Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libsdl-console-2.1/docs/documentation.h
Examining data/libsdl-console-2.1/example/ConsoleExample.c
Examining data/libsdl-console-2.1/example/ConsoleExample.h
Examining data/libsdl-console-2.1/example/split.c
Examining data/libsdl-console-2.1/example/split.h
Examining data/libsdl-console-2.1/include/DT_drawtext.h
Examining data/libsdl-console-2.1/include/SDL_console.h
Examining data/libsdl-console-2.1/include/internal.h
Examining data/libsdl-console-2.1/src/DT_drawtext.c
Examining data/libsdl-console-2.1/src/SDL_console.c
Examining data/libsdl-console-2.1/src/internal.c
FINAL RESULTS:
data/libsdl-console-2.1/src/SDL_console.c:142:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->CommandLines[0], Topmost->Command);
data/libsdl-console-2.1/src/SDL_console.c:616:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->VCommand, Topmost->Prompt);
data/libsdl-console-2.1/src/SDL_console.c:679:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(temp, CON_CHARS_PER_LINE, str, marker);
data/libsdl-console-2.1/src/SDL_console.c:984:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, Topmost->RCommand);
data/libsdl-console-2.1/src/SDL_console.c:985:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->RCommand, &Topmost->LCommand[strlen(Topmost->LCommand)-1]);
data/libsdl-console-2.1/src/SDL_console.c:986:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Topmost->RCommand, temp);
data/libsdl-console-2.1/src/SDL_console.c:998:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, Topmost->RCommand);
data/libsdl-console-2.1/src/SDL_console.c:999:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->RCommand, &temp[1]);
data/libsdl-console-2.1/src/SDL_console.c:1008:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, Topmost->RCommand);
data/libsdl-console-2.1/src/SDL_console.c:1009:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->RCommand, Topmost->LCommand);
data/libsdl-console-2.1/src/SDL_console.c:1024:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, Topmost->RCommand);
data/libsdl-console-2.1/src/SDL_console.c:1025:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->RCommand, &temp[1]);
data/libsdl-console-2.1/src/SDL_console.c:1067:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Topmost->Command, Topmost->LCommand);
data/libsdl-console-2.1/src/SDL_console.c:1089:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(console->LCommand, console->CommandLines[console->CommandScrollBack]);
data/libsdl-console-2.1/src/SDL_console.c:1106:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(console->LCommand, console->CommandLines[console->CommandScrollBack]);
data/libsdl-console-2.1/example/ConsoleExample.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char framerate[30];
data/libsdl-console-2.1/example/ConsoleExample.c:113:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(framerate, "%7.2f fps", ((double)frames * 1000) / (now - then));
data/libsdl-console-2.1/example/ConsoleExample.c:188:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(argv[++loop]);
data/libsdl-console-2.1/example/ConsoleExample.c:190:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
height = atoi(argv[++loop]);
data/libsdl-console-2.1/example/ConsoleExample.c:192:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
depth = atoi(argv[++loop]);
data/libsdl-console-2.1/example/ConsoleExample.c:391:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CON_Alpha(console, atoi(argv[1]));
data/libsdl-console-2.1/example/ConsoleExample.c:404:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = atoi(argv[1]);
data/libsdl-console-2.1/example/ConsoleExample.c:405:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
y = atoi(argv[2]);
data/libsdl-console-2.1/example/ConsoleExample.c:418:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = atoi(argv[1]);
data/libsdl-console-2.1/example/ConsoleExample.c:419:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
y = atoi(argv[2]);
data/libsdl-console-2.1/example/ConsoleExample.c:432:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rect.x = atoi(argv[1]);
data/libsdl-console-2.1/example/ConsoleExample.c:433:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rect.y = atoi(argv[2]);
data/libsdl-console-2.1/example/ConsoleExample.c:434:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rect.w = atoi(argv[3]);
data/libsdl-console-2.1/example/ConsoleExample.c:435:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rect.h = atoi(argv[4]);
data/libsdl-console-2.1/include/SDL_console.h:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Command[CON_CHARS_PER_LINE+1]; /*! current command in command line = lcommand + rcommand (Get's updated in AssembleCommand())*/
data/libsdl-console-2.1/include/SDL_console.h:88:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RCommand[CON_CHARS_PER_LINE+1]; /*! left hand side of cursor */
data/libsdl-console-2.1/include/SDL_console.h:89:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LCommand[CON_CHARS_PER_LINE+1]; /*! right hand side of cursor */
data/libsdl-console-2.1/include/SDL_console.h:90:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VCommand[CON_CHARS_PER_LINE+1]; /*! current visible command line */
data/libsdl-console-2.1/src/SDL_console.c:672:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[CON_CHARS_PER_LINE+1];
data/libsdl-console-2.1/src/SDL_console.c:980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[CON_CHARS_PER_LINE+1];
data/libsdl-console-2.1/src/SDL_console.c:993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[CON_CHARS_PER_LINE+1];
data/libsdl-console-2.1/src/SDL_console.c:1005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[CON_CHARS_PER_LINE+1];
data/libsdl-console-2.1/src/SDL_console.c:1021:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[CON_CHARS_PER_LINE+1];
data/libsdl-console-2.1/src/DT_drawtext.c:155:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(string) < (surface->w - x) / CurrentFont->CharWidth)
data/libsdl-console-2.1/src/DT_drawtext.c:156:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
characters = strlen(string);
data/libsdl-console-2.1/src/SDL_console.c:138:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Topmost->Command) > 0) {
data/libsdl-console-2.1/src/SDL_console.c:605:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
commandbuffer = Topmost->VChars - strlen(Topmost->Prompt) - 1; /* -1 to make cursor visible */
data/libsdl-console-2.1/src/SDL_console.c:619:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(Topmost->VCommand, &Topmost->Command[Topmost->Offset], strlen(&Topmost->Command[Topmost->Offset]));
data/libsdl-console-2.1/src/SDL_console.c:619:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(Topmost->VCommand, &Topmost->Command[Topmost->Offset], strlen(&Topmost->Command[Topmost->Offset]));
data/libsdl-console-2.1/src/SDL_console.c:655:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = CON_CHAR_BORDER + Topmost->FontWidth * (Topmost->CursorPos - Topmost->Offset + strlen(Topmost->Prompt));
data/libsdl-console-2.1/src/SDL_console.c:689:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(strlen(ptemp) > console->VChars) {
data/libsdl-console-2.1/src/SDL_console.c:691:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(console->ConsoleLines[0], ptemp, console->VChars);
data/libsdl-console-2.1/src/SDL_console.c:696:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(console->ConsoleLines[0], ptemp, console->VChars);
data/libsdl-console-2.1/src/SDL_console.c:900:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(newprompt) < console->VChars)
data/libsdl-console-2.1/src/SDL_console.c:953:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(command);
data/libsdl-console-2.1/src/SDL_console.c:985:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(Topmost->RCommand, &Topmost->LCommand[strlen(Topmost->LCommand)-1]);
data/libsdl-console-2.1/src/SDL_console.c:987:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Topmost->LCommand[strlen(Topmost->LCommand)-1] = '\0';
data/libsdl-console-2.1/src/SDL_console.c:995:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(Topmost->CursorPos < strlen(Topmost->Command)) {
data/libsdl-console-2.1/src/SDL_console.c:997:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(Topmost->LCommand, Topmost->RCommand, 1);
data/libsdl-console-2.1/src/SDL_console.c:1010:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(Topmost->RCommand, temp, strlen(temp));
data/libsdl-console-2.1/src/SDL_console.c:1010:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(Topmost->RCommand, temp, strlen(temp));
data/libsdl-console-2.1/src/SDL_console.c:1015:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Topmost->CursorPos = strlen(Topmost->Command);
data/libsdl-console-2.1/src/SDL_console.c:1016:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(Topmost->LCommand, Topmost->RCommand, strlen(Topmost->RCommand));
data/libsdl-console-2.1/src/SDL_console.c:1016:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(Topmost->LCommand, Topmost->RCommand, strlen(Topmost->RCommand));
data/libsdl-console-2.1/src/SDL_console.c:1023:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Topmost->RCommand) > 0) {
data/libsdl-console-2.1/src/SDL_console.c:1036:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Topmost->LCommand[strlen(Topmost->LCommand)-1] = '\0';
data/libsdl-console-2.1/src/SDL_console.c:1045:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(Topmost->Command) + 1 < CON_CHARS_PER_LINE && event->key.keysym.unicode) {
data/libsdl-console-2.1/src/SDL_console.c:1047:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(Topmost->LCommand);
data/libsdl-console-2.1/src/SDL_console.c:1066:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = CON_CHARS_PER_LINE - strlen(Topmost->LCommand);
data/libsdl-console-2.1/src/SDL_console.c:1068:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(Topmost->Command, Topmost->RCommand, len);
data/libsdl-console-2.1/src/SDL_console.c:1090:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
console->CursorPos = strlen(console->CommandLines[console->CommandScrollBack]);
data/libsdl-console-2.1/src/SDL_console.c:1107:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
console->CursorPos = strlen(console->LCommand);
ANALYSIS SUMMARY:
Hits = 67
Lines analyzed = 2468 in approximately 0.09 seconds (26257 lines/second)
Physical Source Lines of Code (SLOC) = 1482
Hits@level = [0] 6 [1] 29 [2] 23 [3] 0 [4] 15 [5] 0
Hits@level+ = [0+] 73 [1+] 67 [2+] 38 [3+] 15 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 49.2578 [1+] 45.2092 [2+] 25.641 [3+] 10.1215 [4+] 10.1215 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.