Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gramophone2-0.8.13a/GRAMophone.c Examining data/gramophone2-0.8.13a/debug.c Examining data/gramophone2-0.8.13a/errors.c Examining data/gramophone2-0.8.13a/expcode.c Examining data/gramophone2-0.8.13a/global.h Examining data/gramophone2-0.8.13a/hash.c Examining data/gramophone2-0.8.13a/init.c Examining data/gramophone2-0.8.13a/midicode.c Examining data/gramophone2-0.8.13a/midifile.c Examining data/gramophone2-0.8.13a/midifile.h Examining data/gramophone2-0.8.13a/grammyVM.c FINAL RESULTS: data/gramophone2-0.8.13a/GRAMophone.c:81:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(namefile, argv[2]); data/gramophone2-0.8.13a/GRAMophone.c:86:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(namefile, argv[1]); data/gramophone2-0.8.13a/grammyVM.c:1123:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(string_buf, str_temp_buf); data/gramophone2-0.8.13a/grammyVM.c:1147:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(string_buf, str_temp_buf); data/gramophone2-0.8.13a/grammyVM.c:1169:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(string_buf, str_temp_buf); data/gramophone2-0.8.13a/grammyVM.c:1542:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(namefile, DEFAULT_FILENAME); data/gramophone2-0.8.13a/hash.c:70:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(global_vars[i].name, noteVar->name); data/gramophone2-0.8.13a/hash.c:85:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(players[playerCount]->local_vars[i].name, noteVar->name); data/gramophone2-0.8.13a/hash.c:96:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(macros[i].name, text); data/gramophone2-0.8.13a/hash.c:99:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(macros[i].data, string_buf); data/gramophone2-0.8.13a/hash.c:119:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(players[playerCount]->productions[i]->name, text); data/gramophone2-0.8.13a/midifile.c:31:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). char *strcpy(), *strcat(); data/gramophone2-0.8.13a/midifile.c:31:18: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). char *strcpy(), *strcat(); data/gramophone2-0.8.13a/midifile.c:135:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). (void) strcat(buff,s); data/gramophone2-0.8.13a/init.c:34:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(stime); data/gramophone2-0.8.13a/GRAMophone.c:79:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). yyin=fopen(argv[1], "r"); data/gramophone2-0.8.13a/GRAMophone.c:84:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). yyin=fopen(argv[0], "r"); data/gramophone2-0.8.13a/global.h:55:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string_buf[MAX_STR], idTemp[MAX_STR]; data/gramophone2-0.8.13a/global.h:71:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namefile[MAX_FILENAME_LENGTH]; data/gramophone2-0.8.13a/global.h:78:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[4]; data/gramophone2-0.8.13a/global.h:86:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *strings[MAX_STR]; data/gramophone2-0.8.13a/global.h:97:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char loc_par_flag[10]; data/gramophone2-0.8.13a/global.h:149:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[VAR_LENGTH]; data/gramophone2-0.8.13a/grammyVM.c:32:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char melop[MAX_RECURSION][2] /*0: OFF, 1: _TRN, 2: _INV, 3: _RTRGD , 4: _RTGINV*/; data/gramophone2-0.8.13a/grammyVM.c:638:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char code, rep[MAX_RECURSION][2]; data/gramophone2-0.8.13a/grammyVM.c:1044:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char code, rep[MAX_RECURSION][2], isChord=0; data/gramophone2-0.8.13a/grammyVM.c:1046:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string_buf[MAX_STR], str_temp_buf[MAX_STR]; data/gramophone2-0.8.13a/grammyVM.c:1113:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string_buf, "%d%d%d%d%d", note[0], note[1], note[2], note[3], note[4]); data/gramophone2-0.8.13a/grammyVM.c:1122:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str_temp_buf, "%d%d%d%d%d", note[0], note[1], note[2], note[3], note[4]); data/gramophone2-0.8.13a/grammyVM.c:1146:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str_temp_buf, "%d%d%d%d%d", note[0], note[1], note[2], note[3], note[4]); data/gramophone2-0.8.13a/grammyVM.c:1164:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string_buf, "%d", rest); data/gramophone2-0.8.13a/grammyVM.c:1168:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str_temp_buf, "%d", rest); data/gramophone2-0.8.13a/grammyVM.c:1339:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string_buf, "%d%d%d%d%d", (*rtgd_buffer[rtgd_counter-1])[k-1][1], (*rtgd_buffer[rtgd_counter-1])[k-1][2], (*rtgd_buffer[rtgd_counter-1])[k-1][4], (*rtgd_buffer[rtgd_counter-1])[k-1][5], (*rtgd_buffer[rtgd_counter-1])[k-1][6]); data/gramophone2-0.8.13a/grammyVM.c:1472:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(supporto, buffer, DIM_BUFFER); data/gramophone2-0.8.13a/grammyVM.c:1543:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!(midi=fopen(namefile, "w"))) { data/gramophone2-0.8.13a/midifile.c:133:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[32]; data/gramophone2-0.8.13a/midifile.c:134:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(buff,"expecting "); data/gramophone2-0.8.13a/midifile.c:293:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[32]; data/gramophone2-0.8.13a/midifile.c:295:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(buff,"unexpected byte: 0x%02x",c); data/gramophone2-0.8.13a/GRAMophone.c:69:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(namefile, ""); data/gramophone2-0.8.13a/grammyVM.c:1396:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(string_buf, ""); data/gramophone2-0.8.13a/grammyVM.c:1487:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!mf_write_meta_event(0, copyright_notice, copyright, strlen(copyright))) { data/gramophone2-0.8.13a/hash.c:97:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(macros[i].data=(char *)malloc((1+strlen(string_buf))*sizeof(char)))) ANALYSIS SUMMARY: Hits = 43 Lines analyzed = 3462 in approximately 0.62 seconds (5627 lines/second) Physical Source Lines of Code (SLOC) = 2732 Hits@level = [0] 133 [1] 4 [2] 24 [3] 1 [4] 14 [5] 0 Hits@level+ = [0+] 176 [1+] 43 [2+] 39 [3+] 15 [4+] 14 [5+] 0 Hits/KSLOC@level+ = [0+] 64.4217 [1+] 15.7394 [2+] 14.2753 [3+] 5.49048 [4+] 5.12445 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.