Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pacman-10/arg.cc
Examining data/pacman-10/arg.h
Examining data/pacman-10/basis.h
Examining data/pacman-10/blank.cc
Examining data/pacman-10/blank.h
Examining data/pacman-10/board.h
Examining data/pacman-10/bonus.cc
Examining data/pacman-10/bonus.h
Examining data/pacman-10/bonuslif.cc
Examining data/pacman-10/bonuslif.h
Examining data/pacman-10/bonuspnt.cc
Examining data/pacman-10/bonuspnt.h
Examining data/pacman-10/colour.cc
Examining data/pacman-10/colour.h
Examining data/pacman-10/corner.cc
Examining data/pacman-10/corner.h
Examining data/pacman-10/corner1.h
Examining data/pacman-10/corner2.h
Examining data/pacman-10/corner3.h
Examining data/pacman-10/corner4.h
Examining data/pacman-10/cross.h
Examining data/pacman-10/direc.cc
Examining data/pacman-10/direc.h
Examining data/pacman-10/dynamiel.cc
Examining data/pacman-10/dynamiel.h
Examining data/pacman-10/e0.h
Examining data/pacman-10/e180.h
Examining data/pacman-10/e270.h
Examining data/pacman-10/e90.h
Examining data/pacman-10/edible.h
Examining data/pacman-10/element.cc
Examining data/pacman-10/element.h
Examining data/pacman-10/endwall.h
Examining data/pacman-10/food.cc
Examining data/pacman-10/food.h
Examining data/pacman-10/gamedata.h
Examining data/pacman-10/gblank.h
Examining data/pacman-10/gboard.cc
Examining data/pacman-10/gboard.h
Examining data/pacman-10/gbonlife.h
Examining data/pacman-10/gbonpnt.h
Examining data/pacman-10/gbonus.h
Examining data/pacman-10/gdynelem.cc
Examining data/pacman-10/gdynelem.h
Examining data/pacman-10/gedible.h
Examining data/pacman-10/gfood.h
Examining data/pacman-10/gghost.h
Examining data/pacman-10/gmoveabl.h
Examining data/pacman-10/gpacman.h
Examining data/pacman-10/graphele.cc
Examining data/pacman-10/graphele.h
Examining data/pacman-10/gspecwal.h
Examining data/pacman-10/gstatele.h
Examining data/pacman-10/gsupfood.h
Examining data/pacman-10/gunmovel.h
Examining data/pacman-10/gwalls.h
Examining data/pacman-10/horiwall.h
Examining data/pacman-10/moveable.h
Examining data/pacman-10/object.h
Examining data/pacman-10/pac.h
Examining data/pacman-10/pacman.cc
Examining data/pacman-10/pacman.h
Examining data/pacman-10/point.h
Examining data/pacman-10/sizes.h
Examining data/pacman-10/specwall.cc
Examining data/pacman-10/specwall.h
Examining data/pacman-10/staticel.h
Examining data/pacman-10/strawall.h
Examining data/pacman-10/supefood.cc
Examining data/pacman-10/supefood.h
Examining data/pacman-10/systspec.h
Examining data/pacman-10/t0.h
Examining data/pacman-10/t180.h
Examining data/pacman-10/t270.h
Examining data/pacman-10/t90.h
Examining data/pacman-10/timing.h
Examining data/pacman-10/twall.h
Examining data/pacman-10/types.h
Examining data/pacman-10/unmovele.h
Examining data/pacman-10/usrinter.cc
Examining data/pacman-10/usrinter.h
Examining data/pacman-10/vertwall.h
Examining data/pacman-10/walls.cc
Examining data/pacman-10/walls.h
Examining data/pacman-10/board.cc
Examining data/pacman-10/corner1.cc
Examining data/pacman-10/corner2.cc
Examining data/pacman-10/corner3.cc
Examining data/pacman-10/corner4.cc
Examining data/pacman-10/cross.cc
Examining data/pacman-10/e0.cc
Examining data/pacman-10/e180.cc
Examining data/pacman-10/e270.cc
Examining data/pacman-10/e90.cc
Examining data/pacman-10/gamedata.cc
Examining data/pacman-10/gblank.cc
Examining data/pacman-10/gbonlife.cc
Examining data/pacman-10/gbonpnt.cc
Examining data/pacman-10/gfood.cc
Examining data/pacman-10/gghost.cc
Examining data/pacman-10/ghost.cc
Examining data/pacman-10/ghost.h
Examining data/pacman-10/gpacman.cc
Examining data/pacman-10/gspecwal.cc
Examining data/pacman-10/gsupfood.cc
Examining data/pacman-10/horiwall.cc
Examining data/pacman-10/pac.cc
Examining data/pacman-10/point.cc
Examining data/pacman-10/shapes.h
Examining data/pacman-10/t0.cc
Examining data/pacman-10/t180.cc
Examining data/pacman-10/t270.cc
Examining data/pacman-10/t90.cc
Examining data/pacman-10/timing.cc
Examining data/pacman-10/vertwall.cc
FINAL RESULTS:
data/pacman-10/gamedata.cc:59:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (level>LEVELS) boardlevel=1+(random()%LEVELS);
data/pacman-10/ghost.cc:17:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
randmv=random()%8 +4;//a random number about changing direction when randoming
data/pacman-10/ghost.cc:98:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random()%2)*dd=goright; else *dd=goleft;
data/pacman-10/ghost.cc:198:11: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!(random()%randmv)) //if random "hits"
data/pacman-10/pac.cc:98:1: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(rand()); //reset random number generator
data/pacman-10/pac.cc:156:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ((random() & 4095)==0) {
data/pacman-10/pac.cc:157:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() & 61440)
data/pacman-10/board.h:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char boards[LEVELS][BOARDHEIGHT+1][BOARDWIDTH+1]=
data/pacman-10/gboard.cc:35:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int G_Board::eqpat(char pat[3][3],char en[10]){ //equality with wildcard
data/pacman-10/gboard.cc:35:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int G_Board::eqpat(char pat[3][3],char en[10]){ //equality with wildcard
data/pacman-10/gboard.cc:44:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char G_Board::pattern(char brett1[BOARDHEIGHT+1][BOARDWIDTH+1],int y,int x) {
data/pacman-10/gboard.cc:119:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
GraphElement *G_Board::graphele(char brett[BOARDHEIGHT+1][BOARDWIDTH+1],int i,int j) {
data/pacman-10/gboard.h:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern(char [BOARDHEIGHT+1][BOARDWIDTH+1],int,int);
data/pacman-10/usrinter.cc:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_vector[32]; //denotes 256 possible keys
data/pacman-10/usrinter.cc:184:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int UserInterface::check(char key_vector[32], KeySym key) {
data/pacman-10/usrinter.cc:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_vector[32]; //denotes 256 possible keys
data/pacman-10/usrinter.cc:227:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%.*d", l,v);
data/pacman-10/usrinter.cc:323:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%.*d", l,v); //formatted print to string
data/pacman-10/usrinter.cc:507:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "%.*d", l,v); //formatted print to string
data/pacman-10/usrinter.cc:220:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XDrawImageString(mydisplay,mywindow, mygc,TEXTWIDTH*x,TEXTHEIGHT*y,str, strlen(str));
data/pacman-10/usrinter.cc:228:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XDrawImageString(mydisplay,mywindow, mygc,TEXTWIDTH*x,TEXTHEIGHT*y,str, strlen(str));
data/pacman-10/usrinter.cc:313:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TextOut(my_hdc,TEXTWIDTH*x,TEXTHEIGHT*y,str, strlen(str)); //outputting
data/pacman-10/usrinter.cc:324:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TextOut(my_hdc,TEXTHEIGHT*x,TEXTHEIGHT*y,str, strlen(str)); //outputting
ANALYSIS SUMMARY:
Hits = 23
Lines analyzed = 4525 in approximately 0.14 seconds (33360 lines/second)
Physical Source Lines of Code (SLOC) = 3388
Hits@level = [0] 5 [1] 4 [2] 12 [3] 7 [4] 0 [5] 0
Hits@level+ = [0+] 28 [1+] 23 [2+] 19 [3+] 7 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 8.26446 [1+] 6.78867 [2+] 5.60803 [3+] 2.06612 [4+] 0 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.