Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/op_pc.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/oppseudo_read.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/opcycle_pc.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/op_rmw.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/oppseudo_rmw.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/oppseudo_pc.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/op_misc.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/opcycle_misc.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/op_mov.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/oppseudo_mov.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/opcycle_read.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/op_read.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/oppseudo_misc.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/opcycle_rmw.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/generate.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/opcycle_mov.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/debugger.hpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/debugger.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/timing.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/iplrom.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/algorithms.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/memory.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp.hpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_source.h
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.h
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/sdsp.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_common.h
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_config.h
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/sdsp.hpp
Examining data/libretro-snes9x-1.53+git20160522/apu/bapu/snes/snes.hpp
Examining data/libretro-snes9x-1.53+git20160522/apu/hermite_resampler.h
Examining data/libretro-snes9x-1.53+git20160522/apu/apu.cpp
Examining data/libretro-snes9x-1.53+git20160522/apu/resampler.h
Examining data/libretro-snes9x-1.53+git20160522/apu/apu.h
Examining data/libretro-snes9x-1.53+git20160522/apu/ring_buffer.h
Examining data/libretro-snes9x-1.53+git20160522/cpuops.cpp
Examining data/libretro-snes9x-1.53+git20160522/display.h
Examining data/libretro-snes9x-1.53+git20160522/libretro/libretro.h
Examining data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp
Examining data/libretro-snes9x-1.53+git20160522/netplay.h
Examining data/libretro-snes9x-1.53+git20160522/statemanager.cpp
Examining data/libretro-snes9x-1.53+git20160522/dma.h
Examining data/libretro-snes9x-1.53+git20160522/spc7110emu.h
Examining data/libretro-snes9x-1.53+git20160522/sa1cpu.cpp
Examining data/libretro-snes9x-1.53+git20160522/messages.h
Examining data/libretro-snes9x-1.53+git20160522/controls.cpp
Examining data/libretro-snes9x-1.53+git20160522/snes9x.h
Examining data/libretro-snes9x-1.53+git20160522/cheats.cpp
Examining data/libretro-snes9x-1.53+git20160522/srtc.cpp
Examining data/libretro-snes9x-1.53+git20160522/fxemu.cpp
Examining data/libretro-snes9x-1.53+git20160522/debug.h
Examining data/libretro-snes9x-1.53+git20160522/server.cpp
Examining data/libretro-snes9x-1.53+git20160522/pixform.h
Examining data/libretro-snes9x-1.53+git20160522/stream.cpp
Examining data/libretro-snes9x-1.53+git20160522/gfx.h
Examining data/libretro-snes9x-1.53+git20160522/dsp3.cpp
Examining data/libretro-snes9x-1.53+git20160522/cpuaddr.h
Examining data/libretro-snes9x-1.53+git20160522/clip.cpp
Examining data/libretro-snes9x-1.53+git20160522/conffile.cpp
Examining data/libretro-snes9x-1.53+git20160522/port.h
Examining data/libretro-snes9x-1.53+git20160522/bsx.cpp
Examining data/libretro-snes9x-1.53+git20160522/sdd1emu.h
Examining data/libretro-snes9x-1.53+git20160522/logger.h
Examining data/libretro-snes9x-1.53+git20160522/snapshot.cpp
Examining data/libretro-snes9x-1.53+git20160522/getset.h
Examining data/libretro-snes9x-1.53+git20160522/spc7110emu.cpp
Examining data/libretro-snes9x-1.53+git20160522/c4emu.cpp
Examining data/libretro-snes9x-1.53+git20160522/ppu.cpp
Examining data/libretro-snes9x-1.53+git20160522/sdd1.h
Examining data/libretro-snes9x-1.53+git20160522/spc7110dec.cpp
Examining data/libretro-snes9x-1.53+git20160522/ppu.h
Examining data/libretro-snes9x-1.53+git20160522/spc7110dec.h
Examining data/libretro-snes9x-1.53+git20160522/65c816.h
Examining data/libretro-snes9x-1.53+git20160522/dsp4.cpp
Examining data/libretro-snes9x-1.53+git20160522/crosshairs.cpp
Examining data/libretro-snes9x-1.53+git20160522/seta018.cpp
Examining data/libretro-snes9x-1.53+git20160522/font.h
Examining data/libretro-snes9x-1.53+git20160522/seta.cpp
Examining data/libretro-snes9x-1.53+git20160522/seta.h
Examining data/libretro-snes9x-1.53+git20160522/tile.h
Examining data/libretro-snes9x-1.53+git20160522/sdd1emu.cpp
Examining data/libretro-snes9x-1.53+git20160522/screenshot.cpp
Examining data/libretro-snes9x-1.53+git20160522/obc1.cpp
Examining data/libretro-snes9x-1.53+git20160522/controls.h
Examining data/libretro-snes9x-1.53+git20160522/sa1.cpp
Examining data/libretro-snes9x-1.53+git20160522/netplay.cpp
Examining data/libretro-snes9x-1.53+git20160522/memmap.h
Examining data/libretro-snes9x-1.53+git20160522/logger.cpp
Examining data/libretro-snes9x-1.53+git20160522/tile.cpp
Examining data/libretro-snes9x-1.53+git20160522/fxdbg.cpp
Examining data/libretro-snes9x-1.53+git20160522/cpuexec.cpp
Examining data/libretro-snes9x-1.53+git20160522/cpuops.h
Examining data/libretro-snes9x-1.53+git20160522/snapshot.h
Examining data/libretro-snes9x-1.53+git20160522/missing.h
Examining data/libretro-snes9x-1.53+git20160522/srtc.h
Examining data/libretro-snes9x-1.53+git20160522/loadzip.cpp
Examining data/libretro-snes9x-1.53+git20160522/movie.cpp
Examining data/libretro-snes9x-1.53+git20160522/dsp.cpp
Examining data/libretro-snes9x-1.53+git20160522/cpu.cpp
Examining data/libretro-snes9x-1.53+git20160522/sar.h
Examining data/libretro-snes9x-1.53+git20160522/fxinst.h
Examining data/libretro-snes9x-1.53+git20160522/spc7110.h
Examining data/libretro-snes9x-1.53+git20160522/obc1.h
Examining data/libretro-snes9x-1.53+git20160522/sa1.h
Examining data/libretro-snes9x-1.53+git20160522/crosshairs.h
Examining data/libretro-snes9x-1.53+git20160522/srtcemu.cpp
Examining data/libretro-snes9x-1.53+git20160522/seta010.cpp
Examining data/libretro-snes9x-1.53+git20160522/screenshot.h
Examining data/libretro-snes9x-1.53+git20160522/cpumacro.h
Examining data/libretro-snes9x-1.53+git20160522/c4.cpp
Examining data/libretro-snes9x-1.53+git20160522/dsp1.cpp
Examining data/libretro-snes9x-1.53+git20160522/c4.h
Examining data/libretro-snes9x-1.53+git20160522/sdd1.cpp
Examining data/libretro-snes9x-1.53+git20160522/dma.cpp
Examining data/libretro-snes9x-1.53+git20160522/movie.h
Examining data/libretro-snes9x-1.53+git20160522/fxinst.cpp
Examining data/libretro-snes9x-1.53+git20160522/statemanager.h
Examining data/libretro-snes9x-1.53+git20160522/stream.h
Examining data/libretro-snes9x-1.53+git20160522/conffile.h
Examining data/libretro-snes9x-1.53+git20160522/cpuexec.h
Examining data/libretro-snes9x-1.53+git20160522/bsx.h
Examining data/libretro-snes9x-1.53+git20160522/memmap.cpp
Examining data/libretro-snes9x-1.53+git20160522/globals.cpp
Examining data/libretro-snes9x-1.53+git20160522/debug.cpp
Examining data/libretro-snes9x-1.53+git20160522/cheats2.cpp
Examining data/libretro-snes9x-1.53+git20160522/srtcemu.h
Examining data/libretro-snes9x-1.53+git20160522/spc7110.cpp
Examining data/libretro-snes9x-1.53+git20160522/fxemu.h
Examining data/libretro-snes9x-1.53+git20160522/gfx.cpp
Examining data/libretro-snes9x-1.53+git20160522/seta011.cpp
Examining data/libretro-snes9x-1.53+git20160522/dsp.h
Examining data/libretro-snes9x-1.53+git20160522/dsp2.cpp
Examining data/libretro-snes9x-1.53+git20160522/cheats.h
Examining data/libretro-snes9x-1.53+git20160522/snes9x.cpp
Examining data/libretro-snes9x-1.53+git20160522/language.h
FINAL RESULTS:
data/libretro-snes9x-1.53+git20160522/snes9x.h:220:33: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
#define GETS_STREAM(p, l, s) s->gets(p,l)
data/libretro-snes9x-1.53+git20160522/stream.cpp:225:7: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
if (gets(buf, sizeof(buf)) == NULL)
data/libretro-snes9x-1.53+git20160522/stream.cpp:255:17: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
char * fStream::gets (char *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.cpp:330:19: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
char * unzStream::gets (char *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.cpp:446:19: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
char * memStream::gets (char *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.cpp:540:19: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
char * nulStream::gets (char *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.h:190:18: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
virtual char * gets (char *, size_t) = 0;
data/libretro-snes9x-1.53+git20160522/stream.h:207:18: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
virtual char * gets (char *, size_t);
data/libretro-snes9x-1.53+git20160522/stream.h:231:18: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
virtual char * gets (char *, size_t);
data/libretro-snes9x-1.53+git20160522/stream.h:255:18: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
virtual char * gets (char *, size_t);
data/libretro-snes9x-1.53+git20160522/stream.h:280:24: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
virtual char * gets (char *, size_t);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:288:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:292:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:303:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, t);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp.cpp:49:26: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Processor::frequency = system.apu_frequency();
data/libretro-snes9x-1.53+git20160522/bsx.cpp:993:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, S9xGetDirectory(BIOS_DIR));
data/libretro-snes9x-1.53+git20160522/bsx.cpp:994:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, SLASH_STR);
data/libretro-snes9x-1.53+git20160522/bsx.cpp:995:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, path);
data/libretro-snes9x-1.53+git20160522/bsx.cpp:1001:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, path);
data/libretro-snes9x-1.53+git20160522/cheats.cpp:276:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_code + 6, code + 5);
data/libretro-snes9x-1.53+git20160522/conffile.cpp:187:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf // needs ANSI compliant name
data/libretro-snes9x-1.53+git20160522/conffile.cpp:187:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf // needs ANSI compliant name
data/libretro-snes9x-1.53+git20160522/controls.cpp:2336:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.%.*s loaded", def, _MAX_EXT - 1, "oops");
data/libretro-snes9x-1.53+git20160522/controls.cpp:2373:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.%03d loaded", def, i - QuickLoad000);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2400:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.%03d saved", def, i - QuickSave000);
data/libretro-snes9x-1.53+git20160522/cpuops.cpp:3539:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(def, "WDM Snapshot at $%02X:%04X: %s", Registers.PB, Registers.PCw, filename);
data/libretro-snes9x-1.53+git20160522/debug.cpp:459:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s %s",
data/libretro-snes9x-1.53+git20160522/debug.cpp:470:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s #$%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:482:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s #$%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:497:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s #$%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:509:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s #$%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:521:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s #$%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:531:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:540:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:546:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:557:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:563:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:570:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:576:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X,x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:584:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:590:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X,y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:598:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:604:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:612:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:618:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X,x)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:627:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:633:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X),y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:642:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:648:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s [$%02X]",
data/libretro-snes9x-1.53+git20160522/debug.cpp:657:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Byte, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:663:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s [$%02X],y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:673:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Byte, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:679:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:687:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:693:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X,x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:702:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:708:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X,y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:717:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:723:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %02X %s $%02X%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:733:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Operant[2], Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:739:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %02X %s $%02X%02X%02X,x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:750:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Operant[2], Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:756:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X,s",
data/libretro-snes9x-1.53+git20160522/debug.cpp:763:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:769:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X,s),y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:778:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:784:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s ($%02X%02X)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:793:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.PB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:799:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s [$%02X%02X]",
data/libretro-snes9x-1.53+git20160522/debug.cpp:809:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Byte, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:815:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s ($%02X%02X,x)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:825:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Registers.PB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:831:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s %s A",
data/libretro-snes9x-1.53+git20160522/debug.cpp:839:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s %02X %02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:851:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:863:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:871:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:876:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-44s A:%04X X:%04X Y:%04X D:%04X DB:%02X S:%04X P:%c%c%c%c%c%c%c%c%c HC:%04ld VC:%03ld FC:%02d %03x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:917:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s %s",
data/libretro-snes9x-1.53+git20160522/debug.cpp:928:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s #$%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:940:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s #$%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:955:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s #$%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:967:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s #$%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:979:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s #$%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:989:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:998:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1004:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1015:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1021:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1028:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1034:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X,x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1042:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1048:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X,y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1056:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1062:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1070:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1076:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X,x)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1085:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1091:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X),y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1100:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1106:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s [$%02X]",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1115:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Byte, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1121:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s [$%02X],y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1131:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Byte, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1137:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1145:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1151:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X,x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1160:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1166:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s $%02X%02X,y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1175:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1181:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %02X %s $%02X%02X%02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1191:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Operant[2], Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1197:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %02X %s $%02X%02X%02X,x",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1208:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Operant[2], Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1214:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s $%02X,s",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1221:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$00:%04X]", Line, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1227:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %s ($%02X,s),y",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1236:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.DB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1242:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s ($%02X%02X)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1251:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.PB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1257:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s [$%02X%02X]",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1267:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, Byte, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1273:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s%02X %02X %s ($%02X%02X,x)",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1283:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-32s[$%02X:%04X]", Line, SA1Registers.PB, Word);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1289:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s %s A",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1297:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%s %s %02X %02X",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1306:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Line, "%-44s A:%04X X:%04X Y:%04X D:%04X DB:%02X S:%04X P:%c%c%c%c%c%c%c%c%c HC:%04ld VC:%03ld FC:%02d",
data/libretro-snes9x-1.53+git20160522/debug.cpp:1843:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s %02X", string, MemoryByte);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1846:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s-", string);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1862:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "%s%c", string, MemoryByte);
data/libretro-snes9x-1.53+git20160522/debug.cpp:2604:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(msg, s, argptr);
data/libretro-snes9x-1.53+git20160522/dma.cpp:493:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "DMA[%d]: %s Mode:%d 0x%02X%04X->0x21%02X Bytes:%d (%s) V:%03d",
data/libretro-snes9x-1.53+git20160522/dma.cpp:498:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "%s VRAM: %04X (%d,%d) %s", String,
data/libretro-snes9x-1.53+git20160522/dma.cpp:502:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "%s CGRAM: %02X (%x)", String, PPU.CGADD, PPU.CGFLIP);
data/libretro-snes9x-1.53+git20160522/dma.cpp:505:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "%s OBJADDR: %04X", String, PPU.OAMAddr);
data/libretro-snes9x-1.53+git20160522/dma.cpp:1466:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "H-DMA[%d] %s (%d) 0x%06X->0x21%02X %s, Count: %3d, Rep: %s, V-LINE: %3ld %02X%04X",
data/libretro-snes9x-1.53+git20160522/dsp1.cpp:425:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(Msg, Message, ap);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2176:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s,%du = %u", watches[i].desc, watches[i].size, (unsigned int) displayNumber);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2179:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s,%dx = %X", watches[i].desc, watches[i].size, (unsigned int) displayNumber);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2192:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s,%ds = %d", watches[i].desc, watches[i].size, (int) displayNumber);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1020:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, path);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1025:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ext, dot + 1);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1032:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, path);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1035:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, slash + 1);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1040:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ext, dot + 1);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1051:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, dir);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1052:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, SLASH_STR);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1057:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, fname);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1062:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, ext);
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:216:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:223:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, name);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1430:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, fname);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1450:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, fname);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1465:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, fname);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1823:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Multi.fileNameB, cartB);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1836:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Multi.fileNameA, cartA);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1884:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, S9xGetDirectory(BIOS_DIR));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1885:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, SLASH_STR);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1899:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, path);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1927:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, Multi.fileNameA);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1930:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, Multi.fileNameB);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2068:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sramName, filename);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2076:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ROMFilename);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2077:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, Multi.fileNameB);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2090:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2119:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, S9xGetDirectory(SRAM_DIR));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2120:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, SLASH_STR);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2159:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sramName, filename);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2165:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, ROMFilename);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2166:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, Multi.fileNameB);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2167:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, S9xGetFilename(".srm", SRAM_DIR));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2179:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ROMFilename, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2714:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(RawROMName, ROMName);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2715:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(displayName, "%s", SafeANK(ROMName));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2716:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ROMName, "%s", Safe(ROMName));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2717:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ROMId, "%s", Safe(ROMId));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2719:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "\"%s\" [%s] %s, %s, %s, %s, SRAM:%s, ID:%s, CRC32:%08X",
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3630:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%s", contents[(ROMType & 0xf) % 3], chip);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3674:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, " Cart Name: %s", ROMName);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3675:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3676:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Game Code: %s", ROMId);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3677:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3678:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Contents: %s", KartContents());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3679:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3680:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Map: %s", MapType());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3681:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3682:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Speed: 0x%02X (%s)", ROMSpeed, (ROMSpeed & 0x10) ? "FastROM" : "SlowROM");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3683:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3685:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3687:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3688:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Size (header): %s", Size());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3689:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3690:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n SRAM size: %s", StaticRAMSize());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3691:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3693:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3695:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3697:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3698:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Video Output: %s", (ROMRegion > 12 || ROMRegion < 2) ? "NTSC 60Hz" : "PAL 50Hz");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3699:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3700:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Revision: %s", Revision());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3701:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3702:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Licensee: %s", PublishingCompany());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3703:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3704:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\n Region: %s", Country());
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3705:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3707:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(romtext, temp);
data/libretro-snes9x-1.53+git20160522/movie.cpp:1190:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(GFX.FrameDisplayString, "Recording frame: %d%s",
data/libretro-snes9x-1.53+git20160522/movie.cpp:1199:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(GFX.FrameDisplayString, "%s frame: %d", Settings.NetPlayServer ? "Server" : "Client",
data/libretro-snes9x-1.53+git20160522/netplay.cpp:381:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) ptr, NetPlay.ROMName);
data/libretro-snes9x-1.53+git20160522/port.h:306:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libretro-snes9x-1.53+git20160522/port.h:306:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libretro-snes9x-1.53+git20160522/screenshot.cpp:308:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(String, "Saved screenshot %s", base);
data/libretro-snes9x-1.53+git20160522/server.cpp:266:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (NetPlay.ErrorMsg,
data/libretro-snes9x-1.53+git20160522/server.cpp:487:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (NetPlay.WarningMsg,
data/libretro-snes9x-1.53+git20160522/server.cpp:554:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) ptr, NPServer.ROMName);
data/libretro-snes9x-1.53+git20160522/server.cpp:753:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (NetPlay.WarningMsg, "SERVER: Player %d on %s has connected.", i + 1, host->h_name);
data/libretro-snes9x-1.53+git20160522/server.cpp:764:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (NetPlay.WarningMsg, "SERVER: Player %d on %s has connected.", i + 1, ip ? ip : "Unknown");
data/libretro-snes9x-1.53+git20160522/server.cpp:1291:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) ptr, filename);
data/libretro-snes9x-1.53+git20160522/seta010.cpp:815:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((system && (dy <= 6 && dy >= -8) && (dx <= 126 && dx >= -128)) || (!system && (dx <= 6 && dx >= -8) && (dy <= 126 && dy >= -128)))
data/libretro-snes9x-1.53+git20160522/seta010.cpp:815:77: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((system && (dy <= 6 && dy >= -8) && (dx <= 126 && dx >= -128)) || (!system && (dx <= 6 && dx >= -8) && (dy <= 126 && dy >= -128)))
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1164:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%s%s.%.*s", S9xGetDirectory(SNAPSHOT_DIR), SLASH_STR, def, _MAX_EXT - 1, "oops");
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1200:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, MOVIE_INFO_SNAPSHOT " %s", base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1202:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, SAVE_INFO_SNAPSHOT " %s", base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1263:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, SAVE_ERR_ROM_NOT_FOUND, base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1274:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, MOVIE_INFO_REWIND " %s", base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1276:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, MOVIE_INFO_RERECORD " %s", base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1279:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, SAVE_INFO_LOAD " %s", base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1286:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(String, SAVE_ERR_SAVE_NOT_FOUND, base);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1299:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s:%04d\n", SNAPSHOT_MAGIC, SNAPSHOT_VERSION);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1302:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "NAM:%06d:%s%c", (int) strlen(Memory.ROMFilename) + 1, Memory.ROMFilename, 0);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:2038:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s:%06d:", name, size);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:2042:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s:------:", name);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:895:9: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
if (tmpnam (fname))
data/libretro-snes9x-1.53+git20160522/server.cpp:1164:10: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
if ( tmpnam(fname) && S9xFreezeGame(fname) )
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:336:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, dest, (sample_count << (Settings.SixteenBitSound ? 1 : 0)));
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:621:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, SNES::cpu.registers, 4);
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:640:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (SNES::cpu.registers, ptr, 4);
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:645:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(var, *buf, size);
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:752:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (SNES::cpu.registers, regs_in + 4, 4);
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:761:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs = fopen(filename, "wb");
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.cpp:872:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( m.regs, regs, sizeof m.regs );
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.cpp:914:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [64];
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.cpp:989:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &m.echo_hist [echo_hist_size], m.echo_hist, echo_hist_size * sizeof m.echo_hist [0] );
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:70:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (unsigned) ((unsigned char const*) p) [1] << 8 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:71:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(unsigned) ((unsigned char const*) p) [0];
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:76:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (unsigned) ((unsigned char const*) p) [0] << 8 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:77:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(unsigned) ((unsigned char const*) p) [1];
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:82:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (blargg_ulong) ((unsigned char const*) p) [3] << 24 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:83:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(blargg_ulong) ((unsigned char const*) p) [2] << 16 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:84:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(blargg_ulong) ((unsigned char const*) p) [1] << 8 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:85:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(blargg_ulong) ((unsigned char const*) p) [0];
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:90:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (blargg_ulong) ((unsigned char const*) p) [0] << 24 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:91:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(blargg_ulong) ((unsigned char const*) p) [1] << 16 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:92:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(blargg_ulong) ((unsigned char const*) p) [2] << 8 |
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/blargg_endian.h:93:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(blargg_ulong) ((unsigned char const*) p) [3];
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/sdsp.cpp:25:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, var, size);
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/sdsp.cpp:31:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(var, *buf, size);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/core/generate.cpp:16:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp.open(targetFilename, file::mode::write);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, t[512];
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:17:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "..%.4x ", addr);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:26:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, " ");
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:29:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x00: sprintf(t, "nop"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:30:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x01: sprintf(t, "tcall 0"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:31:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x02: sprintf(t, "set0 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:32:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x03: sprintf(t, "bbs0 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:33:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x04: sprintf(t, "or a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:34:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x05: sprintf(t, "or a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:35:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x06: sprintf(t, "or a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:36:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x07: sprintf(t, "or a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:37:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x08: sprintf(t, "or a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:38:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x09: sprintf(t, "or $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:39:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x0a: sprintf(t, "or1 c,$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:40:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x0b: sprintf(t, "asl $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:41:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x0c: sprintf(t, "asl $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:42:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x0d: sprintf(t, "push p"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:43:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x0e: sprintf(t, "tset $%.4x,a", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:44:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x0f: sprintf(t, "brk"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:45:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x10: sprintf(t, "bpl $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:46:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x11: sprintf(t, "tcall 1"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:47:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x12: sprintf(t, "clr0 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:48:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x13: sprintf(t, "bbc0 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:49:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x14: sprintf(t, "or a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:50:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x15: sprintf(t, "or a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:51:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x16: sprintf(t, "or a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:52:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x17: sprintf(t, "or a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:53:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x18: sprintf(t, "or $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:54:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x19: sprintf(t, "or (x),(y)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:55:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x1a: sprintf(t, "decw $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:56:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x1b: sprintf(t, "asl $%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:57:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x1c: sprintf(t, "asl a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:58:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x1d: sprintf(t, "dec x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:59:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x1e: sprintf(t, "cmp x,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:60:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x1f: sprintf(t, "jmp ($%.4x+x)", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:61:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x20: sprintf(t, "clrp"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:62:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x21: sprintf(t, "tcall 2"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:63:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x22: sprintf(t, "set1 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:64:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x23: sprintf(t, "bbs1 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:65:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x24: sprintf(t, "and a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:66:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x25: sprintf(t, "and a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:67:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x26: sprintf(t, "and a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:68:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x27: sprintf(t, "and a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:69:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x28: sprintf(t, "and a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:70:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x29: sprintf(t, "and $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:71:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2a: sprintf(t, "or1 c,!$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:72:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2b: sprintf(t, "rol $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:73:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2c: sprintf(t, "rol $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:74:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2d: sprintf(t, "push a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:75:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2e: sprintf(t, "cbne $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:76:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2f: sprintf(t, "bra $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:77:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x30: sprintf(t, "bmi $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:78:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x31: sprintf(t, "tcall 3"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:79:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x32: sprintf(t, "clr1 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:80:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x33: sprintf(t, "bbc1 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:81:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x34: sprintf(t, "and a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:82:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x35: sprintf(t, "and a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:83:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x36: sprintf(t, "and a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:84:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x37: sprintf(t, "and a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:85:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x38: sprintf(t, "and $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:86:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x39: sprintf(t, "and (x),(y)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:87:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3a: sprintf(t, "incw $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:88:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3b: sprintf(t, "rol $%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:89:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3c: sprintf(t, "rol a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:90:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3d: sprintf(t, "inc x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:91:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3e: sprintf(t, "cmp x,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:92:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3f: sprintf(t, "call $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:93:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x40: sprintf(t, "setp"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:94:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x41: sprintf(t, "tcall 4"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:95:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x42: sprintf(t, "set2 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:96:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x43: sprintf(t, "bbs2 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:97:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x44: sprintf(t, "eor a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:98:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x45: sprintf(t, "eor a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:99:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x46: sprintf(t, "eor a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:100:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x47: sprintf(t, "eor a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:101:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x48: sprintf(t, "eor a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:102:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x49: sprintf(t, "eor $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:103:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x4a: sprintf(t, "and1 c,$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:104:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x4b: sprintf(t, "lsr $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:105:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x4c: sprintf(t, "lsr $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:106:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x4d: sprintf(t, "push x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:107:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x4e: sprintf(t, "tclr $%.4x,a", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:108:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x4f: sprintf(t, "pcall $ff%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:109:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x50: sprintf(t, "bvc $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:110:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x51: sprintf(t, "tcall 5"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:111:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x52: sprintf(t, "clr2 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:112:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x53: sprintf(t, "bbc2 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:113:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x54: sprintf(t, "eor a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:114:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x55: sprintf(t, "eor a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:115:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x56: sprintf(t, "eor a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:116:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x57: sprintf(t, "eor a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:117:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x58: sprintf(t, "eor $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:118:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x59: sprintf(t, "eor (x),(y)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:119:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x5a: sprintf(t, "cmpw ya,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:120:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x5b: sprintf(t, "lsr $%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:121:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x5c: sprintf(t, "lsr a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:122:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x5d: sprintf(t, "mov x,a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:123:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x5e: sprintf(t, "cmp y,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:124:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x5f: sprintf(t, "jmp $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:125:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x60: sprintf(t, "clrc"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:126:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x61: sprintf(t, "tcall 6"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:127:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x62: sprintf(t, "set3 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:128:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x63: sprintf(t, "bbs3 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:129:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x64: sprintf(t, "cmp a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:130:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x65: sprintf(t, "cmp a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:131:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x66: sprintf(t, "cmp a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:132:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x67: sprintf(t, "cmp a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:133:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x68: sprintf(t, "cmp a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:134:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x69: sprintf(t, "cmp $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:135:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x6a: sprintf(t, "and1 c,!$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:136:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x6b: sprintf(t, "ror $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:137:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x6c: sprintf(t, "ror $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:138:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x6d: sprintf(t, "push y"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:139:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x6e: sprintf(t, "dbnz $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:140:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x6f: sprintf(t, "ret"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:141:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x70: sprintf(t, "bvs $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:142:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x71: sprintf(t, "tcall 7"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:143:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x72: sprintf(t, "clr3 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:144:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x73: sprintf(t, "bbc3 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:145:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x74: sprintf(t, "cmp a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:146:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x75: sprintf(t, "cmp a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:147:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x76: sprintf(t, "cmp a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:148:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x77: sprintf(t, "cmp a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:149:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x78: sprintf(t, "cmp $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:150:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x79: sprintf(t, "cmp (x),(y)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:151:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x7a: sprintf(t, "addw ya,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:152:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x7b: sprintf(t, "ror $%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:153:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x7c: sprintf(t, "ror a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:154:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x7d: sprintf(t, "mov a,x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:155:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x7e: sprintf(t, "cmp y,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:156:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x7f: sprintf(t, "reti"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:157:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x80: sprintf(t, "setc"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:158:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x81: sprintf(t, "tcall 8"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:159:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x82: sprintf(t, "set4 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:160:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x83: sprintf(t, "bbs4 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:161:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x84: sprintf(t, "adc a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:162:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x85: sprintf(t, "adc a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:163:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x86: sprintf(t, "adc a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:164:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x87: sprintf(t, "adc a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:165:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x88: sprintf(t, "adc a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:166:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x89: sprintf(t, "adc $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:167:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8a: sprintf(t, "eor1 c,$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:168:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8b: sprintf(t, "dec $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:169:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8c: sprintf(t, "dec $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:170:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8d: sprintf(t, "mov y,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:171:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8e: sprintf(t, "pop p"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:172:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x8f: sprintf(t, "mov $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:173:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x90: sprintf(t, "bcc $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:174:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x91: sprintf(t, "tcall 9"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:175:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x92: sprintf(t, "clr4 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:176:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x93: sprintf(t, "bbc4 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:177:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x94: sprintf(t, "adc a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:178:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x95: sprintf(t, "adc a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:179:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x96: sprintf(t, "adc a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:180:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x97: sprintf(t, "adc a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:181:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x98: sprintf(t, "adc $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:182:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x99: sprintf(t, "adc (x),(y)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:183:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x9a: sprintf(t, "subw ya,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:184:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x9b: sprintf(t, "dec $%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:185:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x9c: sprintf(t, "dec a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:186:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x9d: sprintf(t, "mov x,sp"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:187:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x9e: sprintf(t, "div ya,x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:188:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x9f: sprintf(t, "xcn a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:189:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa0: sprintf(t, "ei"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:190:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa1: sprintf(t, "tcall 10"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:191:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa2: sprintf(t, "set5 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:192:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa3: sprintf(t, "bbs5 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:193:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa4: sprintf(t, "sbc a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:194:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa5: sprintf(t, "sbc a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:195:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa6: sprintf(t, "sbc a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:196:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa7: sprintf(t, "sbc a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:197:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa8: sprintf(t, "sbc a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:198:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xa9: sprintf(t, "sbc $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:199:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xaa: sprintf(t, "mov1 c,$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:200:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xab: sprintf(t, "inc $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:201:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xac: sprintf(t, "inc $%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:202:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xad: sprintf(t, "cmp y,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:203:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xae: sprintf(t, "pop a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:204:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xaf: sprintf(t, "mov (x)+,a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:205:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb0: sprintf(t, "bcs $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:206:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb1: sprintf(t, "tcall 11"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:207:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb2: sprintf(t, "clr5 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:208:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb3: sprintf(t, "bbc5 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:209:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb4: sprintf(t, "sbc a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:210:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb5: sprintf(t, "sbc a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:211:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb6: sprintf(t, "sbc a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:212:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb7: sprintf(t, "sbc a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:213:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb8: sprintf(t, "sbc $%.3x,#$%.2x", opdp1, op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:214:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xb9: sprintf(t, "sbc (x),(y)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:215:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xba: sprintf(t, "movw ya,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:216:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xbb: sprintf(t, "inc $%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:217:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xbc: sprintf(t, "inc a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:218:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xbd: sprintf(t, "mov sp,x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:219:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xbe: sprintf(t, "das a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:220:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xbf: sprintf(t, "mov a,(x)+"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:221:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc0: sprintf(t, "di"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:222:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc1: sprintf(t, "tcall 12"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:223:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc2: sprintf(t, "set6 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:224:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc3: sprintf(t, "bbs6 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:225:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc4: sprintf(t, "mov $%.3x,a", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:226:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc5: sprintf(t, "mov $%.4x,a", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:227:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc6: sprintf(t, "mov (x),a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:228:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc7: sprintf(t, "mov ($%.3x+x),a", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:229:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc8: sprintf(t, "cmp x,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:230:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xc9: sprintf(t, "mov $%.4x,x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:231:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xca: sprintf(t, "mov1 $%.4x:%d,c", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:232:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xcb: sprintf(t, "mov $%.3x,y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:233:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xcc: sprintf(t, "mov $%.4x,y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:234:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xcd: sprintf(t, "mov x,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:235:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xce: sprintf(t, "pop x"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:236:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xcf: sprintf(t, "mul ya"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:237:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd0: sprintf(t, "bne $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:238:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd1: sprintf(t, "tcall 13"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:239:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd2: sprintf(t, "clr6 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:240:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd3: sprintf(t, "bbc6 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:241:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd4: sprintf(t, "mov $%.3x+x,a", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:242:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd5: sprintf(t, "mov $%.4x+x,a", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:243:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd6: sprintf(t, "mov $%.4x+y,a", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:244:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd7: sprintf(t, "mov ($%.3x)+y,a", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:245:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd8: sprintf(t, "mov $%.3x,x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:246:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xd9: sprintf(t, "mov $%.3x+y,x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:247:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xda: sprintf(t, "movw $%.3x,ya", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:248:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xdb: sprintf(t, "mov $%.3x+x,y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:249:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xdc: sprintf(t, "dec y"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:250:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xdd: sprintf(t, "mov a,y"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:251:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xde: sprintf(t, "cbne $%.3x+x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:252:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xdf: sprintf(t, "daa a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:253:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe0: sprintf(t, "clrv"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:254:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe1: sprintf(t, "tcall 14"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:255:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe2: sprintf(t, "set7 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:256:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe3: sprintf(t, "bbs7 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:257:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe4: sprintf(t, "mov a,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:258:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe5: sprintf(t, "mov a,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:259:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe6: sprintf(t, "mov a,(x)"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:260:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe7: sprintf(t, "mov a,($%.3x+x)", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:261:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe8: sprintf(t, "mov a,#$%.2x", op0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:262:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xe9: sprintf(t, "mov x,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:263:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xea: sprintf(t, "not1 c,$%.4x:%d", opw & 0x1fff, opw >> 13); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:264:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xeb: sprintf(t, "mov y,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:265:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xec: sprintf(t, "mov y,$%.4x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:266:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xed: sprintf(t, "notc"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:267:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xee: sprintf(t, "pop y"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:268:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xef: sprintf(t, "sleep"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:269:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf0: sprintf(t, "beq $%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:270:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf1: sprintf(t, "tcall 15"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:271:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf2: sprintf(t, "clr7 $%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:272:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf3: sprintf(t, "bbc7 $%.3x,$%.4x", opdp0, relb(op1, 3)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:273:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf4: sprintf(t, "mov a,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:274:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf5: sprintf(t, "mov a,$%.4x+x", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:275:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf6: sprintf(t, "mov a,$%.4x+y", opw); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:276:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf7: sprintf(t, "mov a,($%.3x)+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:277:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf8: sprintf(t, "mov x,$%.3x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:278:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xf9: sprintf(t, "mov x,$%.3x+y", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:279:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xfa: sprintf(t, "mov $%.3x,$%.3x", opdp1, opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:280:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xfb: sprintf(t, "mov y,$%.3x+x", opdp0); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:281:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xfc: sprintf(t, "inc y"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:282:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xfd: sprintf(t, "mov y,a"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:283:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xfe: sprintf(t, "dbnz y,$%.4x", relb(op0, 2)); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:284:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0xff: sprintf(t, "stop"); break;
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:290:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "A:%.2x X:%.2x Y:%.2x SP:01%.2x YA:%.4x ",
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:294:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "%c%c%c%c%c%c%c%c",
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:34:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out.header, header, 33);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:49:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out.apuram, apuram, 65536);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:67:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out.iplrom, iplrom, 64);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:69:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (block, &out, 66048);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:75:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, apuram, 64 * 1024);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(apuram, ptr, 64 * 1024);
data/libretro-snes9x-1.53+git20160522/apu/ring_buffer.h:44:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + end, src, first_write_size);
data/libretro-snes9x-1.53+git20160522/apu/ring_buffer.h:47:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, src + first_write_size, bytes - first_write_size);
data/libretro-snes9x-1.53+git20160522/apu/ring_buffer.h:60:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst, buffer + start, MIN (bytes, buffer_size - start));
data/libretro-snes9x-1.53+git20160522/apu/ring_buffer.h:63:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst + (buffer_size - start), buffer, bytes - (buffer_size - start));
data/libretro-snes9x-1.53+git20160522/bsx.cpp:553:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BSX.prevMMC, BSX.MMC, sizeof(BSX.MMC));
data/libretro-snes9x-1.53+git20160522/bsx.cpp:990:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX + 1], name[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/bsx.cpp:996:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "BS-X.bin");
data/libretro-snes9x-1.53+git20160522/bsx.cpp:998:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name, "rb");
data/libretro-snes9x-1.53+git20160522/bsx.cpp:1002:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(name, "BS-X.bios");
data/libretro-snes9x-1.53+git20160522/bsx.cpp:1003:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name, "rb");
data/libretro-snes9x-1.53+git20160522/bsx.cpp:1105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BSX.test2192, init2192, sizeof(init2192));
data/libretro-snes9x-1.53+git20160522/bsx.cpp:1147:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(PSRAM, FlashROM, PSRAM_SIZE);
data/libretro-snes9x-1.53+git20160522/bsx.cpp:1175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, BSX.MMC, sizeof(BSX.MMC));
data/libretro-snes9x-1.53+git20160522/cheats.cpp:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[15];
data/libretro-snes9x-1.53+git20160522/cheats.cpp:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_code[12];
data/libretro-snes9x-1.53+git20160522/cheats.cpp:274:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(new_code, "0x");
data/libretro-snes9x-1.53+git20160522/cheats.h:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22];
data/libretro-snes9x-1.53+git20160522/cheats.h:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[12];
data/libretro-snes9x-1.53+git20160522/cheats.h:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[32];
data/libretro-snes9x-1.53+git20160522/cheats2.cpp:340:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs = fopen(filename, "rb");
data/libretro-snes9x-1.53+git20160522/cheats2.cpp:371:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs = fopen(filename, "wb");
data/libretro-snes9x-1.53+git20160522/conffile.cpp:299:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fp=fopen(filename, "w"))==NULL){
data/libretro-snes9x-1.53+git20160522/conffile.cpp:435:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, o.data(), outlen);
data/libretro-snes9x-1.53+git20160522/conffile.cpp:501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/libretro-snes9x-1.53+git20160522/conffile.cpp:523:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/libretro-snes9x-1.53+git20160522/controls.cpp:319:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/libretro-snes9x-1.53+git20160522/controls.cpp:321:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *color_names[32] =
data/libretro-snes9x-1.53+git20160522/controls.cpp:357:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *speed_names[4] =
data/libretro-snes9x-1.53+git20160522/controls.cpp:444:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *command_names[LAST_COMMAND + 1] =
data/libretro-snes9x-1.53+git20160522/controls.cpp:892:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mes[128];
data/libretro-snes9x-1.53+git20160522/controls.cpp:899:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Port %d: ", port + 1);
data/libretro-snes9x-1.53+git20160522/controls.cpp:904:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "<none>. ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:908:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "MP5 with pads");
data/libretro-snes9x-1.53+git20160522/controls.cpp:912:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, " <none>. ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:914:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, " #%d. ", mp5[port].pads[i] + 1 - JOYPAD0);
data/libretro-snes9x-1.53+git20160522/controls.cpp:927:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Pad #%d. ", (int) (newcontrollers[port] - JOYPAD0 + 1));
data/libretro-snes9x-1.53+git20160522/controls.cpp:932:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Mouse #%d. ", (int) (newcontrollers[port] - MOUSE0 + 1));
data/libretro-snes9x-1.53+git20160522/controls.cpp:937:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Superscope (cannot fire). ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:939:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Superscope. ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:944:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Blue Justifier (cannot fire). ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:946:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Blue Justifier. ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:951:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Blue and Pink Justifiers (cannot fire). ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:953:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
c += sprintf(c, "Blue and Pink Justifiers. ");
data/libretro-snes9x-1.53+git20160522/controls.cpp:2246:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Frame skip: %d", Settings.SkipFrames - 1);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2263:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Frame skip: %d", Settings.SkipFrames - 1);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2275:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Turbo frame skip: %d", Settings.TurboSkipFrames);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2285:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Turbo frame skip: %d", Settings.TurboSkipFrames);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2291:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Emulated frame time: %dms", Settings.FrameTime / 1000);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2298:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Emulated frame time: %dms", Settings.FrameTime / 1000);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2306:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Turbo speed: %d", turbo_time);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2314:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Turbo speed: %d", turbo_time);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2328:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/controls.cpp:2329:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], def[_MAX_FNAME + 1], ext[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/controls.cpp:2365:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/controls.cpp:2366:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], def[_MAX_FNAME + 1], ext[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/controls.cpp:2394:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/controls.cpp:2395:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], def[_MAX_FNAME + 1], ext[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/controls.cpp:2424:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Sound channel %d toggled", i - SoundChannel0);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2496:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "Swap pads: P1=");
data/libretro-snes9x-1.53+git20160522/controls.cpp:2500:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf + i, "<none>");
data/libretro-snes9x-1.53+git20160522/controls.cpp:2505:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + i, "Joypad%d", newcontrollers[0] - JOYPAD0 + 1);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2509:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf + i, " P2=");
data/libretro-snes9x-1.53+git20160522/controls.cpp:2512:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf + i, "<none>");
data/libretro-snes9x-1.53+git20160522/controls.cpp:2514:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + i, "Joypad%d", newcontrollers[1] - JOYPAD0 + 1);
data/libretro-snes9x-1.53+git20160522/controls.cpp:2522:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Select frame number (current: %d)", S9xMovieGetFrameCounter());
data/libretro-snes9x-1.53+git20160522/controls.cpp:2527:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int frameDest = atoi(frameno);
data/libretro-snes9x-1.53+git20160522/controls.cpp:3467:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define COPY(x) { memcpy((char *) s->internal + i, &(x), sizeof(x)); i += sizeof(x); }
data/libretro-snes9x-1.53+git20160522/controls.cpp:3539:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define COPY(x) { memcpy(&(x), (char *) s->internal + i, sizeof(x)); i += sizeof(x); }
data/libretro-snes9x-1.53+git20160522/cpuexec.cpp:365:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char eventname[7][32] =
data/libretro-snes9x-1.53+git20160522/cpuops.cpp:3508:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[25];
data/libretro-snes9x-1.53+git20160522/cpuops.cpp:3522:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[26];
data/libretro-snes9x-1.53+git20160522/cpuops.cpp:3535:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1], drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], def[PATH_MAX + 1], ext[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/crosshairs.cpp:185:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *crosshairs[32] =
data/libretro-snes9x-1.53+git20160522/crosshairs.cpp:476:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/libretro-snes9x-1.53+git20160522/debug.cpp:264:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *S9xMnemonics[256] =
data/libretro-snes9x-1.53+git20160522/debug.cpp:449:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Line, "$%02X:%04X %02X ", Bank, Address, S9xOpcode);
data/libretro-snes9x-1.53+git20160522/debug.cpp:907:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Line, "$%02X:%04X %02X ", Bank, Address, S9xOpcode);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[512];
data/libretro-snes9x-1.53+git20160522/debug.cpp:1373:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%06x%05d.sd2", Address, Count);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1374:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fs = fopen(string, "wb");
data/libretro-snes9x-1.53+git20160522/debug.cpp:1393:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, " 8 Bit 16 Bit ");
data/libretro-snes9x-1.53+git20160522/debug.cpp:1395:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "ABT $00:%04X|$00:%04X", S9xDebugGetWord(0xFFF8), S9xDebugGetWord(0xFFE8));
data/libretro-snes9x-1.53+git20160522/debug.cpp:1397:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "BRK $00:%04X|$00:%04X", S9xDebugGetWord(0xFFFE), S9xDebugGetWord(0xFFE6));
data/libretro-snes9x-1.53+git20160522/debug.cpp:1399:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "COP $00:%04X|$00:%04X", S9xDebugGetWord(0xFFF4), S9xDebugGetWord(0xFFE4));
data/libretro-snes9x-1.53+git20160522/debug.cpp:1401:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "IRQ $00:%04X|$00:%04X", S9xDebugGetWord(0xFFFE), S9xDebugGetWord(0xFFEE));
data/libretro-snes9x-1.53+git20160522/debug.cpp:1403:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "NMI $00:%04X|$00:%04X", S9xDebugGetWord(0xFFFA), S9xDebugGetWord(0xFFEA));
data/libretro-snes9x-1.53+git20160522/debug.cpp:1405:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "RES $00:%04X", S9xDebugGetWord(0xFFFC));
data/libretro-snes9x-1.53+git20160522/debug.cpp:1709:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%i @ $%02X:%04X", Number, S9xBreakpoint[Number].Bank, S9xBreakpoint[Number].Address);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1711:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%i @ Disabled", Number);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1721:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%i @ $%02X:%04X", Number, S9xBreakpoint[Number].Bank, S9xBreakpoint[Number].Address);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1723:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%i @ Disabled", Number);
data/libretro-snes9x-1.53+git20160522/debug.cpp:1830:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "$%02X:%04X", Bank, Address);
data/libretro-snes9x-1.53+git20160522/debug.cpp:2531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Line[513];
data/libretro-snes9x-1.53+git20160522/debug.cpp:2565:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/libretro-snes9x-1.53+git20160522/debug.cpp:2575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/libretro-snes9x-1.53+git20160522/debug.cpp:2597:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/libretro-snes9x-1.53+git20160522/debug.cpp:2613:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "HC:%04ld VC:%03ld FC:%02d", (long) CPU.Cycles, (long) CPU.V_Counter, IPPU.FrameCount);
data/libretro-snes9x-1.53+git20160522/debug.h:198:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fn.c_str(), mode); \
data/libretro-snes9x-1.53+git20160522/dma.cpp:270:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "DMA[%d]: WRAM Bank:%02X->$2180", Channel, d->ABank);
data/libretro-snes9x-1.53+git20160522/dma.cpp:321:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "S-DD1: DMA from non-block address $%02X:%04X", d->ABank, d->AAddress);
data/libretro-snes9x-1.53+git20160522/dma.cpp:374:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "SA-1: DMA from non-block address $%02X:%04X", d->ABank, addr);
data/libretro-snes9x-1.53+git20160522/dma.cpp:722:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "Unknown DMA transfer mode: %d on channel %d\n", d->TransferMode, Channel);
data/libretro-snes9x-1.53+git20160522/dma.cpp:1029:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "Unknown DMA transfer mode: %d on channel %d\n", d->TransferMode, Channel);
data/libretro-snes9x-1.53+git20160522/dma.cpp:1161:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "Unknown DMA transfer mode: %d on channel %d\n", d->TransferMode, Channel);
data/libretro-snes9x-1.53+git20160522/dma.cpp:1262:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "Unknown DMA transfer mode: %d on channel %d\n", d->TransferMode, Channel);
data/libretro-snes9x-1.53+git20160522/dsp.cpp:210:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "DSP read: 0x%04X", address);
data/libretro-snes9x-1.53+git20160522/dsp.cpp:224:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "DSP write: 0x%04X=0x%02X", address, byte);
data/libretro-snes9x-1.53+git20160522/dsp1.cpp:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msg[400];
data/libretro-snes9x-1.53+git20160522/dsp1.cpp:428:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Msg, "\r\n\0");
data/libretro-snes9x-1.53+git20160522/dsp1.cpp:435:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
LogFile = fopen("dsp1emu.log", "wb");
data/libretro-snes9x-1.53+git20160522/dsp4.cpp:203:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(DSP4.output + DSP4.out_count, (d), 32); DSP4.out_count += 32; }
data/libretro-snes9x-1.53+git20160522/fxinst.cpp:236:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(GSU.pvCache, t, 512);
data/libretro-snes9x-1.53+git20160522/fxinst.cpp:244:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(GSU.pvCache, t1, i);
data/libretro-snes9x-1.53+git20160522/fxinst.cpp:245:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&GSU.pvCache[i], t2, 512 - i);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2028:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10];
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2040:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%u fps", calcFps);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2045:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%02d/%02d %02d", (int) IPPU.DisplayedRenderedFrameCount, (int) Memory.ROMFramesPerSecond, (int) IPPU.FrameCount);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2048:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "%02d/%02d", (int) IPPU.DisplayedRenderedFrameCount, (int) Memory.ROMFramesPerSecond);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2062:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[255];
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2077:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "#%d %d: (%03d,%03d) %c%c", port, ids[0], x, y,
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2090:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "#%d %d: (%03d,%03d) %c%c%c%c", port, ids[0], x, y,
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2108:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "#%d %d: (%03d,%03d) %c%c%c / (%03d,%03d) %c%c%c", port, ids[0],
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2117:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "#%d %d: ", port, ids[0]);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2136:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "#%d %d: ", port, ids[n]);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2154:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string, "#%d -", port);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libretro-snes9x-1.53+git20160522/gfx.h:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FrameDisplayString[256];
data/libretro-snes9x-1.53+git20160522/globals.cpp:236:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char String[513];
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:136:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[256];
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:172:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(key, "snes9x_sndchan_x");
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:184:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(key, "snes9x_layer_x");
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:362:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&memorydesc[MAX_MAPS - (++memorydesc_c)], desc, sizeof(struct retro_memory_descriptor));
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:485:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.BIOSROM,(const uint8_t*)info[0].data,info[0].size);
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[132];
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[132];
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:238:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2] = { 0, 0 };
data/libretro-snes9x-1.53+git20160522/logger.cpp:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/libretro-snes9x-1.53+git20160522/logger.cpp:199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "videostream%d.dat", resetno);
data/libretro-snes9x-1.53+git20160522/logger.cpp:200:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
video = fopen(buffer, "wb");
data/libretro-snes9x-1.53+git20160522/logger.cpp:207:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "audiostream%d.dat", resetno);
data/libretro-snes9x-1.53+git20160522/logger.cpp:208:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
audio = fopen(buffer, "wb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:222:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char LastRomFilename[PATH_MAX + 1] = "";
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1397:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], name[_MAX_FNAME + 1], exts[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1525:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ROMFilename,"MemoryROM");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1531:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ROM,source,sourceSize);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1788:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ROM,bios,biosSize);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1793:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ROM + offset,sourceA,sourceASize);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1797:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Multi.fileNameA,"MemCartA");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1801:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ROM + offset,sourceB,sourceBSize);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1805:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Multi.fileNameB,"MemCartB");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1829:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ROM + Multi.cartOffsetB,ROM,Multi.cartSizeB);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1882:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1886:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path, "STBIOS.bin");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1888:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(path, "rb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2028:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(S9xGetFilename(".rtc", SRAM_DIR), "rb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2043:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(S9xGetFilename(".rtc", SRAM_DIR), "wb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2066:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sramName[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2074:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2081:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(S9xGetFilename(".srm", SRAM_DIR), "rb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2099:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(sramName, "rb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2117:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2121:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path, "BS-X.srm");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2123:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(path, "rb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sramName[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX + 1], temp[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2171:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(name, "wb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2188:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(sramName, "wb");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char displayName[ROM_NAME_LEN];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3545:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[20];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3548:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Corrupt");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3550:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%dKbits", 8 * (SRAMMask + 1) / 1024);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3557:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[20];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3560:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "N/A");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3563:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Corrupt");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3565:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%dMbits", 1 << (ROMSize - 7));
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3572:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[20];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3574:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "1.%d", HiROM ? ((ExtendedFormat != NOPE) ? ROM[0x40ffdb] : ROM[0xffdb]) : ROM[0x7fdb]);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3581:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[64];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3582:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *contents[3] = { "ROM", "ROM+RAM", "ROM+RAM+BAT" };
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chip[16];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3590:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+BS");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3593:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+Super FX");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3596:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+S-DD1");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3599:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+OBC1");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3602:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+SA-1");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3605:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+SPC7110+RTC");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3608:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+SPC7110");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3611:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+S-RTC");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3614:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+C4");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3617:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+ST-010");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3620:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+ST-011");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3623:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chip, "+ST-018");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3626:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(chip, "+DSP-%d", Settings.DSP);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3684:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "\n Type: 0x%02X", ROMType);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3686:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "\n Size (calculated): %dMbits", CalculatedSize / 0x20000);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3692:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "\nChecksum (calculated): 0x%04X", CalculatedChecksum);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3694:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "\n Checksum (header): 0x%04X", ROMChecksum);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3696:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "\n Complement (header): 0x%04X", ROMComplementChecksum);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3706:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "\n CRC32: 0x%08X", ROMCRC32);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4064:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.ROM, patched_rom, target_size);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4094:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[6];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[132];
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[_MAX_DIR + 1], drive[_MAX_DRIVE + 1], name[_MAX_FNAME + 1], ext[_MAX_EXT + 1], ips[_MAX_EXT + 3], fname[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.h:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ROMFilename[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/memmap.h:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ROMName[ROM_NAME_LEN];
data/libretro-snes9x-1.53+git20160522/memmap.h:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RawROMName[ROM_NAME_LEN];
data/libretro-snes9x-1.53+git20160522/memmap.h:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ROMId[5];
data/libretro-snes9x-1.53+git20160522/memmap.h:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileNameA[PATH_MAX + 1], fileNameB[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/movie.cpp:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Filename[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/movie.cpp:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ROMName[23];
data/libretro-snes9x-1.53+git20160522/movie.cpp:468:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, Movie.InputBufferPtr, MOUSE_DATA_SIZE);
data/libretro-snes9x-1.53+git20160522/movie.cpp:476:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, Movie.InputBufferPtr, SCOPE_DATA_SIZE);
data/libretro-snes9x-1.53+git20160522/movie.cpp:484:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, Movie.InputBufferPtr, JUSTIFIER_DATA_SIZE);
data/libretro-snes9x-1.53+git20160522/movie.cpp:509:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Movie.InputBufferPtr, buf, MOUSE_DATA_SIZE);
data/libretro-snes9x-1.53+git20160522/movie.cpp:517:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Movie.InputBufferPtr, buf, SCOPE_DATA_SIZE);
data/libretro-snes9x-1.53+git20160522/movie.cpp:525:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Movie.InputBufferPtr, buf, JUSTIFIER_DATA_SIZE);
data/libretro-snes9x-1.53+git20160522/movie.cpp:701:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, Movie.InputBuffer, Movie.BytesPerSample * (Movie.MaxSample + 1));
data/libretro-snes9x-1.53+git20160522/movie.cpp:742:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Movie.InputBuffer, ptr, space_needed);
data/libretro-snes9x-1.53+git20160522/movie.cpp:772:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "rb+")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:774:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "rb")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:816:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "rb+")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:818:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "rb")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:862:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "wb")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:923:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "rb+")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:968:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen(filename, "rb")))
data/libretro-snes9x-1.53+git20160522/movie.cpp:1012:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(filename, "r+")) == NULL)
data/libretro-snes9x-1.53+git20160522/movie.cpp:1194:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(GFX.FrameDisplayString, "Playing frame: %d / %d",
data/libretro-snes9x-1.53+git20160522/movie.h:211:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t Metadata[MOVIE_MAX_METADATA];
data/libretro-snes9x-1.53+git20160522/movie.h:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ROMName[23];
data/libretro-snes9x-1.53+git20160522/netplay.cpp:299:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *)&address.sin_addr, hostinfo->h_addr,
data/libretro-snes9x-1.53+git20160522/netplay.cpp:312:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *)&address.sin_addr, &addr, sizeof (addr));
data/libretro-snes9x-1.53+git20160522/netplay.cpp:332:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [100];
data/libretro-snes9x-1.53+git20160522/netplay.cpp:345:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "Connection to server failed with error number %d",
data/libretro-snes9x-1.53+git20160522/netplay.cpp:607:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [200];
data/libretro-snes9x-1.53+git20160522/netplay.cpp:608:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "Unexpected message sequence number from server, expected %d, got %d\n", NetPlay.ServerSequenceNum, header [1]);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:890:15: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((fd = mkstemp(fname)) >= 0)
data/libretro-snes9x-1.53+git20160522/netplay.cpp:894:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [L_tmpnam];
data/libretro-snes9x-1.53+git20160522/netplay.cpp:897:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen (fname, "wb")))
data/libretro-snes9x-1.53+git20160522/netplay.cpp:905:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX +1 ];
data/libretro-snes9x-1.53+git20160522/netplay.cpp:908:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".s96");
data/libretro-snes9x-1.53+git20160522/netplay.h:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ROMName [30];
data/libretro-snes9x-1.53+git20160522/netplay.h:313:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ActionMsg [NP_MAX_ACTION_LEN];
data/libretro-snes9x-1.53+git20160522/netplay.h:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg [NP_MAX_ACTION_LEN];
data/libretro-snes9x-1.53+git20160522/netplay.h:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char WarningMsg [NP_MAX_ACTION_LEN];
data/libretro-snes9x-1.53+git20160522/ppu.cpp:1073:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(String, "Unknown register write: $%02X->$%04X\n", Byte, Address);
data/libretro-snes9x-1.53+git20160522/screenshot.cpp:202:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fname, "wb");
data/libretro-snes9x-1.53+git20160522/server.cpp:676:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (NetPlay.WarningMsg, "SERVER: Client %d has paused.", c + 1);
data/libretro-snes9x-1.53+git20160522/server.cpp:678:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (NetPlay.WarningMsg, "SERVER: Client %d has resumed.", c + 1);
data/libretro-snes9x-1.53+git20160522/server.cpp:1116:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (NetPlay.ActionMsg, "Sending ROM image to player %d...", c + 1);
data/libretro-snes9x-1.53+git20160522/server.cpp:1155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [L_tmpnam];
data/libretro-snes9x-1.53+git20160522/server.cpp:1162:15: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ( ((fd=mkstemp(fname)) >= 0) && S9xFreezeGame(fname) )
data/libretro-snes9x-1.53+git20160522/server.cpp:1207:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ff = fopen (fname, "rb")))
data/libretro-snes9x-1.53+git20160522/server.cpp:1228:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (NetPlay.ActionMsg, "SERVER: Sending freeze-file to player %d...", c + 1);
data/libretro-snes9x-1.53+git20160522/server.cpp:1300:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (NetPlay.WarningMsg, "SERVER: sending ROM load request to player %d...", i + 1);
data/libretro-snes9x-1.53+git20160522/server.cpp:1335:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (NetPlay.ActionMsg, "SERVER: Sending S-RAM to player %d...", c + 1);
data/libretro-snes9x-1.53+git20160522/seta011.cpp:272:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(board[lcv], ST011.parameters + lcv * 10, 9 * 1);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], def[_MAX_FNAME + 1], ext[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[_MAX_DRIVE + 1], dir[_MAX_DIR + 1], def[_MAX_FNAME + 1], ext[_MAX_EXT + 1];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1452:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(&buffer[strlen(SNAPSHOT_MAGIC) + 1]);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1644:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.VRAM, local_vram, 0x10000);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1646:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.RAM, local_ram, 0x20000);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1648:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.SRAM, local_sram, 0x20000);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1650:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.FillRAM, local_fillram, 0x8000);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1685:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.C4RAM, local_cx4_data, 8192);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1694:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Memory.OBC1RAM, local_obc1_data, 8192);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1703:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTCData.reg, local_rtc_data, 20);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:2034:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:2057:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:2082:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(buffer + 4);
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:630:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Settings.SoundPlaybackRate = atoi(argv[++i]);
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:642:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Settings.SoundInputRate = atoi(argv[++i]);
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:819:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Settings.Port = -atoi(argv[++i]);
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:855:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int p = atoi(argv[++i]);
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:872:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Settings.SkipFrames = atoi(argv[++i]) + 1;
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:880:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Settings.FrameTimePAL = Settings.FrameTimeNTSC = atoi(argv[++i]);
data/libretro-snes9x-1.53+git20160522/snes9x.h:208:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define OPEN_FSTREAM(f, m) fopen(f, m)
data/libretro-snes9x-1.53+git20160522/snes9x.h:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CartAName[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/snes9x.h:412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CartBName[PATH_MAX + 1];
data/libretro-snes9x-1.53+git20160522/snes9x.h:432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ServerName[128];
data/libretro-snes9x-1.53+git20160522/snes9x.h:481:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char String[513];
data/libretro-snes9x-1.53+git20160522/stream.cpp:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libretro-snes9x-1.53+git20160522/stream.cpp:362:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, head, len);
data/libretro-snes9x-1.53+git20160522/stream.cpp:371:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, head, numbytes);
data/libretro-snes9x-1.53+git20160522/stream.cpp:474:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,head,bytes);
data/libretro-snes9x-1.53+git20160522/stream.cpp:487:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(head,buf,bytes);
data/libretro-snes9x-1.53+git20160522/stream.h:241:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[unz_BUFFSIZ];
data/libretro-snes9x-1.53+git20160522/apu/apu.cpp:308:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
spc::resampler->read((short *) dest, sample_count);
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.h:40:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read ( int addr ) const;
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/SPC_DSP.h:253:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline int SPC_DSP::read( int addr ) const
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/sdsp.hpp:6:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline uint8 read(uint8 addr) {
data/libretro-snes9x-1.53+git20160522/apu/bapu/dsp/sdsp.hpp:8:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return spc_dsp.read(addr);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/debugger/disassembler.cpp:287:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t[strlen(t)] = ' ';
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/memory.cpp:16:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return dsp.read(status.dsp_addr & 0x7f);
data/libretro-snes9x-1.53+git20160522/apu/bapu/smp/smp_state.cpp:63:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
out.dsp_registers[i] = dsp.read (i);
data/libretro-snes9x-1.53+git20160522/apu/hermite_resampler.h:67:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read (short *data, int num_samples)
data/libretro-snes9x-1.53+git20160522/apu/resampler.h:13:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read (short *, int) = 0;
data/libretro-snes9x-1.53+git20160522/cheats.cpp:228:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(code) != 8 || !S9xAllHex(code, 8) || sscanf(code, "%x", &data) != 1)
data/libretro-snes9x-1.53+git20160522/cheats.cpp:242:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(code) != 14)
data/libretro-snes9x-1.53+git20160522/cheats.cpp:245:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, code, 5);
data/libretro-snes9x-1.53+git20160522/cheats.cpp:254:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, code + 5 + i * 2, 2);
data/libretro-snes9x-1.53+git20160522/cheats.cpp:271:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(code) != 9 || *(code + 4) != '-' || !S9xAllHex(code, 4) || !S9xAllHex(code + 5, 4))
data/libretro-snes9x-1.53+git20160522/cheats.cpp:275:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_code + 2, code, 4);
data/libretro-snes9x-1.53+git20160522/controls.cpp:1547:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((name[0] == '+' && name[1] == '{') || name[0] == '{') && name[strlen(name) - 1] == '}')
data/libretro-snes9x-1.53+git20160522/crosshairs.cpp:628:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(fp) != '\n')
data/libretro-snes9x-1.53+git20160522/crosshairs.cpp:647:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(fp) != '\n')
data/libretro-snes9x-1.53+git20160522/debug.cpp:2540:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Line, "r");
data/libretro-snes9x-1.53+git20160522/debug.cpp:2552:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Line[strlen(Line) - 1] = 0;
data/libretro-snes9x-1.53+git20160522/dma.cpp:342:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
spc7110_dma[i] = s7emu.decomp.read();
data/libretro-snes9x-1.53+git20160522/dsp1.cpp:429:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ignore = fwrite(Msg, strlen(Msg), 1, LogFile);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2000:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/libretro-snes9x-1.53+git20160522/gfx.cpp:2041:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S9xDisplayString(string, 2, IPPU.RenderedScreenWidth - (font_width - 1) * strlen(string) - 1, false);
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:176:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key[strlen("snes9x_sndchan_")]='1'+i;
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:187:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key[strlen("snes9x_layer_")]='1'+i;
data/libretro-snes9x-1.53+git20160522/libretro/libretro.cpp:1061:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, ".");
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:220:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
data/libretro-snes9x-1.53+git20160522/loadzip.cpp:291:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1491:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(((len = strlen(name)) == 7 || len == 8) &&
data/libretro-snes9x-1.53+git20160522/memmap.cpp:1757:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(LastRomFilename, ROMFilename, PATH_MAX + 1);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2231:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2270:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2300:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ROMName, (char *) &RomHeader[0x10], ROM_NAME_LEN - 1);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2658:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ROMName))
data/libretro-snes9x-1.53+git20160522/memmap.cpp:2660:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *p = ROMName + strlen(ROMName);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3628:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(chip, "");
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3719:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strncmp(ROMName, str, strlen(str)) == 0);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3724:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strncasecmp(ROMName, str, strlen(str)) == 0);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:3729:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strncmp(ROMId, str, strlen(str)) == 0);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4174:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int port, l = strlen(ext);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4187:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4402:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ips) > _MAX_EXT)
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4528:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ips) > _MAX_EXT)
data/libretro-snes9x-1.53+git20160522/memmap.cpp:4655:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ips) > _MAX_EXT + 1)
data/libretro-snes9x-1.53+git20160522/movie.cpp:608:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(movie->ROMName, (char *) ptr, 23);
data/libretro-snes9x-1.53+git20160522/movie.cpp:651:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) ptr, movie->ROMName, 23);
data/libretro-snes9x-1.53+git20160522/movie.cpp:842:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Movie.Filename, filename, PATH_MAX + 1);
data/libretro-snes9x-1.53+git20160522/movie.cpp:902:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Movie.ROMName, Memory.RawROMName, 23);
data/libretro-snes9x-1.53+git20160522/movie.cpp:945:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Movie.Filename, filename, PATH_MAX + 1);
data/libretro-snes9x-1.53+git20160522/movie.cpp:1009:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->ROMName, local_movie.ROMName, 23);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:201:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read(a,b,c) recv(a, b, c, 0)
data/libretro-snes9x-1.53+git20160522/netplay.cpp:364:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = 7 + 4 + strlen (NetPlay.ROMName) + 1;
data/libretro-snes9x-1.53+git20160522/netplay.cpp:907:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, fname, PATH_MAX);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:1093:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int got = read (socket, (char *) ptr, num_bytes);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:1205:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (NetPlay.ActionMsg, action, NP_MAX_ACTION_LEN - 1);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:1220:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (NetPlay.ErrorMsg, error, NP_MAX_ACTION_LEN - 1);
data/libretro-snes9x-1.53+git20160522/netplay.cpp:1234:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (NetPlay.WarningMsg, warning, NP_MAX_ACTION_LEN - 1);
data/libretro-snes9x-1.53+git20160522/server.cpp:202:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read(a,b,c) recv(a, b, c, 0)
data/libretro-snes9x-1.53+git20160522/server.cpp:307:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int got = read (socket, (char *) ptr, num_bytes);
data/libretro-snes9x-1.53+git20160522/server.cpp:525:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (NPServer.ROMName, (char *) &data [4], 29);
data/libretro-snes9x-1.53+git20160522/server.cpp:536:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 7 + 1 + 1 + 4 + strlen (NPServer.ROMName) + 1;
data/libretro-snes9x-1.53+git20160522/server.cpp:951:6: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(timeleft<(200*1000)?timeleft:(200*1000));
data/libretro-snes9x-1.53+git20160522/server.cpp:1122:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Memory.ROMFilename) + 1;
data/libretro-snes9x-1.53+git20160522/server.cpp:1135:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (Memory.ROMFilename) + 1))
data/libretro-snes9x-1.53+git20160522/server.cpp:1283:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = 7 + strlen (filename) + 1;
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1300:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WRITE_STREAM(buffer, strlen(buffer), stream);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1302:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buffer, "NAM:%06d:%s%c", (int) strlen(Memory.ROMFilename) + 1, Memory.ROMFilename, 0);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1303:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WRITE_STREAM(buffer, strlen(buffer) + 1, stream);
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1445:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(SNAPSHOT_MAGIC) + 1 + 4 + 1;
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1449:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buffer, SNAPSHOT_MAGIC, strlen(SNAPSHOT_MAGIC)) != 0)
data/libretro-snes9x-1.53+git20160522/snapshot.cpp:1452:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
version = atoi(&buffer[strlen(SNAPSHOT_MAGIC) + 1]);
data/libretro-snes9x-1.53+git20160522/snes9x.cpp:828:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Settings.ServerName, argv[++i], 127);
data/libretro-snes9x-1.53+git20160522/snes9x.h:207:27: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define GETC_FSTREAM(s) fgetc(s)
data/libretro-snes9x-1.53+git20160522/snes9x.h:218:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define READ_STREAM(p, l, s) s->read(p,l)
data/libretro-snes9x-1.53+git20160522/spc7110dec.cpp:21:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8 SPC7110Decomp::read() {
data/libretro-snes9x-1.53+git20160522/spc7110dec.cpp:71:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(index--) read();
data/libretro-snes9x-1.53+git20160522/spc7110dec.h:24:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8 read();
data/libretro-snes9x-1.53+git20160522/spc7110emu.cpp:213:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return decomp.read();
data/libretro-snes9x-1.53+git20160522/spc7110emu.h:45:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8 read (unsigned addr);
data/libretro-snes9x-1.53+git20160522/stream.cpp:260:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t fStream::read (void *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.cpp:355:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t unzStream::read (void *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.cpp:471:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t memStream::read (void *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.cpp:546:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t nulStream::read (void *buf, size_t len)
data/libretro-snes9x-1.53+git20160522/stream.h:193:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read (void *, size_t) = 0;
data/libretro-snes9x-1.53+git20160522/stream.h:208:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read (void *, size_t);
data/libretro-snes9x-1.53+git20160522/stream.h:232:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read (void *, size_t);
data/libretro-snes9x-1.53+git20160522/stream.h:256:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read (void *, size_t);
data/libretro-snes9x-1.53+git20160522/stream.h:281:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual size_t read (void *, size_t);
ANALYSIS SUMMARY:
Hits = 906
Lines analyzed = 90133 in approximately 2.07 seconds (43477 lines/second)
Physical Source Lines of Code (SLOC) = 58020
Hits@level = [0] 515 [1] 90 [2] 582 [3] 2 [4] 221 [5] 11
Hits@level+ = [0+] 1421 [1+] 906 [2+] 816 [3+] 234 [4+] 232 [5+] 11
Hits/KSLOC@level+ = [0+] 24.4916 [1+] 15.6153 [2+] 14.0641 [3+] 4.03309 [4+] 3.99862 [5+] 0.18959
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.