Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/AdvancedCombinerManager.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/AdvancedCombinerManager.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/AdvancedTexEnvCombiner.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/AdvancedTexEnvCombiner.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerBase.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerBase.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerCache.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerCache.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerStageCreator.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerStageCreator.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerStageMerger.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerStageMerger.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/CombinerStructs.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/DummyCombiner.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/DummyCombiner.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/SimpleTexEnvCombiner.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Combiner/SimpleTexEnvCombiner.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/DisplayListParser.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/DisplayListParser.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ExtensionChecker.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ExtensionChecker.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/FogManager.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/FogManager.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/GBI/GBI.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/GBI/GBI.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/GBI/GBIDefs.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/GraphicsPlugin.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/GraphicsPlugin.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Memory.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/Memory.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/MultiTexturingExt.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/MultiTexturingExt.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/N64Games.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/OpenGL.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/OpenGLManager.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/OpenGLManager.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RDP/RDP.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RDP/RDP.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RDP/RDPInstructions.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RDP/RDPInstructions.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RDP/RDPUCodeStructs.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSP.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSP.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSPLightManager.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSPLightManager.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSPMatrixManager.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSPMatrixManager.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSPVertexManager.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RSP/RSPVertexManager.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RomDetector.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/RomDetector.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/SecondaryColorExt.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/SecondaryColorExt.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/UCodeDefs.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/VI.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/VI.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/config/Config.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/config/Config.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/config/ConfigMap.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/config/StringFunctions.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/config/StringFunctions.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/config/StringValue.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/framebuffer/FrameBuffer.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/framebuffer/FrameBuffer.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/hash/CRCCalculator.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/hash/CRCCalculator.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/hash/CRCCalculator2.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/hash/CRCCalculator2.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/log/Logger.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/log/Logger.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/m64p.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/main.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/math/MathLib.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/math/Matrix4.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/math/Matrix4.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/osal_dynamiclib.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/osal_dynamiclib_unix.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/osal_dynamiclib_win32.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/renderer/OpenGL2DRenderer.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/renderer/OpenGL2DRenderer.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/renderer/OpenGLRenderer.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/renderer/OpenGLRenderer.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/CachedTexture.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/CachedTexture.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/ImageFormatSelector.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/ImageFormatSelector.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/TextureCache.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/TextureCache.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/TextureLoader.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/texture/TextureLoader.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode0.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode0.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode1.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode1.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode10.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode10.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode2.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode2.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode3.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode3.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode4.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode4.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode5.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode5.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode6.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode6.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode7.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode7.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode8.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode8.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode9.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCode9.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeIdentificationData.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp
Examining data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.h
Examining data/mupen64plus-video-arachnoid-2.5.9/src/utils/MemoryLeakDetector.h
FINAL RESULTS:
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:238:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(logMsg, "Selected UCode %d String=%s", ucode, ucodeString);
data/mupen64plus-video-arachnoid-2.5.9/src/osal_dynamiclib_win32.cpp:34:19: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
*pLibHandle = LoadLibrary(pccLibraryPath);
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:202:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char Five2Eight[32] =
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:238:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char Four2Eight[16] =
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:258:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char Three2Four[8] =
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:270:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char Three2Eight[8] =
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:281:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char Two2Eight[4] =
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:289:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char One2Four[2] =
data/mupen64plus-video-arachnoid-2.5.9/src/Assembler/assembler.h:295:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char One2Eight[2] =
data/mupen64plus-video-arachnoid-2.5.9/src/RomDetector.cpp:54:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_romHeader, romHeader, sizeof(ROMHeader));
data/mupen64plus-video-arachnoid-2.5.9/src/RomDetector.cpp:73:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
N64_ROM_ID ROMDetector::_getRomID(char romName[20])
data/mupen64plus-video-arachnoid-2.5.9/src/RomDetector.h:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char romName[20]; //!< Name of rom, used to identify what rom it is.
data/mupen64plus-video-arachnoid-2.5.9/src/RomDetector.h:133:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
N64_ROM_ID _getRomID(char romName[20]);
data/mupen64plus-video-arachnoid-2.5.9/src/config/StringValue.h:101:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(data.c_str());
data/mupen64plus-video-arachnoid-2.5.9/src/config/StringValue.h:104:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (short) atoi(data.c_str());
data/mupen64plus-video-arachnoid-2.5.9/src/config/StringValue.h:107:16: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atol(data.c_str());
data/mupen64plus-video-arachnoid-2.5.9/src/main.cpp:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logMsg[530];
data/mupen64plus-video-arachnoid-2.5.9/src/main.cpp:115:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logMsg, "Core emulator broken; no CoreAPIVersionFunc() function found.");
data/mupen64plus-video-arachnoid-2.5.9/src/main.cpp:123:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logMsg, "Emulator core Config API (v%i.%i.%i) incompatible with plugin (v%i.%i.%i)",
data/mupen64plus-video-arachnoid-2.5.9/src/main.cpp:130:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logMsg, "Emulator core Video Extension API (v%i.%i.%i) incompatible with plugin (v%i.%i.%i)",
data/mupen64plus-video-arachnoid-2.5.9/src/main.cpp:251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&g_graphicsInfo, &Gfx_Info, sizeof(GFX_INFO));
data/mupen64plus-video-arachnoid-2.5.9/src/renderer/OpenGLRenderer.h:98:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_triangles[300][3]; //!< Triangles used to index vertices
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucodeString[500];
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logMsg[530];
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:243:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logMsg, "Selected UCode %d Could not find UCode String ", ucode);
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:257:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool UCodeSelector::_extractUCodeString(unsigned int ucDataStart, char out[500])
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:296:91: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int UCodeSelector::_detectUCode(unsigned int crcUCodeDataSize, unsigned int crc800, const char ucodeStr[500])
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:320:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int UCodeSelector::_detectUCodeFromString(const char ucodeStr[500])
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.h:52:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool _extractUCodeString(unsigned int ucDataStart, char out[500]);
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.h:53:80: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int _detectUCode(unsigned int crcUCodeDataSize, unsigned int crc800, const char ucodeStr[500]);
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.h:54:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int _detectUCodeFromString(const char ucodeStr[500]);
data/mupen64plus-video-arachnoid-2.5.9/src/ExtensionChecker.cpp:50:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
terminator = where + strlen(extension);
data/mupen64plus-video-arachnoid-2.5.9/src/config/StringFunctions.cpp:107:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* end = &str[strlen(str)-1];
data/mupen64plus-video-arachnoid-2.5.9/src/config/StringFunctions.cpp:138:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* end = str + strlen(str) - 1;
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:324:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strnicmp( ucodeStr, tempUCode0, strlen(tempUCode0) ) == 0 )
data/mupen64plus-video-arachnoid-2.5.9/src/ucodes/UCodeSelector.cpp:335:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strnicmp(ucodeStr, temp, strlen(temp)) == 0 )
ANALYSIS SUMMARY:
Hits = 36
Lines analyzed = 19956 in approximately 0.54 seconds (37081 lines/second)
Physical Source Lines of Code (SLOC) = 11249
Hits@level = [0] 4 [1] 5 [2] 29 [3] 1 [4] 1 [5] 0
Hits@level+ = [0+] 40 [1+] 36 [2+] 31 [3+] 2 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 3.55587 [1+] 3.20028 [2+] 2.7558 [3+] 0.177794 [4+] 0.0888968 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.