Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c
Examining data/mupen64plus-input-sdl-2.5.9/src/autoconfig.h
Examining data/mupen64plus-input-sdl-2.5.9/src/config.c
Examining data/mupen64plus-input-sdl-2.5.9/src/config.h
Examining data/mupen64plus-input-sdl-2.5.9/src/osal_dynamiclib.h
Examining data/mupen64plus-input-sdl-2.5.9/src/osal_dynamiclib_unix.c
Examining data/mupen64plus-input-sdl-2.5.9/src/osal_dynamiclib_win32.c
Examining data/mupen64plus-input-sdl-2.5.9/src/osal_preproc.h
Examining data/mupen64plus-input-sdl-2.5.9/src/plugin.h
Examining data/mupen64plus-input-sdl-2.5.9/src/sdl_key_converter.c
Examining data/mupen64plus-input-sdl-2.5.9/src/sdl_key_converter.h
Examining data/mupen64plus-input-sdl-2.5.9/src/plugin.c
Examining data/mupen64plus-input-sdl-2.5.9/src/version.h
FINAL RESULTS:
data/mupen64plus-input-sdl-2.5.9/src/config.c:315:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:320:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:329:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:333:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Param, "hat(%i %s) ", controller[iCtrlIdx].button[j].hat, HAT_POS_NAME(controller[iCtrlIdx].button[j].hat_pos));
data/mupen64plus-input-sdl-2.5.9/src/config.c:334:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:339:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:361:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:366:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:372:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/config.c:376:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Param, "hat(%i %s %s) ", controller[iCtrlIdx].axis[j].hat,
data/mupen64plus-input-sdl-2.5.9/src/config.c:379:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ParamString, Param);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:128:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(msgbuf, message, args);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:802:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "/dev/input/%s", ep->d_name);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:808:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(ep->d_name, "input:%s", temp2);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:809:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "/dev/input/%s", temp2);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:816:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, ep->d_name);
data/mupen64plus-input-sdl-2.5.9/src/osal_dynamiclib_win32.c:34:19: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
*pLibHandle = LoadLibrary(pccLibraryPath);
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paramString[1024];
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Word[64];
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:219:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pfIn = fopen(CfgFilePath, "rb");
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:283:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SectionName[32];
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:285:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "AutoConfig%i", ControllersFound);
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:314:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int iVal = atoi(pivot);
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:339:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SectionName[32];
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:347:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "AutoConfig%i", ControllersFound);
data/mupen64plus-input-sdl-2.5.9/src/config.c:122:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char JoyName[256];
data/mupen64plus-input-sdl-2.5.9/src/config.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_str[256], value1_str[16], value2_str[16];
data/mupen64plus-input-sdl-2.5.9/src/config.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SectionName[32], Param[32], ParamString[128];
data/mupen64plus-input-sdl-2.5.9/src/config.c:281:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", iCtrlIdx + 1);
data/mupen64plus-input-sdl-2.5.9/src/config.c:299:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "%.2f,%.2f", controller[iCtrlIdx].mouse_sens[0], controller[iCtrlIdx].mouse_sens[1]);
data/mupen64plus-input-sdl-2.5.9/src/config.c:301:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "%i,%i", controller[iCtrlIdx].axis_deadzone[0], controller[iCtrlIdx].axis_deadzone[1]);
data/mupen64plus-input-sdl-2.5.9/src/config.c:303:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "%i,%i", controller[iCtrlIdx].axis_peak[0], controller[iCtrlIdx].axis_peak[1]);
data/mupen64plus-input-sdl-2.5.9/src/config.c:314:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "key(%i) ", sdl_native2keysym(controller[iCtrlIdx].button[j].key));
data/mupen64plus-input-sdl-2.5.9/src/config.c:319:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "button(%i) ", controller[iCtrlIdx].button[j].button);
data/mupen64plus-input-sdl-2.5.9/src/config.c:325:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "axis(%i%c,%i) ", controller[iCtrlIdx].button[j].axis, (controller[iCtrlIdx].button[j].axis_dir == -1) ? '-' : '+',
data/mupen64plus-input-sdl-2.5.9/src/config.c:328:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "axis(%i%c) ", controller[iCtrlIdx].button[j].axis, (controller[iCtrlIdx].button[j].axis_dir == -1) ? '-' : '+');
data/mupen64plus-input-sdl-2.5.9/src/config.c:338:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "mouse(%i) ", controller[iCtrlIdx].button[j].mouse);
data/mupen64plus-input-sdl-2.5.9/src/config.c:360:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "key(%i,%i) ", sdl_native2keysym(controller[iCtrlIdx].axis[j].key_a), sdl_native2keysym(controller[iCtrlIdx].axis[j].key_b));
data/mupen64plus-input-sdl-2.5.9/src/config.c:365:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "button(%i,%i) ", controller[iCtrlIdx].axis[j].button_a, controller[iCtrlIdx].axis[j].button_b);
data/mupen64plus-input-sdl-2.5.9/src/config.c:370:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Param, "axis(%i%c,%i%c) ", controller[iCtrlIdx].axis[j].axis_a, (controller[iCtrlIdx].axis[j].axis_dir_a <= 0) ? '-' : '+',
data/mupen64plus-input-sdl-2.5.9/src/config.c:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SectionName[32];
data/mupen64plus-input-sdl-2.5.9/src/config.c:406:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", n64CtrlStart + 1);
data/mupen64plus-input-sdl-2.5.9/src/config.c:429:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char AutoSectionName[32];
data/mupen64plus-input-sdl-2.5.9/src/config.c:430:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(AutoSectionName, "AutoConfig%i", j);
data/mupen64plus-input-sdl-2.5.9/src/config.c:441:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", n64CtrlStart + j + 1);
data/mupen64plus-input-sdl-2.5.9/src/config.c:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SectionName[32];
data/mupen64plus-input-sdl-2.5.9/src/config.c:505:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DeviceName[4][256];
data/mupen64plus-input-sdl-2.5.9/src/config.c:524:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", n64CtrlIdx + 1);
data/mupen64plus-input-sdl-2.5.9/src/config.c:578:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", n64CtrlIdx + 1);
data/mupen64plus-input-sdl-2.5.9/src/config.c:606:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", n64CtrlIdx + 1);
data/mupen64plus-input-sdl-2.5.9/src/config.c:674:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SectionName, "Input-SDL-Control%i", n64CtrlIdx + 1);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:110:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char myKeyState[SDL_NUM_SCANCODES];
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[1024];
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:786:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[128];
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:787:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp2[128];
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:792:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp,"/sys/class/input/js%d/device", controller[cntrl].device);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:832:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
controller[cntrl].event_joystick = open(temp, O_RDWR);
data/mupen64plus-input-sdl-2.5.9/src/plugin.h:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char JoyName[256];
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:42:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pEnd = pIn + strlen(pIn) - 1;
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:162:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (wordPtr != NULL && strlen(wordPtr) > 0)
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:173:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Word, wordPtr, 63);
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:181:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Word, wordPtr, length);
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:212:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CfgFilePath == NULL || strlen(CfgFilePath) < 1)
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:267:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pchCurLine) < 1 || *pchCurLine == ';' || *pchCurLine == '#')
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:271:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*pchCurLine == '[' && pchCurLine[strlen(pchCurLine)-1] == ']')
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:278:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pchCurLine[strlen(pchCurLine)-1] = 0;
data/mupen64plus-input-sdl-2.5.9/src/autoconfig.c:330:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pchCurLine[strlen(pchCurLine)-1] == ':')
data/mupen64plus-input-sdl-2.5.9/src/config.c:131:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(JoyName, joySDLName, 255);
data/mupen64plus-input-sdl-2.5.9/src/config.c:216:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(config_ptr, "hat(%i %15s", &controller[i].button[j].hat, value1_str) != 2)
data/mupen64plus-input-sdl-2.5.9/src/config.c:220:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = &value1_str[strlen(value1_str) - 1];
data/mupen64plus-input-sdl-2.5.9/src/config.c:260:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(config_ptr, "hat(%i %15s %15s", &controller[i].axis[axis_idx].hat, value1_str, value2_str) != 3)
data/mupen64plus-input-sdl-2.5.9/src/config.c:264:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = &value2_str[strlen(value2_str) - 1];
data/mupen64plus-input-sdl-2.5.9/src/config.c:346:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ParamString);
data/mupen64plus-input-sdl-2.5.9/src/config.c:386:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ParamString);
data/mupen64plus-input-sdl-2.5.9/src/plugin.c:815:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "/");
data/mupen64plus-input-sdl-2.5.9/src/plugin.h:58:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(JoyName, name, 255);
ANALYSIS SUMMARY:
Hits = 76
Lines analyzed = 3378 in approximately 0.13 seconds (26793 lines/second)
Physical Source Lines of Code (SLOC) = 2562
Hits@level = [0] 14 [1] 18 [2] 41 [3] 1 [4] 16 [5] 0
Hits@level+ = [0+] 90 [1+] 76 [2+] 58 [3+] 17 [4+] 16 [5+] 0
Hits/KSLOC@level+ = [0+] 35.1288 [1+] 29.6643 [2+] 22.6386 [3+] 6.63544 [4+] 6.24512 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.