Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/corsix-th-0.64/AnimView/app.cpp
Examining data/corsix-th-0.64/AnimView/app.h
Examining data/corsix-th-0.64/AnimView/backdrop.h
Examining data/corsix-th-0.64/AnimView/frmMain.cpp
Examining data/corsix-th-0.64/AnimView/frmMain.h
Examining data/corsix-th-0.64/AnimView/frmSprites.cpp
Examining data/corsix-th-0.64/AnimView/frmSprites.h
Examining data/corsix-th-0.64/AnimView/th.cpp
Examining data/corsix-th-0.64/AnimView/th.h
Examining data/corsix-th-0.64/CorsixTH/CppTest/example.cpp
Examining data/corsix-th-0.64/CorsixTH/CppTest/test_main.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/bootstrap.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/bootstrap.h
Examining data/corsix-th-0.64/CorsixTH/Src/cp437_table.h
Examining data/corsix-th-0.64/CorsixTH/Src/cp936_table.h
Examining data/corsix-th-0.64/CorsixTH/Src/iso_fs.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/iso_fs.h
Examining data/corsix-th-0.64/CorsixTH/Src/lua.hpp
Examining data/corsix-th-0.64/CorsixTH/Src/lua_rnc.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/lua_rnc.h
Examining data/corsix-th-0.64/CorsixTH/Src/lua_sdl.h
Examining data/corsix-th-0.64/CorsixTH/Src/main.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/main.h
Examining data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/persist_lua.h
Examining data/corsix-th-0.64/CorsixTH/Src/random.c
Examining data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.h
Examining data/corsix-th-0.64/CorsixTH/Src/sdl_audio.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/sdl_core.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/sdl_wm.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_font.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_font.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_anims.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_gfx.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_internal.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_iso.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_lfs_ext.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_map.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_movie.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_sound.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_strings.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_lua_ui.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_map.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_map.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_map_overlays.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_map_overlays.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_movie.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_movie.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_pathfind.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_pathfind.h
Examining data/corsix-th-0.64/CorsixTH/Src/th_sound.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/th_sound.h
Examining data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp
Examining data/corsix-th-0.64/CorsixTH/Src/xmi2mid.h
Examining data/corsix-th-0.64/CorsixTH/SrcUnshared/main.cpp
Examining data/corsix-th-0.64/CorsixTH/resource.h
Examining data/corsix-th-0.64/SpriteEncoder/ast.cpp
Examining data/corsix-th-0.64/SpriteEncoder/ast.h
Examining data/corsix-th-0.64/SpriteEncoder/encode.cpp
Examining data/corsix-th-0.64/SpriteEncoder/image.cpp
Examining data/corsix-th-0.64/SpriteEncoder/image.h
Examining data/corsix-th-0.64/SpriteEncoder/output.cpp
Examining data/corsix-th-0.64/SpriteEncoder/output.h
Examining data/corsix-th-0.64/SpriteEncoder/parser.cpp
Examining data/corsix-th-0.64/SpriteEncoder/scanner.cpp
Examining data/corsix-th-0.64/SpriteEncoder/tokens.h
Examining data/corsix-th-0.64/libs/rnc/rnc.cpp
Examining data/corsix-th-0.64/libs/rnc/rnc.h
FINAL RESULTS:
data/corsix-th-0.64/CorsixTH/Src/iso_fs.cpp:618:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
std::vsnprintf(error, 1024, sFormat, a);
data/corsix-th-0.64/SpriteEncoder/parser.cpp:657:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/corsix-th-0.64/AnimView/frmMain.cpp:623:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(imgCanvas.GetData(), m_imgBackground.GetData(), 400 * 400 * 3);
data/corsix-th-0.64/AnimView/th.cpp:39:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char palette_upscale_map[0x40] = {
data/corsix-th-0.64/AnimView/th.cpp:91:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ptr, data, npixels);
data/corsix-th-0.64/AnimView/th.cpp:444:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pData, pData, iWidth * iHeight);
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1063:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (pBytes != nullptr) std::memcpy(pBytes, data, iCount);
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1190:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::FILE* fFile = std::fopen(sFilename, "r");
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1204:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(lua_newuserdata(L, iBufferSize),
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1240:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(lua_newuserdata(L, iBufferUsed + 1), sFile, iBufferUsed + 1);
data/corsix-th-0.64/CorsixTH/Src/persist_lua.cpp:1244:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(sFile, lua_touserdata(L, iBufferCopyIndex), iBufferUsed + 1);
data/corsix-th-0.64/CorsixTH/Src/sdl_audio.cpp:95:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(async->err, Mix_GetError(), iLen);
data/corsix-th-0.64/CorsixTH/Src/th_gfx.cpp:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/corsix-th-0.64/CorsixTH/Src/th_gfx.cpp:1041:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(ptr, in_data, npixels);
data/corsix-th-0.64/CorsixTH/Src/th_gfx_font.cpp:549:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(pEntry->message, sMessage, iMessageLength);
data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.cpp:601:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(pDest, pPixelData, iLength);
data/corsix-th-0.64/CorsixTH/Src/th_gfx_sdl.cpp:950:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(pNewData, pData, iDataLength);
data/corsix-th-0.64/CorsixTH/Src/th_lua_lfs_ext.cpp:51:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sName[4] = {cDrive, ':', '\\', 0};
data/corsix-th-0.64/CorsixTH/Src/th_movie.cpp:885:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(pbStream, (uint8_t*)audio_buffer + audio_buffer_index,
data/corsix-th-0.64/CorsixTH/Src/th_movie.h:362:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buffer[movie_error_buffer_capacity];
data/corsix-th-0.64/CorsixTH/Src/th_sound.cpp:62:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(data, pData, iDataLength);
data/corsix-th-0.64/CorsixTH/Src/th_sound.h:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sound_name[18];
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:93:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(values, pointer, sizeof(T) * count);
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:125:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(pointer - sizeof(T) * count, values, sizeof(T) * count);
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:174:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(pNewData, data, size > iOldLength ? iOldLength : size);
data/corsix-th-0.64/SpriteEncoder/ast.h:49:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_aNumber[256]; // Layer number of the recolouring.
data/corsix-th-0.64/SpriteEncoder/encode.cpp:43:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pInfile = fopen(pArgv[1], "r");
data/corsix-th-0.64/SpriteEncoder/encode.cpp:48:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pInfile = fopen(pArgv[1], "r");
data/corsix-th-0.64/SpriteEncoder/image.cpp:92:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pFile = fopen(sFilename.c_str(), "rb");
data/corsix-th-0.64/SpriteEncoder/image.cpp:99:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[4];
data/corsix-th-0.64/SpriteEncoder/output.cpp:131:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *handle = fopen(fname, "wb");
data/corsix-th-0.64/SpriteEncoder/output.h:37:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUF_SIZE];
data/corsix-th-0.64/SpriteEncoder/parser.cpp:955:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/corsix-th-0.64/SpriteEncoder/parser.cpp:1185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/corsix-th-0.64/SpriteEncoder/scanner.cpp:867:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yylval.number = atoi(yytext);
data/corsix-th-0.64/CorsixTH/Src/bootstrap.cpp:295:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*size = std::strlen(s);
data/corsix-th-0.64/CorsixTH/Src/iso_fs.cpp:529:14: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
std::equal(normalised_path.begin(), normalised_path.end(),
data/corsix-th-0.64/CorsixTH/Src/main.cpp:62:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (iLength != std::strlen(LUA_VERSION) ||
data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.cpp:247:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint32_t integer_run_length_decoder::read() {
data/corsix-th-0.64/CorsixTH/Src/run_length_encoder.h:113:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint32_t read();
data/corsix-th-0.64/CorsixTH/Src/sdl_audio.cpp:93:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t iLen = std::strlen(Mix_GetError()) + 1;
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1618:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[0] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1619:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[1] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1620:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[2] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1621:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[3] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1622:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iParcelId = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1623:53: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iRoomId = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1629:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[0] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1630:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[1] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1631:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iBlock[2] = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1632:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->iParcelId = static_cast<uint16_t>(oDecoder.read());
data/corsix-th-0.64/CorsixTH/Src/th_map.cpp:1633:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pNode->flags = oDecoder.read();
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:86:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(T& value) {
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:87:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(&value, 1);
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:91:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(T* values, size_t count) {
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:100:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(iByte0) && read(iByte1) && read(iByte2))
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:100:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(iByte0) && read(iByte1) && read(iByte2))
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:100:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(iByte0) && read(iByte1) && read(iByte2))
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:110:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!read(iByte)) return false;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:229:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!bufInput.read(iTokenType)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:241:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!bufInput.read(pToken->data)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:248:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!bufInput.read(pToken->data)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:252:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!bufInput.read(iExtendedType)) return nullptr;
data/corsix-th-0.64/CorsixTH/Src/xmi2mid.cpp:265:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!bufInput.read(iExtendedType)) return nullptr;
data/corsix-th-0.64/SpriteEncoder/parser.cpp:839:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/corsix-th-0.64/SpriteEncoder/scanner.cpp:630:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/corsix-th-0.64/SpriteEncoder/scanner.cpp:1689:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,strlen(yystr) );
ANALYSIS SUMMARY:
Hits = 67
Lines analyzed = 32135 in approximately 1.02 seconds (31649 lines/second)
Physical Source Lines of Code (SLOC) = 23438
Hits@level = [0] 54 [1] 32 [2] 33 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 121 [1+] 67 [2+] 35 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 5.16256 [1+] 2.85861 [2+] 1.4933 [3+] 0.0853315 [4+] 0.0853315 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.