Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mupen64plus-video-z64-2.5.9/src/disasm.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/glshader.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/glshader.h
Examining data/mupen64plus-video-z64-2.5.9/src/maingl.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/osal_dynamiclib.h
Examining data/mupen64plus-video-z64-2.5.9/src/osal_dynamiclib_unix.c
Examining data/mupen64plus-video-z64-2.5.9/src/osal_dynamiclib_win32.c
Examining data/mupen64plus-video-z64-2.5.9/src/queue.h
Examining data/mupen64plus-video-z64-2.5.9/src/rdp.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl.h
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_assert.h
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_geometry.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_glut.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_glut.h
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_osdep.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_settings.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/z64.h
Examining data/mupen64plus-video-z64-2.5.9/src/rdp.h
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp
Examining data/mupen64plus-video-z64-2.5.9/src/rgl_tiles.cpp
FINAL RESULTS:
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:194:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "Tri_NoShade %d, XL: %s, XM: %s, XH: %s, YL: %s, YM: %s, YH: %s\n", lft, xl,xm,xh,yl,ym,yh);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:236:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, "Tri_Tex %d, XL: %s, XM: %s, XH: %s, YL: %s, YM: %s, YH: %s\n", lft, xl,xm,xh,yl,ym,yh);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:238:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " S: %s, T: %s, W: %s\n", s, t, w);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:240:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DSDX: %s, DTDX: %s, DWDX: %s\n", dsdx, dtdx, dwdx);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:242:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DSDE: %s, DTDE: %s, DWDE: %s\n", dsde, dtde, dwde);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:244:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DSDY: %s, DTDY: %s, DWDY: %s\n", dsdy, dtdy, dwdy);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:288:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, "Tri_Shade %d, XL: %s, XM: %s, XH: %s, YL: %s, YM: %s, YH: %s\n", lft, xl,xm,xh,yl,ym,yh);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:290:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " R: %s, G: %s, B: %s, A: %s\n", rt, gt, bt, at);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:292:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DRDX: %s, DGDX: %s, DBDX: %s, DADX: %s\n", drdx, dgdx, dbdx, dadx);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:294:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DRDE: %s, DGDE: %s, DBDE: %s, DADE: %s\n", drde, dgde, dbde, dade);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:296:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DRDY: %s, DGDY: %s, DBDY: %s, DADY: %s\n", drdy, dgdy, dbdy, dady);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:354:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, "Tri_TexShade %d, XL: %s, XM: %s, XH: %s, YL: %s, YM: %s, YH: %s\n", lft, xl,xm,xh,yl,ym,yh);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:356:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " R: %s, G: %s, B: %s, A: %s\n", rt, gt, bt, at);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:358:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DRDX: %s, DGDX: %s, DBDX: %s, DADX: %s\n", drdx, dgdx, dbdx, dadx);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:360:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DRDE: %s, DGDE: %s, DBDE: %s, DADE: %s\n", drde, dgde, dbde, dade);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:362:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DRDY: %s, DGDY: %s, DBDY: %s, DADY: %s\n", drdy, dgdy, dbdy, dady);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:365:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " S: %s, T: %s, W: %s\n", s, t, w);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:367:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DSDX: %s, DTDX: %s, DWDX: %s\n", dsdx, dtdx, dwdx);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:369:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DSDE: %s, DTDE: %s, DWDE: %s\n", dsde, dtde, dwde);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:371:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
buffer+=sprintf(buffer, " DSDY: %s, DTDY: %s, DWDY: %s\n", dsdy, dtdy, dwdy);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:391:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "Texture_Rectangle %d, %s, %s, %s, %s, %s, %s, %s, %s", tile, sh, th, sl, tl, s, t, dsdx, dtdy);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:393:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "Texture_Rectangle_Flip %d, %s, %s, %s, %s, %s, %s, %s, %s", tile, sh, th, sl, tl, s, t, dsdx, dtdy);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:401:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x2d: sprintf(buffer, "Set_Scissor %s, %s, %s, %s", sl, tl, sh, th); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:404:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x30: sprintf(buffer, "Load_TLUT %d, %s, %s, %s, %s", tile, sl, tl, sh, th); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:405:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x32: sprintf(buffer, "Set_Tile_Size %d, %s, %s, %s, %s", tile, sl, tl, sh, th); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:407:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x34: sprintf(buffer, "Load_Tile %d, %s, %s, %s, %s", tile, sl, tl, sh, th); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:408:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x35: sprintf(buffer, "Set_Tile %d, %s, %s, %d, %04X", tile, format, size, ((cmd[0] >> 9) & 0x1ff) * 8, (cmd[0] & 0x1ff) * 8); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:409:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x36: sprintf(buffer, "Fill_Rectangle %s, %s, %s, %s", sh, th, sl, tl); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:416:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x3d: sprintf(buffer, "Set_Texture_Image %s, %s, %d, %08X", format, size, (cmd[0] & 0x1ff)+1, cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:418:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case 0x3f: sprintf(buffer, "Set_Color_Image %s, %s, %d, %08X", format, size, (cmd[0] & 0x1ff)+1, cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/maingl.cpp:149:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, 1023, msg, args);
data/mupen64plus-video-z64-2.5.9/src/rdp.h:250:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void rdp_log(m64p_msg_level level, const char *msg, ...) __attribute__ ((format (printf, 2, 3)));
data/mupen64plus-video-z64-2.5.9/src/rdp.h:261:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void LOG(const char * s, ...) __attribute__ ((format (printf, 1, 2)));
data/mupen64plus-video-z64-2.5.9/src/rdp.h:266:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, s, ap);
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:88:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:101:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:114:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:124:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:178:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void gglPrintf(int x, int y, const char * s, ...) __attribute__ ((format (printf, 1, 2)));
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:184:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, s, ap);
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:822:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, "%s/"FONT, rgl_cwd);
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:824:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, "%s/"SMALLFONT, rgl_cwd);
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:322:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:377:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:484:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:510:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:527:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "%s", alphaTest);
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:546:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(_1ma, "(1.0 - %s)", bA[0][RDP_GETOM_BLEND_M1B_0(state.otherModes)]);
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:548:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:608:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:616:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:620:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:656:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(_1ma, "(1.0 - %s)", bA[0][m1b]);
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:658:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(p, blender, bA[0][m1b], bRGB[m1a], bA[1][m2b], bRGB[m2a]);
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:663:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:670:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/mupen64plus-video-z64-2.5.9/src/rgl_tiles.cpp:646:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "dump/tex%04d-%s-%d-%d-%d.png", num++, rdpImageFormats[tile.format], tile.size, &tile - rdpTiles, tile.tmem);
data/mupen64plus-video-z64-2.5.9/src/osal_dynamiclib_win32.c:34:19: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
*pLibHandle = LoadLibrary(pccLibraryPath);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sl[32], tl[32], sh[32], th[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[32], t[32];//, w[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dsdx[32], dtdy[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dsdx[32], dtdx[32], dwdx[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dsdy[32], dtdy[32], dwdy[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dsde[32], dtde[32], dwde[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yl[32], yh[32], ym[32], xl[32], xh[32], xm[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dxldy[32], dxhdy[32], dxmdy[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rt[32], gt[32], bt[32], at[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drdx[32], dgdx[32], dbdx[32], dadx[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drdy[32], dgdy[32], dbdy[32], dady[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drde[32], dgde[32], dbde[32], dade[32];
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:123:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ERROR: length = %d\n", length);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:131:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sl, "%4.2f", (float)((cmd[0] >> 12) & 0xfff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:132:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tl, "%4.2f", (float)((cmd[0] >> 0) & 0xfff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:133:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sh, "%4.2f", (float)((cmd[1] >> 12) & 0xfff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:134:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(th, "%4.2f", (float)((cmd[1] >> 0) & 0xfff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:148:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x00: sprintf(buffer, "No Op"); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:150:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Tri_NoShade (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:152:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Tri_Tex (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:154:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Tri_Shade (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:156:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Tri_TexShade (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:158:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "TriZ_NoShade (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:160:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "TriZ_Tex (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:162:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "TriZ_Shade (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:164:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "TriZ_TexShade (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:173:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ERROR: Tri_NoShade length = %d\n", length);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:184:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yl, "%4.4f", (float)((cmd[0] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:185:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ym, "%4.4f", (float)((cmd[1] >> 16) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:186:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yh, "%4.4f", (float)((cmd[1] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:187:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xl, "%4.4f", (float)(cmd[2] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:188:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxldy, "%4.4f", (float)(cmd[3] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:189:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xh, "%4.4f", (float)(cmd[4] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:190:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxhdy, "%4.4f", (float)(cmd[5] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:191:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xm, "%4.4f", (float)(cmd[6] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:192:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxmdy, "%4.4f", (float)(cmd[7] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:203:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ERROR: Tri_Tex length = %d\n", length);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:212:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yl, "%4.4f", (float)((cmd[0] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:213:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ym, "%4.4f", (float)((cmd[1] >> 16) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:214:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yh, "%4.4f", (float)((cmd[1] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:215:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xl, "%4.4f", (float)((INT32)cmd[2] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:216:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxldy, "%4.4f", (float)((INT32)cmd[3] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:217:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xh, "%4.4f", (float)((INT32)cmd[4] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:218:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxhdy, "%4.4f", (float)((INT32)cmd[5] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:219:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xm, "%4.4f", (float)((INT32)cmd[6] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:220:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxmdy, "%4.4f", (float)((INT32)cmd[7] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:222:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%4.4f", (float)(INT32)((cmd[ 8] & 0xffff0000) | ((cmd[12] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:223:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "%4.4f", (float)(INT32)(((cmd[ 8] & 0xffff) << 16) | (cmd[12] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:224:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(w, "%4.4f", (float)(INT32)((cmd[ 9] & 0xffff0000) | ((cmd[13] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:225:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsdx, "%4.4f", (float)(INT32)((cmd[10] & 0xffff0000) | ((cmd[14] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:226:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtdx, "%4.4f", (float)(INT32)(((cmd[10] & 0xffff) << 16) | (cmd[14] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:227:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dwdx, "%4.4f", (float)(INT32)((cmd[11] & 0xffff0000) | ((cmd[15] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:228:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsde, "%4.4f", (float)(INT32)((cmd[16] & 0xffff0000) | ((cmd[20] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:229:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtde, "%4.4f", (float)(INT32)(((cmd[16] & 0xffff) << 16) | (cmd[20] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:230:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dwde, "%4.4f", (float)(INT32)((cmd[17] & 0xffff0000) | ((cmd[21] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:231:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsdy, "%4.4f", (float)(INT32)((cmd[18] & 0xffff0000) | ((cmd[22] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:232:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtdy, "%4.4f", (float)(INT32)(((cmd[18] & 0xffff) << 16) | (cmd[22] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:233:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dwdy, "%4.4f", (float)(INT32)((cmd[19] & 0xffff0000) | ((cmd[23] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:237:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:239:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:241:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:243:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:253:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ERROR: Tri_Shade length = %d\n", length);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:262:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yl, "%4.4f", (float)((cmd[0] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:263:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ym, "%4.4f", (float)((cmd[1] >> 16) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:264:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yh, "%4.4f", (float)((cmd[1] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:265:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xl, "%4.4f", (float)((INT32)cmd[2] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:266:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxldy, "%4.4f", (float)((INT32)cmd[3] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:267:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xh, "%4.4f", (float)((INT32)cmd[4] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:268:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxhdy, "%4.4f", (float)((INT32)cmd[5] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:269:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xm, "%4.4f", (float)((INT32)cmd[6] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:270:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxmdy, "%4.4f", (float)((INT32)cmd[7] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:271:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rt, "%4.4f", (float)(INT32)((cmd[8] & 0xffff0000) | ((cmd[12] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:272:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gt, "%4.4f", (float)(INT32)(((cmd[8] & 0xffff) << 16) | (cmd[12] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:273:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bt, "%4.4f", (float)(INT32)((cmd[9] & 0xffff0000) | ((cmd[13] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:274:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(at, "%4.4f", (float)(INT32)(((cmd[9] & 0xffff) << 16) | (cmd[13] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:275:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drdx, "%4.4f", (float)(INT32)((cmd[10] & 0xffff0000) | ((cmd[14] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:276:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dgdx, "%4.4f", (float)(INT32)(((cmd[10] & 0xffff) << 16) | (cmd[14] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:277:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbdx, "%4.4f", (float)(INT32)((cmd[11] & 0xffff0000) | ((cmd[15] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:278:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dadx, "%4.4f", (float)(INT32)(((cmd[11] & 0xffff) << 16) | (cmd[15] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:279:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drde, "%4.4f", (float)(INT32)((cmd[16] & 0xffff0000) | ((cmd[20] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:280:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dgde, "%4.4f", (float)(INT32)(((cmd[16] & 0xffff) << 16) | (cmd[20] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:281:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbde, "%4.4f", (float)(INT32)((cmd[17] & 0xffff0000) | ((cmd[21] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:282:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dade, "%4.4f", (float)(INT32)(((cmd[17] & 0xffff) << 16) | (cmd[21] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:283:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drdy, "%4.4f", (float)(INT32)((cmd[18] & 0xffff0000) | ((cmd[22] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:284:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dgdy, "%4.4f", (float)(INT32)(((cmd[18] & 0xffff) << 16) | (cmd[22] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:285:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbdy, "%4.4f", (float)(INT32)((cmd[19] & 0xffff0000) | ((cmd[23] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:286:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dady, "%4.4f", (float)(INT32)(((cmd[19] & 0xffff) << 16) | (cmd[23] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:289:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:291:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:293:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:295:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:305:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ERROR: Tri_TexShade length = %d\n", length);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:314:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yl, "%4.4f", (float)((cmd[0] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:315:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ym, "%4.4f", (float)((cmd[1] >> 16) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:316:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yh, "%4.4f", (float)((cmd[1] >> 0) & 0x1fff) / 4.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:317:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xl, "%4.4f", (float)((INT32)cmd[2] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:318:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxldy, "%4.4f", (float)((INT32)cmd[3] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:319:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xh, "%4.4f", (float)((INT32)cmd[4] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:320:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxhdy, "%4.4f", (float)((INT32)cmd[5] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:321:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xm, "%4.4f", (float)((INT32)cmd[6] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:322:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dxmdy, "%4.4f", (float)((INT32)cmd[7] / 65536.0f));
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:323:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(rt, "%4.4f", (float)(INT32)((cmd[8] & 0xffff0000) | ((cmd[12] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:324:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(gt, "%4.4f", (float)(INT32)(((cmd[8] & 0xffff) << 16) | (cmd[12] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:325:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bt, "%4.4f", (float)(INT32)((cmd[9] & 0xffff0000) | ((cmd[13] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:326:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(at, "%4.4f", (float)(INT32)(((cmd[9] & 0xffff) << 16) | (cmd[13] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:327:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drdx, "%4.4f", (float)(INT32)((cmd[10] & 0xffff0000) | ((cmd[14] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:328:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dgdx, "%4.4f", (float)(INT32)(((cmd[10] & 0xffff) << 16) | (cmd[14] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:329:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbdx, "%4.4f", (float)(INT32)((cmd[11] & 0xffff0000) | ((cmd[15] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:330:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dadx, "%4.4f", (float)(INT32)(((cmd[11] & 0xffff) << 16) | (cmd[15] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:331:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drde, "%4.4f", (float)(INT32)((cmd[16] & 0xffff0000) | ((cmd[20] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:332:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dgde, "%4.4f", (float)(INT32)(((cmd[16] & 0xffff) << 16) | (cmd[20] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:333:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbde, "%4.4f", (float)(INT32)((cmd[17] & 0xffff0000) | ((cmd[21] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:334:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dade, "%4.4f", (float)(INT32)(((cmd[17] & 0xffff) << 16) | (cmd[21] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:335:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(drdy, "%4.4f", (float)(INT32)((cmd[18] & 0xffff0000) | ((cmd[22] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:336:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dgdy, "%4.4f", (float)(INT32)(((cmd[18] & 0xffff) << 16) | (cmd[22] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:337:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbdy, "%4.4f", (float)(INT32)((cmd[19] & 0xffff0000) | ((cmd[23] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:338:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dady, "%4.4f", (float)(INT32)(((cmd[19] & 0xffff) << 16) | (cmd[23] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:340:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%4.4f", (float)(INT32)((cmd[24] & 0xffff0000) | ((cmd[28] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:341:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "%4.4f", (float)(INT32)(((cmd[24] & 0xffff) << 16) | (cmd[28] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:342:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(w, "%4.4f", (float)(INT32)((cmd[25] & 0xffff0000) | ((cmd[29] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:343:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsdx, "%4.4f", (float)(INT32)((cmd[26] & 0xffff0000) | ((cmd[30] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:344:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtdx, "%4.4f", (float)(INT32)(((cmd[26] & 0xffff) << 16) | (cmd[30] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:345:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dwdx, "%4.4f", (float)(INT32)((cmd[27] & 0xffff0000) | ((cmd[31] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:346:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsde, "%4.4f", (float)(INT32)((cmd[32] & 0xffff0000) | ((cmd[36] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:347:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtde, "%4.4f", (float)(INT32)(((cmd[32] & 0xffff) << 16) | (cmd[36] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:348:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dwde, "%4.4f", (float)(INT32)((cmd[33] & 0xffff0000) | ((cmd[37] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:349:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsdy, "%4.4f", (float)(INT32)((cmd[34] & 0xffff0000) | ((cmd[38] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:350:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtdy, "%4.4f", (float)(INT32)(((cmd[34] & 0xffff) << 16) | (cmd[38] & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:351:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dwdy, "%4.4f", (float)(INT32)((cmd[35] & 0xffff0000) | ((cmd[39] >> 16) & 0xffff)) / 65536.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:355:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:357:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:359:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:361:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:364:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:366:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:368:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:370:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
buffer+=sprintf(buffer, " ");
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:380:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ERROR: Texture_Rectangle length = %d\n", length);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:385:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%4.4f", (float)(INT16)((cmd[2] >> 16) & 0xffff) / 32.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:386:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(t, "%4.4f", (float)(INT16)((cmd[2] >> 0) & 0xffff) / 32.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:387:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dsdx, "%4.4f", (float)(INT16)((cmd[3] >> 16) & 0xffff) / 1024.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:388:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtdy, "%4.4f", (float)(INT16)((cmd[3] >> 16) & 0xffff) / 1024.0f);
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:397:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x26: sprintf(buffer, "Sync_Load"); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:398:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x27: sprintf(buffer, "Sync_Pipe"); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:399:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x28: sprintf(buffer, "Sync_Tile"); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:400:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x29: sprintf(buffer, "Sync_Full"); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:402:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2e: sprintf(buffer, "Set_Prim_Depth %04X, %04X", (cmd[1] >> 16) & 0xffff, cmd[1] & 0xffff); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:403:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x2f: sprintf(buffer, "Set_Other_Modes %08X %08X", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:406:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x33: sprintf(buffer, "Load_Block %d, %03X, %03X, %03X, %03X", tile, (cmd[0] >> 12) & 0xfff, cmd[0] & 0xfff, (cmd[1] >> 12) & 0xfff, cmd[1] & 0xfff); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:410:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x37: sprintf(buffer, "Set_Fill_Color R: %d, G: %d, B: %d, A: %d", r, g, b, a); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:411:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x38: sprintf(buffer, "Set_Fog_Color R: %d, G: %d, B: %d, A: %d", r, g, b, a); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:412:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x39: sprintf(buffer, "Set_Blend_Color R: %d, G: %d, B: %d, A: %d", r, g, b, a); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:413:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3a: sprintf(buffer, "Set_Prim_Color %d, %d, R: %d, G: %d, B: %d, A: %d", (cmd[0] >> 8) & 0x1f, cmd[0] & 0xff, r, g, b, a); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:414:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3b: sprintf(buffer, "Set_Env_Color R: %d, G: %d, B: %d, A: %d", r, g, b, a); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:415:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3c: sprintf(buffer, "Set_Combine %08X %08X", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:417:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x3e: sprintf(buffer, "Set_Mask_Image %08X", cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/disasm.cpp:419:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default: sprintf(buffer, "??? (%08X %08X)", cmd[0], cmd[1]); break;
data/mupen64plus-video-z64-2.5.9/src/maingl.cpp:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/mupen64plus-video-z64-2.5.9/src/rdp.cpp:772:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[4000];
data/mupen64plus-video-z64-2.5.9/src/rdp.cpp:781:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdpTraceBuf+rdpTracePos, rdp_cmd_data+rdp_cmd_cur, rdp_command_length[cmd]);
data/mupen64plus-video-z64-2.5.9/src/rdp.cpp:785:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdp_cmd_data + MAXCMD, rdp_cmd_data, rdp_command_length[cmd] - (MAXCMD - rdp_cmd_cur)*4);
data/mupen64plus-video-z64-2.5.9/src/rgl.cpp:1516:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char exptable[256];
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const static char * bAText[2][4] = { {"PREVA", "FOGA", "SHADEA", "0"},
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:85:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char res[256];
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:160:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dasm[512];
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:820:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/mupen64plus-video-z64-2.5.9/src/rgl_debugger.cpp:821:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char rgl_cwd[512];
data/mupen64plus-video-z64-2.5.9/src/rgl_glut.cpp:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * argv[2] = { "z64gl", 0 };
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:162:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _1ma[64];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:163:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t1[64];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:164:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t1a[64];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:165:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t2[64];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:166:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char t2a[64];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:167:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prim_lod_frac[64];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:214:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const static char * bA[2][4] =
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:227:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char src[4*4096];
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:411:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:433:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:438:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:445:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:450:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p,
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:473:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prim_lod_frac, "0.5/*PRIM_LOD_FRAC*/");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:474:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t1, "t1");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:475:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t1a, "t1.a");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:477:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t2, "t1");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:478:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t2a, "t1.a");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:480:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t2, "t2");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:481:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t2a, "t2.a");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:499:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t1, "t2");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:500:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t1a, "t2.a");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:501:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t2, "t1");
data/mupen64plus-video-z64-2.5.9/src/rgl_rendermode.cpp:502:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t2a, "t1.a");
data/mupen64plus-video-z64-2.5.9/src/rgl_settings.cpp:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rgl_cwd[512];
data/mupen64plus-video-z64-2.5.9/src/rgl_tiles.cpp:259:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rtile, &tile, sizeof(tile));
data/mupen64plus-video-z64-2.5.9/src/rgl_tiles.cpp:287:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rtile, &tile, sizeof(tile));
data/mupen64plus-video-z64-2.5.9/src/rgl_tiles.cpp:639:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)ptr)[i] = ((unsigned short *)pixels)[i]/256;
data/mupen64plus-video-z64-2.5.9/src/rgl_tiles.cpp:642:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
ANALYSIS SUMMARY:
Hits = 257
Lines analyzed = 8176 in approximately 0.25 seconds (32816 lines/second)
Physical Source Lines of Code (SLOC) = 6008
Hits@level = [0] 7 [1] 0 [2] 199 [3] 1 [4] 57 [5] 0
Hits@level+ = [0+] 264 [1+] 257 [2+] 257 [3+] 58 [4+] 57 [5+] 0
Hits/KSLOC@level+ = [0+] 43.9414 [1+] 42.7763 [2+] 42.7763 [3+] 9.65379 [4+] 9.48735 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.