Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/transcriber-1.5.1.1/src/trans.h
Examining data/transcriber-1.5.1.1/src/axis.c
Examining data/transcriber-1.5.1.1/src/segmt.c
Examining data/transcriber-1.5.1.1/src/trans.c
Examining data/transcriber-1.5.1.1/src/wavfm.c
FINAL RESULTS:
data/transcriber-1.5.1.1/src/wavfm.c:354:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "datasamples -start %ld -end %ld -byteorder %s\n",
data/transcriber-1.5.1.1/src/wavfm.c:437:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "shape -width %d -start %ld -end %ld -byteorder %s",
data/transcriber-1.5.1.1/src/wavfm.c:443:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, w->shapename);
data/transcriber-1.5.1.1/src/axis.c:245:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) axisPtr, argv[2], 0);
data/transcriber-1.5.1.1/src/axis.c:257:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) axisPtr, argv[2], 0);
data/transcriber-1.5.1.1/src/axis.c:281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[30];
data/transcriber-1.5.1.1/src/axis.c:289:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(txt,"%d:%.2d:%0*.*f", hh, mm, a->digit+2, a->digit, t);
data/transcriber-1.5.1.1/src/axis.c:292:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(txt,"%d:%0*.*f", mm, a->digit+2, a->digit, t);
data/transcriber-1.5.1.1/src/axis.c:294:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(txt,"%.*f", a->digit, t);
data/transcriber-1.5.1.1/src/segmt.c:320:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) segmtPtr, argv[2], 0);
data/transcriber-1.5.1.1/src/segmt.c:332:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) segmtPtr, argv[2], 0);
data/transcriber-1.5.1.1/src/segmt.c:724:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *txt[2];
data/transcriber-1.5.1.1/src/trans.c:52:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[sizeof(short)];
data/transcriber-1.5.1.1/src/wavfm.c:281:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) w, argv[2], 0);
data/transcriber-1.5.1.1/src/wavfm.c:293:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) w, argv[2], 0);
data/transcriber-1.5.1.1/src/wavfm.c:348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *p = NULL;
data/transcriber-1.5.1.1/src/wavfm.c:386:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *p = NULL;
data/transcriber-1.5.1.1/src/wavfm.c:442:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, " -shape ");
data/transcriber-1.5.1.1/src/wavfm.c:463:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (w->shape + base * w->channels, p, size);
data/transcriber-1.5.1.1/src/axis.c:241:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(argv[1]);
data/transcriber-1.5.1.1/src/axis.c:296:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
layout = Tk_ComputeTextLayout( a->font, txt, strlen(txt),
data/transcriber-1.5.1.1/src/segmt.c:201:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(s);
data/transcriber-1.5.1.1/src/segmt.c:203:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( t, s, l);
data/transcriber-1.5.1.1/src/segmt.c:316:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(argv[1]);
data/transcriber-1.5.1.1/src/segmt.c:453:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (a->segVarName == NULL || strlen(a->segVarName) == 0) {
data/transcriber-1.5.1.1/src/segmt.c:496:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (a->timeArrayName != NULL && strlen(a->timeArrayName) > 0) {
data/transcriber-1.5.1.1/src/segmt.c:535:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((colorName != NULL) && (strlen(colorName)>0))
data/transcriber-1.5.1.1/src/segmt.c:574:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (a->timeArrayName != NULL && strlen(a->timeArrayName) > 0) {
data/transcriber-1.5.1.1/src/segmt.c:653:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name2 != NULL && strlen(name2) > 0) {
data/transcriber-1.5.1.1/src/segmt.c:785:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbchar[1] = strlen(txt[1]);
data/transcriber-1.5.1.1/src/wavfm.c:277:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(argv[1]);
data/transcriber-1.5.1.1/src/wavfm.c:352:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (w->signal == NULL || strlen(w->signal)==0) return -1;
data/transcriber-1.5.1.1/src/wavfm.c:389:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (w->signal == NULL || strlen(w->signal)==0) return -1;
data/transcriber-1.5.1.1/src/wavfm.c:441:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (w->shapename != NULL && strlen(w->shapename) > 0) {
data/transcriber-1.5.1.1/src/wavfm.c:445:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd, "\n");
data/transcriber-1.5.1.1/src/wavfm.c:536:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (w->signal != NULL && strlen(w->signal)!=0) {
ANALYSIS SUMMARY:
Hits = 36
Lines analyzed = 2458 in approximately 0.09 seconds (27309 lines/second)
Physical Source Lines of Code (SLOC) = 1894
Hits@level = [0] 0 [1] 17 [2] 16 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 36 [1+] 36 [2+] 19 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 19.0074 [1+] 19.0074 [2+] 10.0317 [3+] 1.58395 [4+] 1.58395 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.