Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/chipmunk-7.0.3/demo/Bench.c Examining data/chipmunk-7.0.3/demo/Buoyancy.c Examining data/chipmunk-7.0.3/demo/Chains.c Examining data/chipmunk-7.0.3/demo/ChipmunkDebugDraw.c Examining data/chipmunk-7.0.3/demo/ChipmunkDebugDraw.h Examining data/chipmunk-7.0.3/demo/ChipmunkDemo.c Examining data/chipmunk-7.0.3/demo/ChipmunkDemo.h Examining data/chipmunk-7.0.3/demo/ChipmunkDemoTextSupport.c Examining data/chipmunk-7.0.3/demo/ChipmunkDemoTextSupport.h Examining data/chipmunk-7.0.3/demo/ContactGraph.c Examining data/chipmunk-7.0.3/demo/Convex.c Examining data/chipmunk-7.0.3/demo/Crane.c Examining data/chipmunk-7.0.3/demo/Joints.c Examining data/chipmunk-7.0.3/demo/LogoSmash.c Examining data/chipmunk-7.0.3/demo/OneWay.c Examining data/chipmunk-7.0.3/demo/Planet.c Examining data/chipmunk-7.0.3/demo/Player.c Examining data/chipmunk-7.0.3/demo/Plink.c Examining data/chipmunk-7.0.3/demo/Pump.c Examining data/chipmunk-7.0.3/demo/PyramidStack.c Examining data/chipmunk-7.0.3/demo/PyramidTopple.c Examining data/chipmunk-7.0.3/demo/Query.c Examining data/chipmunk-7.0.3/demo/Shatter.c Examining data/chipmunk-7.0.3/demo/Slice.c Examining data/chipmunk-7.0.3/demo/Springies.c Examining data/chipmunk-7.0.3/demo/Sticky.c Examining data/chipmunk-7.0.3/demo/Tank.c Examining data/chipmunk-7.0.3/demo/TheoJansen.c Examining data/chipmunk-7.0.3/demo/Tumble.c Examining data/chipmunk-7.0.3/demo/Unicycle.c Examining data/chipmunk-7.0.3/demo/VeraMoBI.ttf_sdf.h Examining data/chipmunk-7.0.3/demo/VeraMoBd.ttf_sdf.h Examining data/chipmunk-7.0.3/demo/sokol/sokol.c Examining data/chipmunk-7.0.3/demo/sokol/sokol.h Examining data/chipmunk-7.0.3/demo/sokol/sokol_app.h Examining data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h Examining data/chipmunk-7.0.3/demo/sokol/sokol_time.h Examining data/chipmunk-7.0.3/include/chipmunk/chipmunk.h Examining data/chipmunk-7.0.3/include/chipmunk/chipmunk_ffi.h Examining data/chipmunk-7.0.3/include/chipmunk/chipmunk_private.h Examining data/chipmunk-7.0.3/include/chipmunk/chipmunk_structs.h Examining data/chipmunk-7.0.3/include/chipmunk/chipmunk_types.h Examining data/chipmunk-7.0.3/include/chipmunk/chipmunk_unsafe.h Examining data/chipmunk-7.0.3/include/chipmunk/cpArbiter.h Examining data/chipmunk-7.0.3/include/chipmunk/cpBB.h Examining data/chipmunk-7.0.3/include/chipmunk/cpBody.h Examining data/chipmunk-7.0.3/include/chipmunk/cpConstraint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpDampedRotarySpring.h Examining data/chipmunk-7.0.3/include/chipmunk/cpDampedSpring.h Examining data/chipmunk-7.0.3/include/chipmunk/cpGearJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpGrooveJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpHastySpace.h Examining data/chipmunk-7.0.3/include/chipmunk/cpMarch.h Examining data/chipmunk-7.0.3/include/chipmunk/cpPinJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpPivotJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpPolyShape.h Examining data/chipmunk-7.0.3/include/chipmunk/cpPolyline.h Examining data/chipmunk-7.0.3/include/chipmunk/cpRatchetJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpRobust.h Examining data/chipmunk-7.0.3/include/chipmunk/cpRotaryLimitJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpShape.h Examining data/chipmunk-7.0.3/include/chipmunk/cpSimpleMotor.h Examining data/chipmunk-7.0.3/include/chipmunk/cpSlideJoint.h Examining data/chipmunk-7.0.3/include/chipmunk/cpSpace.h Examining data/chipmunk-7.0.3/include/chipmunk/cpSpatialIndex.h Examining data/chipmunk-7.0.3/include/chipmunk/cpTransform.h Examining data/chipmunk-7.0.3/include/chipmunk/cpVect.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkAutoGeometry.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkBody.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkConstraint.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkImageSampler.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkMultiGrab.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkPointCloudSampler.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkShape.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkSpace.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ChipmunkTileCache.h Examining data/chipmunk-7.0.3/objectivec/include/ObjectiveChipmunk/ObjectiveChipmunk.h Examining data/chipmunk-7.0.3/src/chipmunk.c Examining data/chipmunk-7.0.3/src/cpArbiter.c Examining data/chipmunk-7.0.3/src/cpArray.c Examining data/chipmunk-7.0.3/src/cpBBTree.c Examining data/chipmunk-7.0.3/src/cpBody.c Examining data/chipmunk-7.0.3/src/cpCollision.c Examining data/chipmunk-7.0.3/src/cpConstraint.c Examining data/chipmunk-7.0.3/src/cpDampedRotarySpring.c Examining data/chipmunk-7.0.3/src/cpDampedSpring.c Examining data/chipmunk-7.0.3/src/cpGearJoint.c Examining data/chipmunk-7.0.3/src/cpGrooveJoint.c Examining data/chipmunk-7.0.3/src/cpHashSet.c Examining data/chipmunk-7.0.3/src/cpMarch.c Examining data/chipmunk-7.0.3/src/cpPinJoint.c Examining data/chipmunk-7.0.3/src/cpPivotJoint.c Examining data/chipmunk-7.0.3/src/cpPolyShape.c Examining data/chipmunk-7.0.3/src/cpPolyline.c Examining data/chipmunk-7.0.3/src/cpRatchetJoint.c Examining data/chipmunk-7.0.3/src/cpRobust.c Examining data/chipmunk-7.0.3/src/cpRotaryLimitJoint.c Examining data/chipmunk-7.0.3/src/cpShape.c Examining data/chipmunk-7.0.3/src/cpSimpleMotor.c Examining data/chipmunk-7.0.3/src/cpSlideJoint.c Examining data/chipmunk-7.0.3/src/cpSpace.c Examining data/chipmunk-7.0.3/src/cpSpaceComponent.c Examining data/chipmunk-7.0.3/src/cpSpaceDebug.c Examining data/chipmunk-7.0.3/src/cpSpaceHash.c Examining data/chipmunk-7.0.3/src/cpSpaceQuery.c Examining data/chipmunk-7.0.3/src/cpSpaceStep.c Examining data/chipmunk-7.0.3/src/cpSpatialIndex.c Examining data/chipmunk-7.0.3/src/cpSweep1D.c Examining data/chipmunk-7.0.3/src/prime.h Examining data/chipmunk-7.0.3/src/cpHastySpace.c FINAL RESULTS: data/chipmunk-7.0.3/demo/ChipmunkDemo.c:202:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "Demo(%c): %s", 'A' + demo_index, demos[demo_index].name); data/chipmunk-7.0.3/demo/ChipmunkDemo.c:248:2: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buffer, format, data/chipmunk-7.0.3/demo/ChipmunkDemo.c:274:20: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int would_write = vsnprintf(PrintStringCursor, remaining, fmt, args); data/chipmunk-7.0.3/src/chipmunk.c:34:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, (isError ? "Aborting due to Chipmunk error: " : "Chipmunk warning: ")); data/chipmunk-7.0.3/src/chipmunk.c:42:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, message, vargs); data/chipmunk-7.0.3/demo/ChipmunkDemo.c:378:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(45073); data/chipmunk-7.0.3/src/cpHastySpace.c:84:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&cv->waiters_count_lock); data/chipmunk-7.0.3/src/cpHastySpace.c:92:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/chipmunk-7.0.3/src/cpHastySpace.c:105:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/chipmunk-7.0.3/src/cpHastySpace.c:118:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/chipmunk-7.0.3/src/cpHastySpace.c:131:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/chipmunk-7.0.3/src/cpHastySpace.c:145:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(external_mutex); data/chipmunk-7.0.3/src/cpHastySpace.c:154:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(mutex); data/chipmunk-7.0.3/src/cpHastySpace.c:166:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(mutex); data/chipmunk-7.0.3/demo/Buoyancy.c:35:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char messageBuffer[1024]; data/chipmunk-7.0.3/demo/ChipmunkDemo.c:201:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char title[1024]; data/chipmunk-7.0.3/demo/ChipmunkDemo.c:231:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/chipmunk-7.0.3/demo/ChipmunkDemo.c:259:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char PrintStringBuffer[1024*8]; data/chipmunk-7.0.3/demo/ChipmunkDemo.c:617:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(demos, bench_list, bench_count*sizeof(ChipmunkDemo)); data/chipmunk-7.0.3/demo/Shatter.c:77:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(clipped, verts, count*sizeof(cpVect)); data/chipmunk-7.0.3/demo/Shatter.c:134:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ping, pong, count*sizeof(cpVect)); data/chipmunk-7.0.3/demo/sokol/sokol_app.h:809:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char window_title[_SAPP_MAX_TITLE_LENGTH]; /* UTF-8 */ data/chipmunk-7.0.3/demo/sokol/sokol_app.h:810:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t window_title_wide[_SAPP_MAX_TITLE_LENGTH]; /* UTF-32 or UCS-2 */ data/chipmunk-7.0.3/demo/sokol/sokol_app.h:3626:28: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). const int dst_needed = MultiByteToWideChar(CP_UTF8, 0, src, -1, 0, 0); data/chipmunk-7.0.3/demo/sokol/sokol_app.h:3628:9: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). MultiByteToWideChar(CP_UTF8, 0, src, -1, dst, dst_chars); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:2163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[_SG_STRING_SIZE]; data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:6252:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(shd->d3d11_vs_blob, vs_ptr, vs_length); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:6789:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d3d11_msr.pData, data_ptr, data_size); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:6803:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst_ptr, data_ptr, data_size); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:6839:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d3d11_msr.pData, slice_ptr, slice_size); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:6846:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst_ptr, src_ptr, src_pitch); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:8352:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, data, num_bytes); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:8399:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst_ptr, data, data_size); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:8415:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst_ptr, data, data_size); data/chipmunk-7.0.3/src/chipmunk.c:255:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, verts, count*sizeof(cpVect)); data/chipmunk-7.0.3/src/cpPolyline.c:635:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hull->verts, hullVerts, hullCount*sizeof(cpVect)); data/chipmunk-7.0.3/src/cpSpace.c:56:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(copy, handler, sizeof(cpCollisionHandler)); data/chipmunk-7.0.3/src/cpSpace.c:167:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&space->defaultHandler, &cpCollisionHandlerDoNothing, sizeof(cpCollisionHandler)); data/chipmunk-7.0.3/src/cpSpace.c:388:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&space->defaultHandler, &cpCollisionHandlerDefault, sizeof(cpCollisionHandler)); data/chipmunk-7.0.3/src/cpSpaceComponent.c:58:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(arb->contacts, contacts, numContacts*sizeof(struct cpContact)); data/chipmunk-7.0.3/src/cpSpaceComponent.c:102:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(contacts, arb->contacts, bytes); data/chipmunk-7.0.3/demo/ChipmunkDemoTextSupport.c:221:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(size_t i=0, len=strlen(str); i<len; i++){ data/chipmunk-7.0.3/demo/sokol/sokol_app.h:3431:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* terminator = where + strlen(ext); data/chipmunk-7.0.3/demo/sokol/sokol_app.h:4533:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fd, &msg, sizeof(msg)) != sizeof(msg)) { data/chipmunk-7.0.3/demo/sokol/sokol_app.h:5902:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char* terminator = where + strlen(ext); data/chipmunk-7.0.3/demo/sokol/sokol_app.h:6169:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(_sapp.window_title)); data/chipmunk-7.0.3/demo/sokol/sokol_app.h:6174:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(_sapp.window_title)); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:2983:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst->buf, src, _SG_STRING_SIZE); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:6152:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(stage_desc->source), /* SrcDataSize */ data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:9030:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SOKOL_VALIDATE(strlen(desc->attrs[i].name) < _SG_STRING_SIZE, _SG_VALIDATE_SHADERDESC_ATTR_STRING_TOO_LONG); data/chipmunk-7.0.3/demo/sokol/sokol_gfx.h:9033:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SOKOL_VALIDATE(strlen(desc->attrs[i].sem_name) < _SG_STRING_SIZE, _SG_VALIDATE_SHADERDESC_ATTR_STRING_TOO_LONG); ANALYSIS SUMMARY: Hits = 51 Lines analyzed = 41541 in approximately 1.26 seconds (32996 lines/second) Physical Source Lines of Code (SLOC) = 29743 Hits@level = [0] 6 [1] 10 [2] 27 [3] 9 [4] 5 [5] 0 Hits@level+ = [0+] 57 [1+] 51 [2+] 41 [3+] 14 [4+] 5 [5+] 0 Hits/KSLOC@level+ = [0+] 1.91642 [1+] 1.71469 [2+] 1.37848 [3+] 0.470699 [4+] 0.168107 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.