Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c
Examining data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.h
Examining data/openrazer-2.9.0+dfsg/driver/razerchromacommon.c
Examining data/openrazer-2.9.0+dfsg/driver/razerchromacommon.h
Examining data/openrazer-2.9.0+dfsg/driver/razercommon.c
Examining data/openrazer-2.9.0+dfsg/driver/razercommon.h
Examining data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c
Examining data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.h
Examining data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c
Examining data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.h
Examining data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c
Examining data/openrazer-2.9.0+dfsg/driver/razermouse_driver.h
Examining data/openrazer-2.9.0+dfsg/driver/usb_hid_keys.h
FINAL RESULTS:
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:104:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", DRIVER_VERSION);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:168:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
return sprintf(buf, device_type);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:731:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", &serial_string[0]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:319:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", DRIVER_VERSION);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:563:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
return sprintf(buf, device_type);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:847:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", &serial_string[0]);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:205:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", DRIVER_VERSION);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:241:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
return sprintf(buf, device_type);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:606:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", &device->serial[0]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:195:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", DRIVER_VERSION);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:415:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
return sprintf(buf, device_type);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:755:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", &device->serial[0]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:783:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(buf, "%s\n", &serial_string[0]);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:698:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_string[51];
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:769:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "v%u.%u\n", device->firmware_version[1], device->firmware_version[2]);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:810:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u\n", response.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:834:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d:%d\n", response.arguments[0], response.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:921:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", brightness);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:973:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&dev->serial[0], "MUG%012u", rand_serial);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial[23];
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char firmware_version[3];
data/openrazer-2.9.0+dfsg/driver/razerchromacommon.c:481:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&report.arguments[4], rgb_data, row_length);
data/openrazer-2.9.0+dfsg/driver/razerchromacommon.c:760:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&report.arguments[5], rgb_data, row_length);
data/openrazer-2.9.0+dfsg/driver/razerchromacommon.c:949:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&report.arguments[2], rgb_data, row_length);
data/openrazer-2.9.0+dfsg/driver/razerchromacommon.c:1180:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&report, &orochi2011_led, sizeof(orochi2011_led));
data/openrazer-2.9.0+dfsg/driver/razerchromacommon.c:1191:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&report, &orochi2011_dpi, sizeof(orochi2011_dpi));
data/openrazer-2.9.0+dfsg/driver/razercommon.c:104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(response_report, buf, sizeof(struct razer_report));
data/openrazer-2.9.0+dfsg/driver/razercommon.h:118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char arguments[80];
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:210:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%02x\n", response.arguments[0]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:275:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:309:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:627:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:667:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:696:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:723:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:750:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_string[51];
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:862:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "v%d.%d\n", response_report.arguments[0], response_report.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:1509:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", state);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:1622:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%02x%02x%02x\n", response.arguments[0], response.arguments[1], response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:1750:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", brightness);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:1790:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d:%d\n", response.arguments[0], response.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.h:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.h:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phys[64];
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.h:127:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block_keys[3];
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:184:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[0], &device->data[1], len);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:592:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&device->serial[0], &device->data[1], 22);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:642:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "v%x.%x\n", device->firmware_version[1], device->firmware_version[2]);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:654:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%02x\n", current_effect);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:672:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "0:0\n");
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:730:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&dev->serial[0], "HN%015u", rand_serial);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:856:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&device->data[0], &data[0], size);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial[23];
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char firmware_version[3];
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.h:159:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char arguments[32];
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.h:164:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char arguments[36];
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:431:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "v%d.%d\n", 9, 99);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:435:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "v%d.%d\n", 0x01, 0x00);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:462:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "v%d.%d\n", response_report.arguments[0], response_report.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:746:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_string[23];
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:814:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response_report.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:834:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "0\n");
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:851:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response_report.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:924:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", polling_rate);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:966:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", polling_rate);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1115:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[brightness_index]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1273:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u\n", dpi_x);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1277:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u:%u\n", device->orochi2011_dpi, device->orochi2011_dpi);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1335:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u:%u\n", dpi_x, dpi_y);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1353:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u\n", idle_time);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1383:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[0]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1562:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d:%d\n", 0, 0);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1589:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d:%d\n", response.arguments[0], response.arguments[1]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1635:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1733:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1816:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1927:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", device->orochi2011_led & 0b00000001);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1932:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "1\n");
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1934:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "0\n");
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1944:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1992:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", (device->orochi2011_led & 0b00000010) >> 1);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1997:20: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "1\n");
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:1999:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "0\n");
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:2009:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:2045:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u%u%u\n", response.arguments[2], response.arguments[3], response.arguments[4]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:2082:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%u%u%u\n", response.arguments[2], response.arguments[3], response.arguments[4]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:2113:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:2145:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:3129:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(buf, "%d\n", response.arguments[2]);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:3283:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&dev->serial[0], "PM%012u", rand_serial);
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.h:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial[23]; // Now storing a random serial to be used with old devices that don't support it
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:188:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
return sprintf(buf, "\n");
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:702:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&serial_string[0], &device->serial[0], sizeof(serial_string));
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:715:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&serial_string[0], &response_report.arguments[0], 22);
data/openrazer-2.9.0+dfsg/driver/razeraccessory_driver.c:722:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&serial_string[0], &response_report.arguments[0], 22);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:840:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&serial_string[0], dmi_get_system_info(DMI_PRODUCT_SERIAL), 50);
data/openrazer-2.9.0+dfsg/driver/razerkbd_driver.c:843:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&serial_string[0], &response_report.arguments[0], 22);
data/openrazer-2.9.0+dfsg/driver/razerkraken_driver.c:261:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
return sprintf(buf, "\n");
data/openrazer-2.9.0+dfsg/driver/razermouse_driver.c:779:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&serial_string[0], &response_report.arguments[0], 22);
ANALYSIS SUMMARY:
Hits = 99
Lines analyzed = 11681 in approximately 0.35 seconds (33642 lines/second)
Physical Source Lines of Code (SLOC) = 8091
Hits@level = [0] 0 [1] 8 [2] 78 [3] 0 [4] 13 [5] 0
Hits@level+ = [0+] 99 [1+] 99 [2+] 91 [3+] 13 [4+] 13 [5+] 0
Hits/KSLOC@level+ = [0+] 12.2358 [1+] 12.2358 [2+] 11.2471 [3+] 1.60672 [4+] 1.60672 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.