Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/texload.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/texload.h
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/underwater.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/dinospin.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/scube.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/splatlogo.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/spots.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/stars.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c
Examining data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/over_test.c
Examining data/lablgl-1.06/LablGlut/src/ml_gl.h
Examining data/lablgl-1.06/LablGlut/src/wrap_gl.c
Examining data/lablgl-1.06/LablGlut/src/wrap_glut.c
Examining data/lablgl-1.06/Togl/src/Togl/double.c
Examining data/lablgl-1.06/Togl/src/Togl/gears.c
Examining data/lablgl-1.06/Togl/src/Togl/image.c
Examining data/lablgl-1.06/Togl/src/Togl/image.h
Examining data/lablgl-1.06/Togl/src/Togl/index.c
Examining data/lablgl-1.06/Togl/src/Togl/overlay.c
Examining data/lablgl-1.06/Togl/src/Togl/stereo.c
Examining data/lablgl-1.06/Togl/src/Togl/texture.c
Examining data/lablgl-1.06/Togl/src/Togl/tkFont.h
Examining data/lablgl-1.06/Togl/src/Togl/togl.c
Examining data/lablgl-1.06/Togl/src/Togl/togl.h
Examining data/lablgl-1.06/Togl/src/ml_togl.c
Examining data/lablgl-1.06/src/ml_gl.c
Examining data/lablgl-1.06/src/ml_gl.h
Examining data/lablgl-1.06/src/ml_glarray.c
Examining data/lablgl-1.06/src/ml_glu.c
Examining data/lablgl-1.06/src/ml_glu.h
Examining data/lablgl-1.06/src/ml_glutess.c
Examining data/lablgl-1.06/src/ml_raw.c
Examining data/lablgl-1.06/src/ml_raw.h
Examining data/lablgl-1.06/src/ml_shader.c
FINAL RESULTS:
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:86:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PR if(debug)printf
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:224:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy, string);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:540:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%srequest %s", (modes[i] ? "+ " : " "), modeNames[i]);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:798:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(textPtr[0], text); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:811:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, # name); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:816:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, str2); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:817:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(str); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:869:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, # name); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:875:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, str2); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:876:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(str); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:902:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, # name); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:906:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, ": %s\n", \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:909:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, str2); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:910:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(str); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:2318:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(VERSIONLONG "\n");
data/lablgl-1.06/Togl/src/Togl/double.c:183:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/double.c:213:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/gears.c:365:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/stereo.c:229:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/stereo.c:258:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/stereo.c:299:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:311:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:334:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:357:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:391:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:425:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:461:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:489:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:524:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:553:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(interp->result, argv[2]);
data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/stars.c:258:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) time(NULL));
data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/texload.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/texload.c:70:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testByte[4];
data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/texload.c:88:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((image->file = fopen(fileName, "rb")) == NULL) {
data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/underwater.c:531:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[80];
data/lablgl-1.06/LablGlut/examples/glut3.7/demos/underwater/underwater.c:533:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "caust%02d.bw", i);
data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/scube.c:105:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char shadowPattern[128] =
data/lablgl-1.06/LablGlut/examples/glut3.7/not_yet_ported/scube.c:125:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sgiPattern[128] =
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:122:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *textPtr[1000] =
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:532:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:809:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100], str2[100]; \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:815:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, ": %d\n",glutGet(name)); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:867:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100], str2[100]; \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:873:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str2, ": %d\n", \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:900:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100], str2[100]; \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:1688:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[99];
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:1711:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "window %d (RGB)", index);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:1713:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "icon %d", index);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:1778:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "window %d (color index)", index);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:1780:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "icon %d", index);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:1924:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(textPtr[i], "no current text");
data/lablgl-1.06/Togl/src/Togl/double.c:220:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(interp->result, "%d", (int) xAngle);
data/lablgl-1.06/Togl/src/Togl/double.c:227:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(interp->result, "%d", (int) yAngle);
data/lablgl-1.06/Togl/src/Togl/gears.c:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Result[100];
data/lablgl-1.06/Togl/src/Togl/gears.c:340:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Result, "%g %g", Wg->Roty, Wg->Rotx);
data/lablgl-1.06/Togl/src/Togl/image.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/lablgl-1.06/Togl/src/Togl/image.c:81:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testByte[4];
data/lablgl-1.06/Togl/src/Togl/image.c:99:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((raw->file = fopen(fileName, "rb")) == NULL) {
data/lablgl-1.06/Togl/src/Togl/stereo.c:267:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(interp->result, "%d", (int) xAngle);
data/lablgl-1.06/Togl/src/Togl/stereo.c:276:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(interp->result, "%d", (int) yAngle);
data/lablgl-1.06/Togl/src/Togl/texture.c:482:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polycolor[0] = atoi(argv[2]);
data/lablgl-1.06/Togl/src/Togl/texture.c:483:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polycolor[1] = atoi(argv[3]);
data/lablgl-1.06/Togl/src/Togl/texture.c:484:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polycolor[2] = atoi(argv[4]);
data/lablgl-1.06/Togl/src/Togl/togl.c:646:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char threeto8[8] = {
data/lablgl-1.06/Togl/src/Togl/togl.c:650:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char twoto8[4] = {
data/lablgl-1.06/Togl/src/Togl/togl.c:654:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char oneto8[2] = {
data/lablgl-1.06/Togl/src/Togl/togl.c:1377:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Togl_UnloadBitmapFont(togl, atoi(argv[2]));
data/lablgl-1.06/Togl/src/Togl/togl.c:3554:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "w");
data/lablgl-1.06/src/ml_glutess.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/lablgl-1.06/src/ml_glutess.c:127:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Unknown primitive format %d in tesselation.\n", (int)type);
data/lablgl-1.06/src/ml_raw.c:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (String_val(ret), Bp_val(Addr_raw(raw))+s, l);
data/lablgl-1.06/src/ml_raw.c:177:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (Bp_val(Addr_raw(raw))+s, String_val(data), l);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:221:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copy = malloc(strlen(string) + 1);
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:797:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textPtr[0] = (char *)malloc(strlen(text)+1); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:812:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(# name); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:814:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " "); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:870:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(# name); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:872:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " "); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:903:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int) strlen(# name); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:905:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " "); \
data/lablgl-1.06/LablGlut/examples/glut3.7/test/not_yet_ported/bigtest.c:2007:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (msg[strlen(msg)] != '\n')
data/lablgl-1.06/Togl/src/Togl/double.c:76:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glCallLists(strlen(s), GL_UNSIGNED_BYTE, s);
data/lablgl-1.06/Togl/src/Togl/stereo.c:78:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
glCallLists(strlen(s), GL_UNSIGNED_BYTE, s);
data/lablgl-1.06/Togl/src/Togl/togl.c:1323:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(argv[1], "configure", MAX(1, strlen(argv[1])))) {
data/lablgl-1.06/Togl/src/Togl/togl.c:1346:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(argv[1], "render", MAX(1, strlen(argv[1])))) {
data/lablgl-1.06/Togl/src/Togl/togl.c:1349:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(argv[1], "swapbuffers", MAX(1, strlen(argv[1])))) {
data/lablgl-1.06/Togl/src/Togl/togl.c:1352:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(argv[1], "makecurrent", MAX(1, strlen(argv[1])))) {
data/lablgl-1.06/Togl/src/Togl/togl.c:1357:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(argv[1], "loadbitmapfont", MAX(1, strlen(argv[1])))) {
data/lablgl-1.06/Togl/src/Togl/togl.c:1375:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp(argv[1], "unloadbitmapfont", MAX(1, strlen(argv[1])))) {
ANALYSIS SUMMARY:
Hits = 89
Lines analyzed = 16853 in approximately 0.76 seconds (22074 lines/second)
Physical Source Lines of Code (SLOC) = 12853
Hits@level = [0] 167 [1] 17 [2] 41 [3] 1 [4] 30 [5] 0
Hits@level+ = [0+] 256 [1+] 89 [2+] 72 [3+] 31 [4+] 30 [5+] 0
Hits/KSLOC@level+ = [0+] 19.9175 [1+] 6.92445 [2+] 5.60181 [3+] 2.41189 [4+] 2.33409 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.