Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kgoldrunner-20.04.2/src/kgrgame.cpp Examining data/kgoldrunner-20.04.2/src/kgrdebug.h Parsing failed to find end of parameter list in ( #define dbo1 if(dbgLevel>=1)printf( #define dbo2 if(dbgLevel>=2)printf( #define dbo3 if(dbgLevel>=3)printf( #define dbe fprintf(stderr, #define dbe1 if(dbgLevel>=1)fprintf(stderr, #define dbe2 if( Parsing failed to find end of parameter list in ( #define dbo2 if(dbgLevel>=2)printf( #define dbo3 if(dbgLevel>=3)printf( #define dbe fprintf(stderr, #define dbe1 if(dbgLevel>=1)fprintf(stderr, #define dbe2 if(dbgLevel>=2)fprintf(stderr, #define Parsing failed to find end of parameter list in ( #define dbo3 if(dbgLevel>=3)printf( #define dbe fprintf(stderr, #define dbe1 if(dbgLevel>=1)fprintf(stderr, #define dbe2 if(dbgLevel>=2)fprintf(stderr, #define dbe3 if(dbgLevel>=3)fprintf(stderr, Parsing failed to find end of parameter list in ( #define dbe fprintf(stderr, #define dbe1 if(dbgLevel>=1)fprintf(stderr, #define dbe2 if(dbgLevel>=2)fprintf(stderr, #define dbe3 if(dbgLevel>=3)fprintf(stderr, #endif Parsing failed to find end of parameter list in (stderr, #define dbe1 if(dbgLevel>=1)fprintf(stderr, #define dbe2 if(dbgLevel>=2)fprintf(stderr, #define dbe3 if(dbgLevel>=3)fprintf(stderr, #endif Parsing failed to find end of parameter list in (stderr, #define dbe2 if(dbgLevel>=2)fprintf(stderr, #define dbe3 if(dbgLevel>=3)fprintf(stderr, #endif Parsing failed to find end of parameter list in (stderr, #define dbe3 if(dbgLevel>=3)fprintf(stderr, #endif Parsing failed to find end of parameter list in (stderr, #endif Examining data/kgoldrunner-20.04.2/src/kgrsounds.cpp Examining data/kgoldrunner-20.04.2/src/kgrview.cpp Examining data/kgoldrunner-20.04.2/src/kgrrunner.h Examining data/kgoldrunner-20.04.2/src/kgrrenderer.h Examining data/kgoldrunner-20.04.2/src/kgrsprite.cpp Examining data/kgoldrunner-20.04.2/src/kgrlevelgrid.h Examining data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp Examining data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp Examining data/kgoldrunner-20.04.2/src/kgrsounds.h Examining data/kgoldrunner-20.04.2/src/kgrtimer.h Examining data/kgoldrunner-20.04.2/src/kgrrenderer.cpp Examining data/kgoldrunner-20.04.2/src/kgreditor.h Examining data/kgoldrunner-20.04.2/src/kgrgameio.h Examining data/kgoldrunner-20.04.2/src/kgrrulebook.cpp Examining data/kgoldrunner-20.04.2/src/kgrview.h Examining data/kgoldrunner-20.04.2/src/kgrthemetypes.cpp Examining data/kgoldrunner-20.04.2/src/kgoldrunner.h Examining data/kgoldrunner-20.04.2/src/kgrglobals.h Examining data/kgoldrunner-20.04.2/src/kgrtimer.cpp Examining data/kgoldrunner-20.04.2/src/main.cpp Examining data/kgoldrunner-20.04.2/src/kgrdialog.cpp Examining data/kgoldrunner-20.04.2/src/kgrrulebook.h Examining data/kgoldrunner-20.04.2/src/kgrlevelplayer.h Examining data/kgoldrunner-20.04.2/src/kgrthemetypes.h Examining data/kgoldrunner-20.04.2/src/kgrscene.cpp Examining data/kgoldrunner-20.04.2/src/kgoldrunner.cpp Examining data/kgoldrunner-20.04.2/src/kgrgameio.cpp Examining data/kgoldrunner-20.04.2/src/kgreditor.cpp Examining data/kgoldrunner-20.04.2/src/kgrselector.h Examining data/kgoldrunner-20.04.2/src/kgrdialog.h Examining data/kgoldrunner-20.04.2/src/kgrsprite.h Examining data/kgoldrunner-20.04.2/src/kgrgame.h Examining data/kgoldrunner-20.04.2/src/kgrscene.h Examining data/kgoldrunner-20.04.2/src/kgrselector.cpp Examining data/kgoldrunner-20.04.2/src/kgrrunner.cpp FINAL RESULTS: data/kgoldrunner-20.04.2/src/kgrdebug.h:28:14: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbo printf( data/kgoldrunner-20.04.2/src/kgrdebug.h:29:29: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbo1 if(dbgLevel>=1)printf( data/kgoldrunner-20.04.2/src/kgrdebug.h:30:29: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbo2 if(dbgLevel>=2)printf( data/kgoldrunner-20.04.2/src/kgrdebug.h:31:29: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbo3 if(dbgLevel>=3)printf( data/kgoldrunner-20.04.2/src/kgrdebug.h:33:14: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbe fprintf(stderr, data/kgoldrunner-20.04.2/src/kgrdebug.h:34:29: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbe1 if(dbgLevel>=1)fprintf(stderr, data/kgoldrunner-20.04.2/src/kgrdebug.h:35:29: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbe2 if(dbgLevel>=2)fprintf(stderr, data/kgoldrunner-20.04.2/src/kgrdebug.h:36:29: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbe3 if(dbgLevel>=3)fprintf(stderr, data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:143:12: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (! (access & ENTERABLE) && (here != FBRICK)) { data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:149:2: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access |= (dFlag [STAND] | dFlag [DOWN] | data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:155:2: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access |= (dFlag [DOWN] | dFlag [LEFT] | dFlag [RIGHT]); data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:159:2: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access |= dFlag [UP]; data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:164:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access != 0) { data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:166:36: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access = ~dFlag [UP] & access; // Cannot go up. data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:169:38: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access = ~dFlag [LEFT] & access; // Cannot go left. data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:172:39: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access = ~dFlag [RIGHT] & access; // Cannot go right. data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:176:42: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. access = ~dFlag [DOWN] & access; // Cannot go down. data/kgoldrunner-20.04.2/src/kgrlevelgrid.cpp:181:34: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. heroAccess [index (i, j)] = access; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1213:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int enter = (access & ENTERABLE) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1214:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int stand = (access & dFlag [STAND]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1215:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int u = (access & dFlag [UP]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1216:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int d = (access & dFlag [DOWN]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1217:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int l = (access & dFlag [LEFT]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1218:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int r = (access & dFlag [RIGHT]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1221:19: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. i, j, here, access, enter, stand, u, d, l, r, enemyId); data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1224:20: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (eAccess != access) { data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1226:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. enter = (access & ENTERABLE) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1227:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. stand = (access & dFlag [STAND]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1228:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. u = (access & dFlag [UP]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1229:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. d = (access & dFlag [DOWN]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1230:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. l = (access & dFlag [LEFT]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1231:22: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. r = (access & dFlag [RIGHT]) ? 1 : 0; data/kgoldrunner-20.04.2/src/kgrlevelplayer.cpp:1234:19: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. i, j, here, access, enter, stand, u, d, l, r); data/kgoldrunner-20.04.2/src/kgrrunner.cpp:559:11: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. uchar random; data/kgoldrunner-20.04.2/src/kgrrunner.cpp:564:33: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. dbk3 << "Random" << random << "at NUGGET" << gridI << gridJ; data/kgoldrunner-20.04.2/src/kgrrunner.cpp:565:24: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. collect = (random >= 80); data/kgoldrunner-20.04.2/src/kgrrunner.cpp:579:33: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. dbk3 << "Random" << random << "for DROP " << gridI << gridJ; data/kgoldrunner-20.04.2/src/kgrrunner.cpp:580:17: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (random >= 93) { data/kgoldrunner-20.04.2/src/kgreditor.cpp:270:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! levelFile.open (QIODevice::WriteOnly)) { data/kgoldrunner-20.04.2/src/kgreditor.cpp:788:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! c.open (QIODevice::WriteOnly)) { data/kgoldrunner-20.04.2/src/kgrgame.cpp:1497:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! file2.open (QIODevice::WriteOnly)) { data/kgoldrunner-20.04.2/src/kgrgame.cpp:1507:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! file1.open (QIODevice::ReadOnly)) { data/kgoldrunner-20.04.2/src/kgrgame.cpp:1551:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! savedGames.open (QIODevice::ReadOnly)) { data/kgoldrunner-20.04.2/src/kgrgame.cpp:1665:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! high1.open (QIODevice::ReadOnly)) { data/kgoldrunner-20.04.2/src/kgrgame.cpp:1705:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! high2.open (QIODevice::WriteOnly)) { data/kgoldrunner-20.04.2/src/kgrgame.cpp:1868:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! high1.open (QIODevice::ReadOnly)) { data/kgoldrunner-20.04.2/src/kgrgameio.cpp:68:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! openFile.open (QIODevice::ReadOnly)) { data/kgoldrunner-20.04.2/src/kgrgameio.cpp:216:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (! openFile.open (QIODevice::ReadOnly)) { data/kgoldrunner-20.04.2/src/kgrscene.cpp:593:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[2] = {HERO, ENEMY}; ANALYSIS SUMMARY: Hits = 49 Lines analyzed = 13375 in approximately 0.36 seconds (36884 lines/second) Physical Source Lines of Code (SLOC) = 8920 Hits@level = [0] 13 [1] 0 [2] 11 [3] 5 [4] 33 [5] 0 Hits@level+ = [0+] 62 [1+] 49 [2+] 49 [3+] 38 [4+] 33 [5+] 0 Hits/KSLOC@level+ = [0+] 6.95067 [1+] 5.49327 [2+] 5.49327 [3+] 4.26009 [4+] 3.69955 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.