Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/lvtk-1.2.0~dfsg0/examples/beep.cpp Examining data/lvtk-1.2.0~dfsg0/examples/beep_ui.cpp Examining data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp Examining data/lvtk-1.2.0~dfsg0/examples/workhorse_ui.cpp Examining data/lvtk-1.2.0~dfsg0/examples/silence_ui.cpp Examining data/lvtk-1.2.0~dfsg0/examples/silence.cpp Examining data/lvtk-1.2.0~dfsg0/src/ui.cpp Examining data/lvtk-1.2.0~dfsg0/src/plugin.cpp Examining data/lvtk-1.2.0~dfsg0/lvtk/feature.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/behaviors/write_midi.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/qt4ui.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/private/ui_features.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/private/debug.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/private/types.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/plugin.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/gtkui.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ui.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/lvtk.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/synth.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/data_access.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/log.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/urid.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/units.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/bufsize.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/state.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/time.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/resize_port.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/instance_access.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/common.h Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/urimap.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/extra.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/worker.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/options.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/event.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/patch.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/midi.hpp Examining data/lvtk-1.2.0~dfsg0/lvtk/ext/morph.hpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/turtleparser.cpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/rdf.cpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/unicode.hpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/query.hpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/rdf.hpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/turtleparser.hpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/query.cpp Examining data/lvtk-1.2.0~dfsg0/tools/libpaq/namespaces.hpp Examining data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp FINAL RESULTS: data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp:72:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (log_Entry, ss.str().c_str()); data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp:88:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (log_Trace, "[workhorse] scheduled a job\n"); data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp:92:17: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (log_Trace, "[workhorse] unknown scheduling error\n"); data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp:106:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (log_Trace, "[workhorse] woke up. message: %s\n", (char*)body); data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp:118:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (log_Entry, "[workhorse] taking a nap now\n"); data/lvtk-1.2.0~dfsg0/lvtk/ext/log.hpp:86:13: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf (LV2_URID type, const char* fmt, va_list ap) data/lvtk-1.2.0~dfsg0/lvtk/ext/log.hpp:89:35: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return p_log->vprintf(p_log->handle, type, fmt, ap); data/lvtk-1.2.0~dfsg0/lvtk/ext/log.hpp:90:26: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return ::vprintf (fmt, ap); data/lvtk-1.2.0~dfsg0/lvtk/ext/log.hpp:101:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (LV2_URID type, const char* fmt, ...) data/lvtk-1.2.0~dfsg0/lvtk/ext/log.hpp:106:32: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int res (this->vprintf(type, fmt, argptr)); data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp:357:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos, &ev, sizeof (AtomEvent)); data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp:358:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos + 1, LV2_ATOM_BODY_CONST (&ev.body), ev.body.size); data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp:383:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos, &ev, sizeof (AtomEvent)); data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp:384:16: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pos + 1, LV2_ATOM_BODY_CONST (&ev.body), ev.body.size); data/lvtk-1.2.0~dfsg0/lvtk/private/ui_features.hpp:58:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&mixin->m_subscribe, ps, sizeof (LV2UI_Port_Subscribe)); data/lvtk-1.2.0~dfsg0/tools/libpaq/turtleparser.cpp:628:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(file.c_str(), O_RDONLY)) == -1) data/lvtk-1.2.0~dfsg0/tools/libpaq/turtleparser.cpp:642:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:123:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int port_index = atoi(qr[i][index]->name.c_str()); data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:144:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int port_index = atoi(qr[i][index]->name.c_str()); data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:172:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ports[atoi(qr[i][index]->name.c_str())].min = data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:182:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ports[atoi(qr[i][index]->name.c_str())].max = data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:192:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ports[atoi(qr[i][index]->name.c_str())].default_value = data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:204:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ports[atoi(qr[i][index]->name.c_str())].toggled = true; data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:206:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ports[atoi(qr[i][index]->name.c_str())].integer = true; data/lvtk-1.2.0~dfsg0/tools/ttl2c.cpp:208:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ports[atoi(qr[i][index]->name.c_str())].logarithmic = true; data/lvtk-1.2.0~dfsg0/examples/silence.cpp:73:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(msg), urids.atom_String, data/lvtk-1.2.0~dfsg0/examples/workhorse.cpp:83:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). WorkerStatus status (schedule_work (strlen(msg) + 1, (void*)msg)); data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp:615:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return lv2_atom_forge_string (this, str, strlen (str)); data/lvtk-1.2.0~dfsg0/lvtk/ext/atom.hpp:624:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return lv2_atom_forge_uri (this, uri, strlen (uri)); ANALYSIS SUMMARY: Hits = 29 Lines analyzed = 9460 in approximately 0.27 seconds (34868 lines/second) Physical Source Lines of Code (SLOC) = 5045 Hits@level = [0] 0 [1] 4 [2] 15 [3] 0 [4] 10 [5] 0 Hits@level+ = [0+] 29 [1+] 29 [2+] 25 [3+] 10 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 5.74827 [1+] 5.74827 [2+] 4.9554 [3+] 1.98216 [4+] 1.98216 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.