Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xserver-xorg-input-joystick-1.6.3/include/joystick-properties.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_key.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/backend_joystick.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/backend_bsd.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_key.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/backend_bsd.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_axis.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_axis.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/backend_joystick.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.h
Examining data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.c
FINAL RESULTS:
data/xserver-xorg-input-joystick-1.6.3/src/jstk_key.c:296:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, pInfo->name);
data/xserver-xorg-input-joystick-1.6.3/src/backend_bsd.c:95:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((joystick->fd = open(joystick->device, O_RDWR | O_NDELAY, 0)) < 0) {
data/xserver-xorg-input-joystick-1.6.3/src/backend_bsd.c:159:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bsddata->hat_item[bsddata->hats], &h, sizeof(h));
data/xserver-xorg-input-joystick-1.6.3/src/backend_bsd.c:166:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bsddata->axis_item[cur_axis], &h, sizeof(h));
data/xserver-xorg-input-joystick-1.6.3/src/backend_bsd.c:174:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bsddata->button_item[joystick->num_buttons], &h, sizeof(h));
data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uniq[256];
data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.c:94:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((joystick->fd = open(joystick->device, O_RDONLY | O_NDELAY, 0)) < 0) {
data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.c:178:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "No name");
data/xserver-xorg-input-joystick-1.6.3/src/backend_evdev.c:181:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(uniq, "No name");
data/xserver-xorg-input-joystick-1.6.3/src/backend_joystick.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char joy_name[128];
data/xserver-xorg-input-joystick-1.6.3/src/backend_joystick.c:76:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((joystick->fd = open(joystick->device, O_RDONLY | O_NDELAY, 0)) < 0) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:324:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:337:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Button %d", m);
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:359:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Axis %d", i + 1);
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:602:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64];
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:603:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,"MapButton%d",i+1);
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:614:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64];
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:615:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,"MapAxis%d",i+1);
data/xserver-xorg-input-joystick-1.6.3/src/jstk.h:75:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char KEYSCANCODES [MAXKEYSPERBUTTON];
data/xserver-xorg-input-joystick-1.6.3/src/jstk_key.c:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512] = {0};
data/xserver-xorg-input-joystick-1.6.3/src/jstk_key.c:297:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, " (keys)");
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64];
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[64];
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:340:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
btn_labels[m] = MakeAtom(str, strlen(str), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk.c:361:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
axes_labels[i] = MakeAtom(str, strlen(str), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:115:16: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
} else if (sscanf(param, "axis=%15s", p) == 1) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:127:16: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
} else if (sscanf(param, "key=%30s", p) == 1) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:189:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(tmp, "mode=%15s", p) == 1) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:210:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(tmp, "axis=%15s", p) == 1) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:234:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(tmp, "keylow=%30s", p) == 1) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk_options.c:260:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(tmp, "keyhigh=%30s", p) == 1) {
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:292:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
float_type = MakeAtom(XATOM_FLOAT, strlen(XATOM_FLOAT), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:302:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_debuglevel = MakeAtom(JSTK_PROP_DEBUGLEVEL, strlen(JSTK_PROP_DEBUGLEVEL), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:311:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_numbuttons = MakeAtom(JSTK_PROP_NUMBUTTONS, strlen(JSTK_PROP_NUMBUTTONS), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:320:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_numaxes = MakeAtom(JSTK_PROP_NUMAXES, strlen(JSTK_PROP_NUMAXES), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:329:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_mouse_enabled = MakeAtom(JSTK_PROP_MOUSE_ENABLED, strlen(JSTK_PROP_MOUSE_ENABLED), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:337:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_keys_enabled = MakeAtom(JSTK_PROP_KEYS_ENABLED, strlen(JSTK_PROP_KEYS_ENABLED), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:347:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_axis_deadzone = MakeAtom(JSTK_PROP_AXIS_DEADZONE, strlen(JSTK_PROP_AXIS_DEADZONE), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:357:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_axis_type = MakeAtom(JSTK_PROP_AXIS_TYPE, strlen(JSTK_PROP_AXIS_TYPE), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:367:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_axis_mapping = MakeAtom(JSTK_PROP_AXIS_MAPPING, strlen(JSTK_PROP_AXIS_MAPPING), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:378:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_axis_amplify = MakeAtom(JSTK_PROP_AXIS_AMPLIFY, strlen(JSTK_PROP_AXIS_AMPLIFY), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:389:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_axis_keys_low = MakeAtom(JSTK_PROP_AXIS_KEYS_LOW, strlen(JSTK_PROP_AXIS_KEYS_LOW), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:400:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_axis_keys_high = MakeAtom(JSTK_PROP_AXIS_KEYS_HIGH, strlen(JSTK_PROP_AXIS_KEYS_HIGH), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:411:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_button_mapping = MakeAtom(JSTK_PROP_BUTTON_MAPPING, strlen(JSTK_PROP_BUTTON_MAPPING), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:425:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_button_buttonnumber = MakeAtom(JSTK_PROP_BUTTON_BUTTONNUMBER, strlen(JSTK_PROP_BUTTON_BUTTONNUMBER), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:436:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_button_amplify = MakeAtom(JSTK_PROP_BUTTON_AMPLIFY, strlen(JSTK_PROP_BUTTON_AMPLIFY), TRUE);
data/xserver-xorg-input-joystick-1.6.3/src/jstk_properties.c:447:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop_button_keys = MakeAtom(JSTK_PROP_BUTTON_KEYS, strlen(JSTK_PROP_BUTTON_KEYS), TRUE);
ANALYSIS SUMMARY:
Hits = 48
Lines analyzed = 3782 in approximately 0.13 seconds (30176 lines/second)
Physical Source Lines of Code (SLOC) = 2428
Hits@level = [0] 6 [1] 24 [2] 23 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 54 [1+] 48 [2+] 24 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 22.2405 [1+] 19.7694 [2+] 9.88468 [3+] 0.411862 [4+] 0.411862 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.