Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mupen64plus-ui-console-2.5.9/src/cheat.c
Examining data/mupen64plus-ui-console-2.5.9/src/cheat.h
Examining data/mupen64plus-ui-console-2.5.9/src/compare_core.c
Examining data/mupen64plus-ui-console-2.5.9/src/compare_core.h
Examining data/mupen64plus-ui-console-2.5.9/src/core_interface.h
Examining data/mupen64plus-ui-console-2.5.9/src/debugger.c
Examining data/mupen64plus-ui-console-2.5.9/src/debugger.h
Examining data/mupen64plus-ui-console-2.5.9/src/main.c
Examining data/mupen64plus-ui-console-2.5.9/src/osal_dynamiclib.h
Examining data/mupen64plus-ui-console-2.5.9/src/osal_dynamiclib_unix.c
Examining data/mupen64plus-ui-console-2.5.9/src/osal_dynamiclib_win32.c
Examining data/mupen64plus-ui-console-2.5.9/src/osal_files.h
Examining data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c
Examining data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c
Examining data/mupen64plus-ui-console-2.5.9/src/osal_preproc.h
Examining data/mupen64plus-ui-console-2.5.9/src/plugin.c
Examining data/mupen64plus-ui-console-2.5.9/src/plugin.h
Examining data/mupen64plus-ui-console-2.5.9/src/main.h
Examining data/mupen64plus-ui-console-2.5.9/src/core_interface.c
Examining data/mupen64plus-ui-console-2.5.9/src/version.h
FINAL RESULTS:
data/mupen64plus-ui-console-2.5.9/src/core_interface.c:153:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(libPath, "/" OSAL_DEFAULT_DYNLIB_FILENAME);
data/mupen64plus-ui-console-2.5.9/src/debugger.c:164:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(regs[i] == 0 ? format_nopad : format_padded,
data/mupen64plus-ui-console-2.5.9/src/main.c:97:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msgbuf, 1024, message, args);
data/mupen64plus-ui-console-2.5.9/src/main.c:179:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(str, size, fmt, args);
data/mupen64plus-ui-console-2.5.9/src/main.c:308:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(key, sizeof(key), key_fmt, i); \
data/mupen64plus-ui-console-2.5.9/src/main.c:309:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(desc, sizeof(desc), desc_fmt, i); \
data/mupen64plus-ui-console-2.5.9/src/main.c:426:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ParsedString, ParamSpec);
data/mupen64plus-ui-console-2.5.9/src/main.h:25:88: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern void DebugMessage(int level, const char *message, ...) __attribute__ ((format (printf, 2, 3)));
data/mupen64plus-ui-console-2.5.9/src/osal_files.h:37:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/mupen64plus-ui-console-2.5.9/src/osal_files.h:37:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:52:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pchSearchPath, "%s\\*.dll", searchpath);
data/mupen64plus-ui-console-2.5.9/src/osal_preproc.h:55:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(...) __android_log_print(ANDROID_LOG_VERBOSE, "UI-Console", __VA_ARGS__)
data/mupen64plus-ui-console-2.5.9/src/plugin.c:100:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(g_PluginMap[MapIndex].filename, filepath);
data/mupen64plus-ui-console-2.5.9/src/osal_dynamiclib_win32.c:35:19: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
*pLibHandle = LoadLibrary(pccLibraryPath);
data/mupen64plus-ui-console-2.5.9/src/cheat.c:214:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fPtr = fopen(romdbpath, "rb");
data/mupen64plus-ui-console-2.5.9/src/cheat.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char RomSection[24];
data/mupen64plus-ui-console-2.5.9/src/cheat.c:364:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(RomSection, "%08X-%08X-C:%X", sl(l_RomHeader.CRC1), sl(l_RomHeader.CRC2), l_RomHeader.Country_code & 0xff);
data/mupen64plus-ui-console-2.5.9/src/compare_core.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errHead[128];
data/mupen64plus-ui-console-2.5.9/src/compare_core.c:125:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errHead, "Compare #%i old_op: %x op: %x\n", comparecnt++, old_op, cur_opcode);
data/mupen64plus-ui-console-2.5.9/src/compare_core.c:221:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fPipe = fopen("compare_pipe", "r");
data/mupen64plus-ui-console-2.5.9/src/compare_core.c:226:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fPipe = fopen("compare_pipe", "w");
data/mupen64plus-ui-console-2.5.9/src/core_interface.c:150:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libPath[1024 + 32];
data/mupen64plus-ui-console-2.5.9/src/debugger.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[256];
data/mupen64plus-ui-console-2.5.9/src/debugger.c:246:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op[64];
data/mupen64plus-ui-console-2.5.9/src/debugger.c:247:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[64];
data/mupen64plus-ui-console-2.5.9/src/main.c:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[1024];
data/mupen64plus-ui-console-2.5.9/src/main.c:304:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64];
data/mupen64plus-ui-console-2.5.9/src/main.c:305:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[2048];
data/mupen64plus-ui-console-2.5.9/src/main.c:462:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ValueInt = atoi(VarValue);
data/mupen64plus-ui-console-2.5.9/src/main.c:511:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
OutputList[idx++] = atoi(str);
data/mupen64plus-ui-console-2.5.9/src/main.c:669:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int emumode = atoi(argv[i+1]);
data/mupen64plus-ui-console-2.5.9/src/main.c:779:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[4096];
data/mupen64plus-ui-console-2.5.9/src/main.c:830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64];
data/mupen64plus-ui-console-2.5.9/src/main.c:966:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fPtr = fopen(l_ROMFilepath, "rb");
data/mupen64plus-ui-console-2.5.9/src/osal_files.h:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[PATH_MAX];
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *osal_libsearchpath[4] = { PLUGINDIR, "/usr/local/lib/mupen64plus", "/usr/lib/mupen64plus", "./" };
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:44:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *osal_libsearchpath[3] = { "/usr/local/lib/mupen64plus", "/usr/lib/mupen64plus", "./" };
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:38:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *osal_libsearchpath[1] = { ".\\" };
data/mupen64plus-ui-console-2.5.9/src/plugin.c:141:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char libPath[1024];
data/mupen64plus-ui-console-2.5.9/src/plugin.h:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/mupen64plus-ui-console-2.5.9/src/plugin.h:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX];
data/mupen64plus-ui-console-2.5.9/src/cheat.c:258:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *endptr = curline + strlen(curline) - 1;
data/mupen64plus-ui-console-2.5.9/src/cheat.c:349:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (CheatMode == CHEAT_DISABLE || (CheatMode == CHEAT_LIST && strlen(CheatNumList) == 0))
data/mupen64plus-ui-console-2.5.9/src/debugger.c:202:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
input[strlen(input) - 1] = 0;
data/mupen64plus-ui-console-2.5.9/src/debugger.c:532:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(input) == 0)
data/mupen64plus-ui-console-2.5.9/src/main.c:213:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_first = strlen(first);
data/mupen64plus-ui-console-2.5.9/src/main.c:420:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ParsedString = (char *) malloc(strlen(ParamSpec) + 1);
data/mupen64plus-ui-console-2.5.9/src/main.c:809:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(value);
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:67:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(entry->d_name + strlen(entry->d_name) - strlen(suffix), suffix) != 0)
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:67:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(entry->d_name + strlen(entry->d_name) - strlen(suffix), suffix) != 0)
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:88:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(curr->filepath, searchpath, PATH_MAX-2);
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:90:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (curr->filepath[strlen(curr->filepath)-1] != '/')
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:91:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curr->filepath, "/");
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:92:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathlen = strlen(curr->filepath);
data/mupen64plus-ui-console-2.5.9/src/osal_files_unix.c:94:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(curr->filepath, entry->d_name, PATH_MAX - pathlen - 1);
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:46:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pchSearchPath = (char *) malloc(strlen(searchpath) + 16);
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:81:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(curr->filepath, searchpath, PATH_MAX-2);
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:83:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (curr->filepath[strlen(curr->filepath)-1] != '\\')
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:84:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curr->filepath, "\\");
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:85:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pathlen = (int) strlen(curr->filepath);
data/mupen64plus-ui-console-2.5.9/src/osal_files_win32.c:87:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(curr->filepath, entry.cFileName, PATH_MAX - pathlen - 1);
data/mupen64plus-ui-console-2.5.9/src/plugin.c:144:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(libPath, "/");
data/mupen64plus-ui-console-2.5.9/src/plugin.c:197:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(curr->filename, cmdline_path, strlen(cmdline_path)) == 0)
data/mupen64plus-ui-console-2.5.9/src/plugin.c:213:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (config_path != NULL && strlen(config_path) > 0)
data/mupen64plus-ui-console-2.5.9/src/plugin.c:229:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(curr->filename, config_path, strlen(config_path)) == 0)
ANALYSIS SUMMARY:
Hits = 65
Lines analyzed = 3925 in approximately 0.14 seconds (29049 lines/second)
Physical Source Lines of Code (SLOC) = 2811
Hits@level = [0] 114 [1] 24 [2] 27 [3] 1 [4] 13 [5] 0
Hits@level+ = [0+] 179 [1+] 65 [2+] 41 [3+] 14 [4+] 13 [5+] 0
Hits/KSLOC@level+ = [0+] 63.6784 [1+] 23.1234 [2+] 14.5856 [3+] 4.98043 [4+] 4.62469 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.