Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gxr-openvr-0.15.1/examples/actions.c
Examining data/gxr-openvr-0.15.1/examples/cairo_content.h
Examining data/gxr-openvr-0.15.1/examples/clutter_content.h
Examining data/gxr-openvr-0.15.1/examples/cube/gxr-cube.c
Examining data/gxr-openvr-0.15.1/examples/cube/renderdoc_app.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-background.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-background.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-cube.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-cube.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-model.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-model.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-object.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-object.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-pointer-tip.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-pointer-tip.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-pointer.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-pointer.h
Examining data/gxr-openvr-0.15.1/examples/cube/scene-renderer.c
Examining data/gxr-openvr-0.15.1/examples/cube/scene-renderer.h
Examining data/gxr-openvr-0.15.1/examples/dmabuf_content.h
Examining data/gxr-openvr-0.15.1/examples/keyboard.c
Examining data/gxr-openvr-0.15.1/examples/overlay_cairo.c
Examining data/gxr-openvr-0.15.1/examples/overlay_cairo_animation.c
Examining data/gxr-openvr-0.15.1/examples/overlay_dmabuf.c
Examining data/gxr-openvr-0.15.1/examples/overlay_external_memory.c
Examining data/gxr-openvr-0.15.1/examples/overlay_gtk.c
Examining data/gxr-openvr-0.15.1/examples/overlay_mesa_dmabuf.c
Examining data/gxr-openvr-0.15.1/examples/overlay_multi.c
Examining data/gxr-openvr-0.15.1/examples/overlay_multi_stresstest.c
Examining data/gxr-openvr-0.15.1/examples/overlay_pixbuf.c
Examining data/gxr-openvr-0.15.1/examples/parse_manifest.c
Examining data/gxr-openvr-0.15.1/examples/x_keyboard_synthesis.c
Examining data/gxr-openvr-0.15.1/src/graphene-ext.c
Examining data/gxr-openvr-0.15.1/src/graphene-ext.h
Examining data/gxr-openvr-0.15.1/src/gxr-action-set.c
Examining data/gxr-openvr-0.15.1/src/gxr-action-set.h
Examining data/gxr-openvr-0.15.1/src/gxr-action.c
Examining data/gxr-openvr-0.15.1/src/gxr-action.h
Examining data/gxr-openvr-0.15.1/src/gxr-backend-private.h
Examining data/gxr-openvr-0.15.1/src/gxr-backend.c
Examining data/gxr-openvr-0.15.1/src/gxr-backend.h
Examining data/gxr-openvr-0.15.1/src/gxr-context-private.h
Examining data/gxr-openvr-0.15.1/src/gxr-context.c
Examining data/gxr-openvr-0.15.1/src/gxr-context.h
Examining data/gxr-openvr-0.15.1/src/gxr-controller.c
Examining data/gxr-openvr-0.15.1/src/gxr-controller.h
Examining data/gxr-openvr-0.15.1/src/gxr-device-manager.c
Examining data/gxr-openvr-0.15.1/src/gxr-device-manager.h
Examining data/gxr-openvr-0.15.1/src/gxr-device.c
Examining data/gxr-openvr-0.15.1/src/gxr-device.h
Examining data/gxr-openvr-0.15.1/src/gxr-enums.h
Examining data/gxr-openvr-0.15.1/src/gxr-io.c
Examining data/gxr-openvr-0.15.1/src/gxr-io.h
Examining data/gxr-openvr-0.15.1/src/gxr-manifest.c
Examining data/gxr-openvr-0.15.1/src/gxr-manifest.h
Examining data/gxr-openvr-0.15.1/src/gxr-model.c
Examining data/gxr-openvr-0.15.1/src/gxr-model.h
Examining data/gxr-openvr-0.15.1/src/gxr-overlay-private.h
Examining data/gxr-openvr-0.15.1/src/gxr-overlay.c
Examining data/gxr-openvr-0.15.1/src/gxr-overlay.h
Examining data/gxr-openvr-0.15.1/src/gxr-pointer-tip.c
Examining data/gxr-openvr-0.15.1/src/gxr-pointer-tip.h
Examining data/gxr-openvr-0.15.1/src/gxr-pointer.c
Examining data/gxr-openvr-0.15.1/src/gxr-pointer.h
Examining data/gxr-openvr-0.15.1/src/gxr-time.c
Examining data/gxr-openvr-0.15.1/src/gxr-time.h
Examining data/gxr-openvr-0.15.1/src/gxr-types.h
Examining data/gxr-openvr-0.15.1/src/gxr.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-action-set.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-action-set.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-action.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-action.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-compositor.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-compositor.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-context.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-context.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-functions.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-functions.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-math.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-math.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-model.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-model.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-overlay.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-overlay.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-system.c
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-system.h
Examining data/gxr-openvr-0.15.1/src/openvr/openvr-wrapper.h
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.h
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-action.c
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-action.h
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-context.c
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-context.h
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-overlay.c
Examining data/gxr-openvr-0.15.1/src/openxr/openxr-overlay.h
Examining data/gxr-openvr-0.15.1/tests/test_actions.c
Examining data/gxr-openvr-0.15.1/tests/test_context.c
Examining data/gxr-openvr-0.15.1/tests/test_io.c
Examining data/gxr-openvr-0.15.1/tests/test_overlay.c
FINAL RESULTS:
data/gxr-openvr-0.15.1/examples/cube/scene-renderer.c:201:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path, "/shaders/%s.%s.spv", shader_names[i], stage_names[j]);
data/gxr-openvr-0.15.1/src/openvr/openvr-functions.c:65:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
INIT_FN_TABLE (self->system, System)
data/gxr-openvr-0.15.1/src/openvr/openvr-functions.c:85:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return self->system != NULL
data/gxr-openvr-0.15.1/src/openvr/openvr-functions.h:21:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
struct VR_IVRSystem_FnTable *system;
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:111:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set_info.actionSetName, name);
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:112:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set_info.localizedActionSetName, name);
data/gxr-openvr-0.15.1/src/openxr/openxr-action.c:139:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(action_info.actionName, name);
data/gxr-openvr-0.15.1/src/openxr/openxr-action.c:140:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(action_info.localizedActionName, name);
data/gxr-openvr-0.15.1/src/openxr/openxr-context.c:142:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (formatRes, args);
data/gxr-openvr-0.15.1/examples/cube/scene-cube.c:451:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ub.normal_matrix, ub.mv_matrix, sizeof ub.normal_matrix);
data/gxr-openvr-0.15.1/examples/cube/scene-renderer.c:192:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *shader_names[PIPELINE_COUNT] = {
data/gxr-openvr-0.15.1/examples/cube/scene-renderer.c:195:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *stage_names[2] = {"vert", "frag"};
data/gxr-openvr-0.15.1/examples/cube/scene-renderer.c:200:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/gxr-openvr-0.15.1/examples/keyboard.c:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_text[300];
data/gxr-openvr-0.15.1/examples/overlay_cairo.c:99:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image[STRIDE*HEIGHT];
data/gxr-openvr-0.15.1/examples/overlay_cairo_animation.c:96:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image[STRIDE*HEIGHT];
data/gxr-openvr-0.15.1/examples/overlay_dmabuf.c:37:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int dev_fd = open ("/dev/dri/renderD128", 02, 0);
data/gxr-openvr-0.15.1/examples/overlay_multi_stresstest.c:76:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char image[MAXSTRIDE*MAXHEIGHT];
data/gxr-openvr-0.15.1/examples/overlay_multi_stresstest.c:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/gxr-openvr-0.15.1/examples/overlay_multi_stresstest.c:158:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/gxr-openvr-0.15.1/src/openvr/openvr-functions.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn_table_name[128];
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XR_MAX_RESULT_STRING_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[XR_MAX_ACTION_NAME_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:311:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XR_MAX_RESULT_STRING_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:363:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XR_MAX_RESULT_STRING_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-action.c:136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[XR_MAX_ACTION_NAME_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-action.c:149:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XR_MAX_RESULT_STRING_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-action.c:174:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XR_MAX_RESULT_STRING_SIZE];
data/gxr-openvr-0.15.1/src/openxr/openxr-context.c:1152:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profile_str[XR_MAX_PATH_LENGTH];
data/gxr-openvr-0.15.1/src/openxr/openxr-context.c:1175:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XR_MAX_STRUCTURE_NAME_SIZE];
data/gxr-openvr-0.15.1/src/openvr/openvr-overlay.c:60:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) + 1 > k_unVROverlayMaxKeyLength)
data/gxr-openvr-0.15.1/src/openxr/openxr-action-set.c:90:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (name, basename, XR_MAX_ACTION_NAME_SIZE - 1);
data/gxr-openvr-0.15.1/src/openxr/openxr-action.c:86:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (name, basename, XR_MAX_ACTION_NAME_SIZE - 1);
data/gxr-openvr-0.15.1/src/openxr/openxr-context.c:131:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long format_len = strlen (format);
data/gxr-openvr-0.15.1/src/openxr/openxr-context.c:132:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long result_len = strlen (resultString);
data/gxr-openvr-0.15.1/src/openxr/openxr-context.c:219:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(instanceCreateInfo.applicationInfo.applicationName,
ANALYSIS SUMMARY:
Hits = 36
Lines analyzed = 20691 in approximately 0.41 seconds (50236 lines/second)
Physical Source Lines of Code (SLOC) = 15256
Hits@level = [0] 13 [1] 6 [2] 21 [3] 0 [4] 9 [5] 0
Hits@level+ = [0+] 49 [1+] 36 [2+] 30 [3+] 9 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 3.21185 [1+] 2.35973 [2+] 1.96644 [3+] 0.589932 [4+] 0.589932 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.