualDevice()->CardIndex()); data/vdr-plugin-femon-2.4.0/osd.c:257:38: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWSTATUSTITLEBAR(*cString::sprintf("%d%s %s", numberM ? numberM : channel->Number(), numberM ? "-" : "", channel->ShortName(true))); data/vdr-plugin-femon-2.4.0/osd.c:374:51: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWSTATUSVALUES(signalValidM ? *cString::sprintf("STR: %.2f dBm", signalM) : "STR: ---", data/vdr-plugin-femon-2.4.0/osd.c:375:48: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cnrValidM ? *cString::sprintf("CNR: %.2f dB", cnrM) : "CNR: ---", data/vdr-plugin-femon-2.4.0/osd.c:376:48: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. berValidM ? *cString::sprintf("BER: %.0f", berM) : "BER: ---", data/vdr-plugin-femon-2.4.0/osd.c:377:48: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. perValidM ? *cString::sprintf("PER: %.0f", perM) : "PER: ---", data/vdr-plugin-femon-2.4.0/osd.c:378:36: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. *cString::sprintf("%s: %s", tr("Video"), *getBitrateMbits(receiverM ? receiverM->VideoBitrate() : (svdrpFrontendM >= 0 ? svdrpVideoBitRateM : -1.0))), data/vdr-plugin-femon-2.4.0/osd.c:379:36: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. *cString::sprintf("%s: %s", (receiverM && receiverM->AC3Valid() && IS_DOLBY_TRACK(track)) ? tr("AC-3") : tr("Audio"), *getBitrateKbits(receiverM ? ((receiverM->AC3Valid() && IS_DOLBY_TRACK(track)) ? receiverM->AC3Bitrate() : receiverM->AudioBitrate()) : (svdrpFrontendM >= 0 ? svdrpAudioBitRateM : -1.0))) data/vdr-plugin-femon-2.4.0/osd.c:410:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLEFT( trVDR("Vpid"), *cString::sprintf("%d", channel->Vpid())); data/vdr-plugin-femon-2.4.0/osd.c:411:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT(trVDR("Ppid"), *cString::sprintf("%d", channel->Ppid())); data/vdr-plugin-femon-2.4.0/osd.c:417:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT(trVDR("Tpid"), *cString::sprintf("%d", channel->Tpid())); data/vdr-plugin-femon-2.4.0/osd.c:419:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLEFT( trVDR("Sid"), *cString::sprintf("%d", channel->Sid())); data/vdr-plugin-femon-2.4.0/osd.c:420:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT( tr("Nid"), *cString::sprintf("%d", channel->Nid())); data/vdr-plugin-femon-2.4.0/osd.c:422:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLEFT( tr("Tid"), *cString::sprintf("%d", channel->Tid())); data/vdr-plugin-femon-2.4.0/osd.c:423:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT( tr("Rid"), *cString::sprintf("%d", channel->Rid())); data/vdr-plugin-femon-2.4.0/osd.c:430:46: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLINE(*cString::sprintf("%s #%d - %s", *getSatelliteSystem(dtp.System()), (svdrpFrontendM >= 0) ? svdrpFrontendM : cDevice::ActualDevice()->CardIndex(), *frontendNameM)); data/vdr-plugin-femon-2.4.0/osd.c:435:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLEFT( trVDR("Srate"), *cString::sprintf("%d", channel->Srate())); data/vdr-plugin-femon-2.4.0/osd.c:436:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT(trVDR("Polarization"), *cString::sprintf("%c", toupper(dtp.Polarization()))); data/vdr-plugin-femon-2.4.0/osd.c:452:46: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLINE(*cString::sprintf("DVB-C #%d - %s", (svdrpFrontendM >= 0) ? svdrpFrontendM : cDevice::ActualDevice()->CardIndex(), *frontendNameM)); data/vdr-plugin-femon-2.4.0/osd.c:457:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLEFT( trVDR("Srate"), *cString::sprintf("%d", channel->Srate())); data/vdr-plugin-femon-2.4.0/osd.c:467:46: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLINE(*cString::sprintf("%s #%d - %s", *getTerrestrialSystem(dtp.System()), (svdrpFrontendM >= 0) ? svdrpFrontendM : cDevice::ActualDevice()->CardIndex(), *frontendNameM)); data/vdr-plugin-femon-2.4.0/osd.c:476:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT(tr ("Coderate"), *cString::sprintf("%s (H) %s (L)", *getCoderate(dtp.CoderateH()), *getCoderate(dtp.CoderateL()))); data/vdr-plugin-femon-2.4.0/osd.c:483:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT(trVDR("StreamId"), *cString::sprintf("%d", dtp.StreamId())); data/vdr-plugin-femon-2.4.0/osd.c:485:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLEFT( trVDR("T2SystemId"),*cString::sprintf("%d", dtp.T2SystemId())); data/vdr-plugin-femon-2.4.0/osd.c:486:70: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFORIGHT(trVDR("SISO/MISO"), *cString::sprintf("%d", dtp.SisoMiso())); data/vdr-plugin-femon-2.4.0/osd.c:492:46: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOLINE(*cString::sprintf("IPTV #%d - %s", (svdrpFrontendM >= 0) ? svdrpFrontendM : cDevice::ActualDevice()->CardIndex(), *frontendNameM)); data/vdr-plugin-femon-2.4.0/osd.c:563:76: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. OSDDRAWINFOINACTIVE(tr("Low Frequency Effects"), *cString::sprintf("%s", receiverM->AC3Lfe() ? trVDR("on") : trVDR("off"))); data/vdr-plugin-femon-2.4.0/osd.c:583:26: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cmd.command = cString::sprintf("PLUG %s INFO\r\n", PLUGIN_NAME_I18N); data/vdr-plugin-femon-2.4.0/osd.c:921:36: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cmd.command = cString::sprintf("PLUG %s\r\n", PLUGIN_NAME_I18N); data/vdr-plugin-femon-2.4.0/osd.c:945:33: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cmd.command = cString::sprintf("CHAN %s\r\n", *channel->GetChannelID().ToString()); data/vdr-plugin-femon-2.4.0/setup.c:159:47: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return AddSubMenu(new cMenuText(cString::sprintf("%s - %s '%s'", tr("Help"), trVDR("Plugin"), PLUGIN_NAME_I18N), helpM[Current()])); data/vdr-plugin-femon-2.4.0/tools.c:26:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0000: return cString::sprintf("%s (%X)", trVDR("Free To Air"), valueP); // Reserved data/vdr-plugin-femon-2.4.0/tools.c:28:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x00A2 ... 0x00FF: return cString::sprintf("%s (%X)", tr("Fixed"), valueP); // Standardized systems data/vdr-plugin-femon-2.4.0/tools.c:29:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x00A0 ... 0x00A1: return cString::sprintf("%s (%X)", tr("Analog"), valueP); // Analog signals data/vdr-plugin-femon-2.4.0/tools.c:30:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0100 ... 0x01FF: return cString::sprintf("SECA Mediaguard (%X)", valueP); // Canal Plus data/vdr-plugin-femon-2.4.0/tools.c:31:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0464: return cString::sprintf("EuroDec (%X)", valueP); // EuroDec data/vdr-plugin-femon-2.4.0/tools.c:32:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0500 ... 0x05FF: return cString::sprintf("Viaccess (%X)", valueP); // France Telecom data/vdr-plugin-femon-2.4.0/tools.c:33:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0600 ... 0x06FF: return cString::sprintf("Irdeto (%X)", valueP); // Irdeto data/vdr-plugin-femon-2.4.0/tools.c:34:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0700 ... 0x07FF: return cString::sprintf("DigiCipher 2 (%X)", valueP); // Jerrold/GI/Motorola 4DTV data/vdr-plugin-femon-2.4.0/tools.c:35:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0900 ... 0x09FF: return cString::sprintf("NDS Videoguard (%X)", valueP); // NDS data/vdr-plugin-femon-2.4.0/tools.c:36:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0B00 ... 0x0BFF: return cString::sprintf("Conax (%X)", valueP); // Norwegian Telekom data/vdr-plugin-femon-2.4.0/tools.c:37:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0D00 ... 0x0DFF: return cString::sprintf("CryptoWorks (%X)", valueP); // Philips CryptoTec data/vdr-plugin-femon-2.4.0/tools.c:38:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x0E00 ... 0x0EFF: return cString::sprintf("PowerVu (%X)", valueP); // Scientific Atlanta data/vdr-plugin-femon-2.4.0/tools.c:39:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x1000: return cString::sprintf("RAS (%X)", valueP); // Tandberg Television data/vdr-plugin-femon-2.4.0/tools.c:40:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x1200 ... 0x12FF: return cString::sprintf("NagraVision (%X)", valueP); // BellVu Express data/vdr-plugin-femon-2.4.0/tools.c:41:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x1700 ... 0x17FF: return cString::sprintf("VCAS (%X)", valueP); // Verimatrix Inc. former BetaTechnik data/vdr-plugin-femon-2.4.0/tools.c:42:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x1800 ... 0x18FF: return cString::sprintf("NagraVision (%X)", valueP); // Kudelski SA data/vdr-plugin-femon-2.4.0/tools.c:43:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x22F0: return cString::sprintf("Codicrypt (%X)", valueP); // Scopus Network Technologies data/vdr-plugin-femon-2.4.0/tools.c:44:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x2600: return cString::sprintf("BISS (%X)", valueP); // European Broadcasting Union data/vdr-plugin-femon-2.4.0/tools.c:45:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x2719: return cString::sprintf("VanyaCas (%X)", valueP); // S-Curious Research & Technology Pvt. Ltd. data/vdr-plugin-femon-2.4.0/tools.c:46:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4347: return cString::sprintf("CryptOn (%X)", valueP); // CryptOn data/vdr-plugin-femon-2.4.0/tools.c:47:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4800: return cString::sprintf("Accessgate (%X)", valueP); // Telemann data/vdr-plugin-femon-2.4.0/tools.c:48:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4900: return cString::sprintf("China Crypt (%X)", valueP); // CryptoWorks data/vdr-plugin-femon-2.4.0/tools.c:49:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A02: return cString::sprintf("Tongfang (%X)", valueP); // Tsinghua Tongfang Company data/vdr-plugin-femon-2.4.0/tools.c:50:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A10: return cString::sprintf("EasyCas (%X)", valueP); // EasyCas data/vdr-plugin-femon-2.4.0/tools.c:51:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A20: return cString::sprintf("AlphaCrypt (%X)", valueP); // AlphaCrypt data/vdr-plugin-femon-2.4.0/tools.c:52:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A60: return cString::sprintf("SkyCrypt (%X)", valueP); // @Sky data/vdr-plugin-femon-2.4.0/tools.c:53:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A61: return cString::sprintf("Neotioncrypt (%X)", valueP); // Neotion data/vdr-plugin-femon-2.4.0/tools.c:54:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A62: return cString::sprintf("SkyCrypt (%X)", valueP); // @Sky data/vdr-plugin-femon-2.4.0/tools.c:55:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A63: return cString::sprintf("Neotion SHL (%X)", valueP); // Neotion data/vdr-plugin-femon-2.4.0/tools.c:56:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A64 ... 0x4A6F: return cString::sprintf("SkyCrypt (%X)", valueP); // @Sky data/vdr-plugin-femon-2.4.0/tools.c:57:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A70: return cString::sprintf("DreamCrypt (%X)", valueP); // Dream Multimedia data/vdr-plugin-femon-2.4.0/tools.c:58:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4A80: return cString::sprintf("ThalesCrypt (%X)", valueP); // Thales Broadcast & Multimedia data/vdr-plugin-femon-2.4.0/tools.c:59:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AA1: return cString::sprintf("KeyFly (%X)", valueP); // SIDSA data/vdr-plugin-femon-2.4.0/tools.c:60:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4ABF: return cString::sprintf("CTI-CAS (%X)", valueP); // Beijing Compunicate Technology Inc. data/vdr-plugin-femon-2.4.0/tools.c:61:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AC1: return cString::sprintf("Latens (%X)", valueP); // Latens Systems data/vdr-plugin-femon-2.4.0/tools.c:62:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AD0 ... 0x4AD1: return cString::sprintf("X-Crypt (%X)", valueP); // XCrypt Inc. data/vdr-plugin-femon-2.4.0/tools.c:63:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AD4: return cString::sprintf("OmniCrypt (%X)", valueP); // Widevine Technologies, Inc. data/vdr-plugin-femon-2.4.0/tools.c:64:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AE0 ... 0x4AE1: return cString::sprintf("Z-Crypt (%X)", valueP); // Digi Raum Electronics Co. Ltd. data/vdr-plugin-femon-2.4.0/tools.c:65:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AE4: return cString::sprintf("CoreCrypt (%X)", valueP); // CoreTrust data/vdr-plugin-femon-2.4.0/tools.c:66:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AE5: return cString::sprintf("PRO-Crypt (%X)", valueP); // IK SATPROF data/vdr-plugin-femon-2.4.0/tools.c:67:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AEA: return cString::sprintf("Cryptoguard (%X)", valueP); // Gryptoguard AB data/vdr-plugin-femon-2.4.0/tools.c:68:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AEB: return cString::sprintf("Abel Quintic (%X)", valueP); // Abel DRM Systems data/vdr-plugin-femon-2.4.0/tools.c:69:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x4AF0: return cString::sprintf("ABV (%X)", valueP); // Alliance Broadcast Vision data/vdr-plugin-femon-2.4.0/tools.c:70:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x5500: return cString::sprintf("Z-Crypt (%X)", valueP); // Digi Raum Electronics Co. Ltd. data/vdr-plugin-femon-2.4.0/tools.c:71:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x5501: return cString::sprintf("Griffin (%X)", valueP); // Nucleus Systems Ltd. data/vdr-plugin-femon-2.4.0/tools.c:72:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x5581: return cString::sprintf("Bulcrypt (%X)", valueP); // Bulcrypt data/vdr-plugin-femon-2.4.0/tools.c:73:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0x7BE1: return cString::sprintf("DRE-Crypt (%X)", valueP); // DRE-Crypt data/vdr-plugin-femon-2.4.0/tools.c:74:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0xA101: return cString::sprintf("RosCrypt-M (%X)", valueP); // NIIR data/vdr-plugin-femon-2.4.0/tools.c:75:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case 0xEAD0: return cString::sprintf("VanyaCas (%X)", valueP); // S-Curious Research & Technology Pvt. Ltd. data/vdr-plugin-femon-2.4.0/tools.c:78:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%X", valueP); data/vdr-plugin-femon-2.4.0/tools.c:102:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("CARD:%d\nSTRG:%d\nQUAL:%d\nTYPE:%s\nNAME:%s", deviceP->CardIndex(), deviceP->SignalStrength(), deviceP->SignalQuality(), *deviceP->DeviceType(), *deviceP->DeviceName()); data/vdr-plugin-femon-2.4.0/tools.c:105:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nSTAT:%04X", *info, status); data/vdr-plugin-femon-2.4.0/tools.c:107:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nSGNL:%s", *info, *dtoa(signal, "%.2f")); data/vdr-plugin-femon-2.4.0/tools.c:109:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nCNRA:%s", *info, *dtoa(cnr, "%.2f")); data/vdr-plugin-femon-2.4.0/tools.c:111:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nBERA:%s", *info, *dtoa(ber, "%.0f")); data/vdr-plugin-femon-2.4.0/tools.c:113:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nPERA:%s", *info, *dtoa(per, "%.0f")); data/vdr-plugin-femon-2.4.0/tools.c:117:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nVIBR:%s\nAUBR:%s\nDDBR:%s", *info, *dtoa(cFemonOsd::Instance()->GetVideoBitrate(), "%.0f"), *dtoa(cFemonOsd::Instance()->GetAudioBitrate(), "%.0f"), *dtoa(cFemonOsd::Instance()->GetDolbyBitrate(), "%.0f")); data/vdr-plugin-femon-2.4.0/tools.c:122:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. info = cString::sprintf("%s\nCHAN:%s", *info, *channel->ToText()); data/vdr-plugin-femon-2.4.0/tools.c:132:20: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return (cString::sprintf("%s on deviceP #%d", *deviceP->DeviceName(), deviceP->CardIndex())); data/vdr-plugin-femon-2.4.0/tools.c:142:26: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return (cString::sprintf("Status %s:%s:%s:%s:%s on deviceP #%d", (status & DTV_STAT_HAS_LOCK) ? "LOCKED" : "-", (status & DTV_STAT_HAS_SIGNAL) ? "SIGNAL" : "-", (status & DTV_STAT_HAS_CARRIER) ? "CARRIER" : "-", (status & DTV_STAT_HAS_VITERBI) ? "VITERBI" : "-", (status & DTV_STAT_HAS_SYNC) ? "SYNC" : "-", deviceP->CardIndex())); data/vdr-plugin-femon-2.4.0/tools.c:203:28: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cString apids = cString::sprintf("%d", channelP->Apid(value)); data/vdr-plugin-femon-2.4.0/tools.c:205:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. apids = cString::sprintf("%s, %d", *apids, channelP->Apid(value)); data/vdr-plugin-femon-2.4.0/tools.c:212:28: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cString dpids = cString::sprintf("%d", channelP->Dpid(value)); data/vdr-plugin-femon-2.4.0/tools.c:214:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. dpids = cString::sprintf("%s, %d", *dpids, channelP->Dpid(value)); data/vdr-plugin-femon-2.4.0/tools.c:221:28: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cString spids = cString::sprintf("%d", channelP->Spid(value)); data/vdr-plugin-femon-2.4.0/tools.c:223:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. spids = cString::sprintf("%s, %d", *spids, channelP->Spid(value)); data/vdr-plugin-femon-2.4.0/tools.c:230:28: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. cString caids = cString::sprintf("%s", *getCA(channelP->Ca(value))); data/vdr-plugin-femon-2.4.0/tools.c:232:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. caids = cString::sprintf("%s, %s", *caids, *getCA(channelP->Ca(value))); data/vdr-plugin-femon-2.4.0/tools.c:239:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("#%d", value); data/vdr-plugin-femon-2.4.0/tools.c:240:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:250:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("#%d (%s)", channelP->Apid(pid), channelP->Alang(pid)); data/vdr-plugin-femon-2.4.0/tools.c:252:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("#%d", channelP->Apid(pid)); data/vdr-plugin-femon-2.4.0/tools.c:254:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:264:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("#%d (%s)", channelP->Dpid(pid), channelP->Dlang(pid)); data/vdr-plugin-femon-2.4.0/tools.c:266:25: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("#%d", channelP->Dpid(pid)); data/vdr-plugin-femon-2.4.0/tools.c:268:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:274:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_CODEC_MPEG2: return cString::sprintf("%s", tr("MPEG-2")); data/vdr-plugin-femon-2.4.0/tools.c:275:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_CODEC_H264: return cString::sprintf("%s", tr("H.264")); data/vdr-plugin-femon-2.4.0/tools.c:276:45: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_CODEC_H265: return cString::sprintf("%s", tr("H.265")); data/vdr-plugin-femon-2.4.0/tools.c:279:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:285:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_MPEG1_I: return cString::sprintf("%s", tr("MPEG-1 Layer I")); data/vdr-plugin-femon-2.4.0/tools.c:286:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_MPEG1_II: return cString::sprintf("%s", tr("MPEG-1 Layer II")); data/vdr-plugin-femon-2.4.0/tools.c:287:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_MPEG1_III: return cString::sprintf("%s", tr("MPEG-1 Layer III")); data/vdr-plugin-femon-2.4.0/tools.c:288:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_MPEG2_I: return cString::sprintf("%s", tr("MPEG-2 Layer I")); data/vdr-plugin-femon-2.4.0/tools.c:289:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_MPEG2_II: return cString::sprintf("%s", tr("MPEG-2 Layer II")); data/vdr-plugin-femon-2.4.0/tools.c:290:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_MPEG2_III: return cString::sprintf("%s", tr("MPEG-2 Layer III")); data/vdr-plugin-femon-2.4.0/tools.c:291:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_HEAAC: return cString::sprintf("%s", tr("HE-AAC")); data/vdr-plugin-femon-2.4.0/tools.c:292:49: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODEC_LATM: return cString::sprintf("%s", tr("LATM")); data/vdr-plugin-femon-2.4.0/tools.c:295:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:301:59: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CHANNEL_MODE_STEREO: return cString::sprintf("%s", tr("stereo")); data/vdr-plugin-femon-2.4.0/tools.c:302:59: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CHANNEL_MODE_JOINT_STEREO: return cString::sprintf("%s", tr("joint Stereo")); data/vdr-plugin-femon-2.4.0/tools.c:303:59: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CHANNEL_MODE_DUAL: return cString::sprintf("%s", tr("dual")); data/vdr-plugin-femon-2.4.0/tools.c:304:59: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CHANNEL_MODE_SINGLE: return cString::sprintf("%s", tr("mono")); data/vdr-plugin-femon-2.4.0/tools.c:307:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:312:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, CoderateValues)); data/vdr-plugin-femon-2.4.0/tools.c:317:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, TransmissionValues)); data/vdr-plugin-femon-2.4.0/tools.c:322:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, BandwidthValues)); data/vdr-plugin-femon-2.4.0/tools.c:327:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, InversionValues)); data/vdr-plugin-femon-2.4.0/tools.c:332:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, HierarchyValues)); data/vdr-plugin-femon-2.4.0/tools.c:337:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, GuardValues)); data/vdr-plugin-femon-2.4.0/tools.c:342:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, ModulationValues)); data/vdr-plugin-femon-2.4.0/tools.c:347:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, SystemValuesTerr)); data/vdr-plugin-femon-2.4.0/tools.c:352:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, SystemValuesSat)); data/vdr-plugin-femon-2.4.0/tools.c:357:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, RollOffValues)); data/vdr-plugin-femon-2.4.0/tools.c:362:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s", getUserString(valueP, PilotValues)); data/vdr-plugin-femon-2.4.0/tools.c:369:53: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_SCAN_INTERLACED: return cString::sprintf("%dx%d %s", widthP, heightP, tr("interlaced")); data/vdr-plugin-femon-2.4.0/tools.c:370:53: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_SCAN_PROGRESSIVE: return cString::sprintf("%dx%d %s", widthP, heightP, tr("progressive")); data/vdr-plugin-femon-2.4.0/tools.c:371:53: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. default: return cString::sprintf("%dx%d", widthP, heightP); data/vdr-plugin-femon-2.4.0/tools.c:374:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:380:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_ASPECT_RATIO_RESERVED: return cString::sprintf("%s", tr("reserved")); data/vdr-plugin-femon-2.4.0/tools.c:381:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_ASPECT_RATIO_EXTENDED: return cString::sprintf("%s", tr("extended")); data/vdr-plugin-femon-2.4.0/tools.c:382:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_1_1: return cString::sprintf("1:1"); data/vdr-plugin-femon-2.4.0/tools.c:383:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_4_3: return cString::sprintf("4:3"); data/vdr-plugin-femon-2.4.0/tools.c:384:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_16_9: return cString::sprintf("16:9"); data/vdr-plugin-femon-2.4.0/tools.c:385:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_2_21_1: return cString::sprintf("2.21:1"); data/vdr-plugin-femon-2.4.0/tools.c:386:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_12_11: return cString::sprintf("12:11"); data/vdr-plugin-femon-2.4.0/tools.c:387:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_10_11: return cString::sprintf("10:11"); data/vdr-plugin-femon-2.4.0/tools.c:388:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_16_11: return cString::sprintf("16:11"); data/vdr-plugin-femon-2.4.0/tools.c:389:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_40_33: return cString::sprintf("40:33"); data/vdr-plugin-femon-2.4.0/tools.c:390:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_24_11: return cString::sprintf("24:11"); data/vdr-plugin-femon-2.4.0/tools.c:391:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_20_11: return cString::sprintf("20:11"); data/vdr-plugin-femon-2.4.0/tools.c:392:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_32_11: return cString::sprintf("32:11"); data/vdr-plugin-femon-2.4.0/tools.c:393:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_80_33: return cString::sprintf("80:33"); data/vdr-plugin-femon-2.4.0/tools.c:394:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_18_11: return cString::sprintf("18:11"); data/vdr-plugin-femon-2.4.0/tools.c:395:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_15_11: return cString::sprintf("15:11"); data/vdr-plugin-femon-2.4.0/tools.c:396:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_64_33: return cString::sprintf("64:33"); data/vdr-plugin-femon-2.4.0/tools.c:397:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_160_99: return cString::sprintf("160:99"); data/vdr-plugin-femon-2.4.0/tools.c:398:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_3_2: return cString::sprintf("3:2"); data/vdr-plugin-femon-2.4.0/tools.c:399:55: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case VIDEO_ASPECT_RATIO_2_1: return cString::sprintf("2:1"); data/vdr-plugin-femon-2.4.0/tools.c:402:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:408:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_UNKNOWN: return cString::sprintf("%s", tr("unknown")); data/vdr-plugin-femon-2.4.0/tools.c:409:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_RESERVED: return cString::sprintf("%s", tr("reserved")); data/vdr-plugin-femon-2.4.0/tools.c:410:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_COMPONENT: return cString::sprintf("%s", tr("component")); data/vdr-plugin-femon-2.4.0/tools.c:411:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_PAL: return cString::sprintf("%s", tr("PAL")); data/vdr-plugin-femon-2.4.0/tools.c:412:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_NTSC: return cString::sprintf("%s", tr("NTSC")); data/vdr-plugin-femon-2.4.0/tools.c:413:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_SECAM: return cString::sprintf("%s", tr("SECAM")); data/vdr-plugin-femon-2.4.0/tools.c:414:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case VIDEO_FORMAT_MAC: return cString::sprintf("%s", tr("MAC")); data/vdr-plugin-femon-2.4.0/tools.c:417:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:423:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.2f %s", valueP, tr("Hz")); data/vdr-plugin-femon-2.4.0/tools.c:424:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:430:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_CM: return cString::sprintf("%s", tr("Complete Main (CM)")); data/vdr-plugin-femon-2.4.0/tools.c:431:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_ME: return cString::sprintf("%s", tr("Music and Effects (ME)")); data/vdr-plugin-femon-2.4.0/tools.c:432:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_VI: return cString::sprintf("%s", tr("Visually Impaired (VI)")); data/vdr-plugin-femon-2.4.0/tools.c:433:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_HI: return cString::sprintf("%s", tr("Hearing Impaired (HI)")); data/vdr-plugin-femon-2.4.0/tools.c:434:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_D: return cString::sprintf("%s", tr("Dialogue (D)")); data/vdr-plugin-femon-2.4.0/tools.c:435:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_C: return cString::sprintf("%s", tr("Commentary (C)")); data/vdr-plugin-femon-2.4.0/tools.c:436:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_E: return cString::sprintf("%s", tr("Emergency (E)")); data/vdr-plugin-femon-2.4.0/tools.c:437:55: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITSTREAM_MODE_VO_KAR: return cString::sprintf("%s", (codingP == 1) ? tr("Voice Over (VO)") : tr("Karaoke")); data/vdr-plugin-femon-2.4.0/tools.c:440:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:447:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_1_1: return cString::sprintf("1+1 - %s, %s", tr("Ch1"), tr("Ch2")); data/vdr-plugin-femon-2.4.0/tools.c:448:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_1_0: return cString::sprintf("1/0 - %s", tr("C")); data/vdr-plugin-femon-2.4.0/tools.c:449:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_2_0: return cString::sprintf("2/0 - %s, %s", tr("L"), tr("R")); data/vdr-plugin-femon-2.4.0/tools.c:450:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_3_0: return cString::sprintf("3/0 - %s, %s, %s", tr("L"), tr("C"), tr("R")); data/vdr-plugin-femon-2.4.0/tools.c:451:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_2_1: return cString::sprintf("2/1 - %s, %s, %s", tr("L"), tr("R"), tr("S")); data/vdr-plugin-femon-2.4.0/tools.c:452:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_3_1: return cString::sprintf("3/1 - %s, %s, %s, %s", tr("L"), tr("C"), tr("R"), tr("S")); data/vdr-plugin-femon-2.4.0/tools.c:453:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_2_2: return cString::sprintf("2/2 - %s, %s, %s, %s", tr("L"), tr("R"), tr("SL"), tr("SR")); data/vdr-plugin-femon-2.4.0/tools.c:454:52: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CODING_MODE_3_2: return cString::sprintf("3/2 - %s, %s, %s, %s, %s", tr("L"), tr("C"), tr("R"), tr("SL"), tr("SR")); data/vdr-plugin-femon-2.4.0/tools.c:458:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:464:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CENTER_MIX_LEVEL_MINUS_3dB: return cString::sprintf("-3.0 %s", tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:465:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CENTER_MIX_LEVEL_MINUS_4_5dB: return cString::sprintf("-4.5 %s", tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:466:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CENTER_MIX_LEVEL_MINUS_6dB: return cString::sprintf("-6.0 %s", tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:467:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_CENTER_MIX_LEVEL_RESERVED: return cString::sprintf("%s", tr("reserved")); data/vdr-plugin-femon-2.4.0/tools.c:470:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:476:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_SURROUND_MIX_LEVEL_MINUS_3dB: return cString::sprintf("-3 %s", tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:477:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_SURROUND_MIX_LEVEL_MINUS_6dB: return cString::sprintf("-6 %s", tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:478:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_SURROUND_MIX_LEVEL_0_dB: return cString::sprintf("0 %s", tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:479:62: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_SURROUND_MIX_LEVEL_RESERVED: return cString::sprintf("%s", tr("reserved")); data/vdr-plugin-femon-2.4.0/tools.c:482:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:488:71: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_DOLBY_SURROUND_MODE_NOT_INDICATED: return cString::sprintf("%s", tr("not indicated")); data/vdr-plugin-femon-2.4.0/tools.c:489:71: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_DOLBY_SURROUND_MODE_NOT_DOLBYSURROUND: return cString::sprintf("%s", trVDR("no")); data/vdr-plugin-femon-2.4.0/tools.c:490:71: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_DOLBY_SURROUND_MODE_DOLBYSURROUND: return cString::sprintf("%s", trVDR("yes")); data/vdr-plugin-femon-2.4.0/tools.c:491:71: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_DOLBY_SURROUND_MODE_RESERVED: return cString::sprintf("%s", tr("reserved")); data/vdr-plugin-femon-2.4.0/tools.c:494:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:500:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("-%d %s", valueP, tr("dB")); data/vdr-plugin-femon-2.4.0/tools.c:501:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:508:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s %s", *dtoa(freq, "%lg"), tr("MHz")); data/vdr-plugin-femon-2.4.0/tools.c:514:61: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case AUDIO_SAMPLING_FREQUENCY_INVALID: return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:515:61: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_SAMPLING_FREQUENCY_RESERVED: return cString::sprintf("%s", tr("reserved")); data/vdr-plugin-femon-2.4.0/tools.c:518:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%d %s", valueP, tr("Hz")); data/vdr-plugin-femon-2.4.0/tools.c:524:50: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case AUDIO_BITRATE_INVALID: return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:525:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITRATE_RESERVED: return cString::sprintf("%s (%s)", tr("reserved"), *getBitrateKbits(valueP)); data/vdr-plugin-femon-2.4.0/tools.c:526:50: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. case AUDIO_BITRATE_FREE: return cString::sprintf("%s (%s)", tr("free"), *getBitrateKbits(valueP)); data/vdr-plugin-femon-2.4.0/tools.c:529:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s (%s)", *getBitrateKbits(streamP), *getBitrateKbits(valueP)); data/vdr-plugin-femon-2.4.0/tools.c:534:19: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%s (%s)", *getBitrateMbits(streamP), *getBitrateMbits(valueP)); data/vdr-plugin-femon-2.4.0/tools.c:540:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.2f %s", valueP / 1000000.0, tr("Mbit/s")); data/vdr-plugin-femon-2.4.0/tools.c:541:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/tools.c:547:22: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. return cString::sprintf("%.0f %s", valueP / 1000.0, tr("kbit/s")); data/vdr-plugin-femon-2.4.0/tools.c:548:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. return cString::sprintf("---"); data/vdr-plugin-femon-2.4.0/femon.c:85:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long(argc, argv, "t:", long_options, NULL)) != -1) { data/vdr-plugin-femon-2.4.0/config.h:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char svdrpIpM[MaxSvdrpIp + 1]; // must end with additional null data/vdr-plugin-femon-2.4.0/femon.c:141:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetHideMenu(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:143:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetDisplayMode(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:145:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetPosition(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:147:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetSkin(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:149:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetTheme(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:151:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetDownscale(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:153:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetRedLimit(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:155:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetGreenLimit(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:157:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetUpdateInterval(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:159:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetAnalyzeStream(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:161:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetCalcInterval(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:163:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetUseSvdrp(atoi(valueP)); data/vdr-plugin-femon-2.4.0/femon.c:165:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FemonConfig.SetSvdrpPort(atoi(valueP)); data/vdr-plugin-femon-2.4.0/setup.h:13:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *dispModesM[eFemonModeMaxNumber]; data/vdr-plugin-femon-2.4.0/setup.h:14:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *skinsM[eFemonSkinMaxNumber]; data/vdr-plugin-femon-2.4.0/setup.h:15:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *themesM[eFemonThemeMaxNumber]; data/vdr-plugin-femon-2.4.0/setup.h:30:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char svdrpIpM[MaxSvdrpIp + 1]; // must end with additional null ANALYSIS SUMMARY: Hits = 252 Lines analyzed = 6142 in approximately 0.18 seconds (35040 lines/second) Physical Source Lines of Code (SLOC) = 5229 Hits@level = [0] 0 [1] 0 [2] 18 [3] 1 [4] 233 [5] 0 Hits@level+ = [0+] 252 [1+] 252 [2+] 252 [3+] 234 [4+] 233 [5+] 0 Hits/KSLOC@level+ = [0+] 48.1928 [1+] 48.1928 [2+] 48.1928 [3+] 44.7504 [4+] 44.5592 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.