Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/veroroute-1.99/Src/StringHelper.h Examining data/veroroute-1.99/Src/HistoryManager.h Examining data/veroroute-1.99/Src/Persist.h Examining data/veroroute-1.99/Src/Shape.h Examining data/veroroute-1.99/Src/Grid.h Examining data/veroroute-1.99/Src/Transform.h Examining data/veroroute-1.99/Src/TemplateManager.h Examining data/veroroute-1.99/Src/NodeInfo.h Examining data/veroroute-1.99/Src/finddialog.cpp Examining data/veroroute-1.99/Src/ColorManager.h Examining data/veroroute-1.99/Src/Rect.h Examining data/veroroute-1.99/Src/main.cpp Examining data/veroroute-1.99/Src/pindialog.cpp Examining data/veroroute-1.99/Src/finddialog.h Examining data/veroroute-1.99/Src/mainwindow.cpp Examining data/veroroute-1.99/Src/bomdialog.h Examining data/veroroute-1.99/Src/wiredialog.cpp Examining data/veroroute-1.99/Src/CompElement.h Examining data/veroroute-1.99/Src/templatesdialog.cpp Examining data/veroroute-1.99/Src/mainwindow_events.cpp Examining data/veroroute-1.99/Src/CompTypes.h Examining data/veroroute-1.99/Src/NodeInfoManager.h Examining data/veroroute-1.99/Src/Pin.h Examining data/veroroute-1.99/Src/controldialog.cpp Examining data/veroroute-1.99/Src/Board_routing.cpp Examining data/veroroute-1.99/Src/Element.h Examining data/veroroute-1.99/Src/Common.h Examining data/veroroute-1.99/Src/compdialog.h Examining data/veroroute-1.99/Src/templatesdialog.h Examining data/veroroute-1.99/Src/renderingdialog.h Examining data/veroroute-1.99/Src/CompManager.h Examining data/veroroute-1.99/Src/GuiControl.h Examining data/veroroute-1.99/Src/compdialog.cpp Examining data/veroroute-1.99/Src/GWriter.h Examining data/veroroute-1.99/Src/Component.cpp Examining data/veroroute-1.99/Src/Board_components.cpp Examining data/veroroute-1.99/Src/pindialog.h Examining data/veroroute-1.99/Src/Version.h Examining data/veroroute-1.99/Src/GroupManager.h Examining data/veroroute-1.99/Src/textdialog.h Examining data/veroroute-1.99/Src/FootPrint.cpp Examining data/veroroute-1.99/Src/Board.h Examining data/veroroute-1.99/Src/VrtVersion.h Examining data/veroroute-1.99/Src/CompDefiner.h Examining data/veroroute-1.99/Src/Board_import.cpp Examining data/veroroute-1.99/Src/SimplexFont.h Examining data/veroroute-1.99/Src/myscrollarea.h Examining data/veroroute-1.99/Src/mainwindow.h Examining data/veroroute-1.99/Src/CurveList.h Examining data/veroroute-1.99/Src/bomdialog.cpp Examining data/veroroute-1.99/Src/Template.h Examining data/veroroute-1.99/Src/infodialog.cpp Examining data/veroroute-1.99/Src/FootPrint.h Examining data/veroroute-1.99/Src/wiredialog.h Examining data/veroroute-1.99/Src/GPainter.h Examining data/veroroute-1.99/Src/GWriter.cpp Examining data/veroroute-1.99/Src/controldialog.h Examining data/veroroute-1.99/Src/TrackElement.h Examining data/veroroute-1.99/Src/TextRect.h Examining data/veroroute-1.99/Src/MyRGB.h Examining data/veroroute-1.99/Src/Component.h Examining data/veroroute-1.99/Src/RectManager.h Examining data/veroroute-1.99/Src/hotkeysdialog.h Examining data/veroroute-1.99/Src/textdialog.cpp Examining data/veroroute-1.99/Src/CompDefiner.cpp Examining data/veroroute-1.99/Src/mainwindow_drawing.cpp Examining data/veroroute-1.99/Src/infodialog.h Examining data/veroroute-1.99/Src/CurveList.cpp Examining data/veroroute-1.99/Src/renderingdialog.cpp Examining data/veroroute-1.99/Src/hotkeysdialog.cpp Examining data/veroroute-1.99/Src/Board.cpp Examining data/veroroute-1.99/Src/TextManager.h Examining data/veroroute-1.99/Src/AdjInfo.h Examining data/veroroute-1.99/Src/AdjInfoManager.h FINAL RESULTS: data/veroroute-1.99/Src/Board_components.cpp:44:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer,"%s%d", prefixStr.c_str(), iSuffix); data/veroroute-1.99/Src/CompManager.h:330:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer,"%s%d", prefixStr.c_str(), iSuffix); data/veroroute-1.99/Src/HistoryManager.h:143:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_buffer, "%s/history/history_%d_%d.vrt", m_pathStr.c_str(), m_ID, (int)index); data/veroroute-1.99/Src/mainwindow.cpp:1022:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fileName, "%s/tutorials/tutorial_%d.vrt", m_tutorialsPathStr.c_str(), m_iTutorialNumber); data/veroroute-1.99/Src/mainwindow.cpp:1080:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(bufferThis, "V%s", szVEROROUTE_VERSION); data/veroroute-1.99/Src/mainwindow.cpp:1083:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(bufferOther, "A new version is available!\nV%s can be downloaded from\nhttps://sourceforge.net/projects/veroroute/files/", versionStr.c_str()); data/veroroute-1.99/Src/mainwindow.cpp:1356:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "%d bad part%s destroyed. %d bad grid point%s fixed.", data/veroroute-1.99/Src/templatesdialog.cpp:182:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "%s/templates/user.vrt", mgr.GetPathStr().c_str()); data/veroroute-1.99/Src/StringHelper.h:58:16: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. inStream.setstate(std::ios::eofbit); data/veroroute-1.99/Src/Board_components.cpp:38:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256] = {'\0'}; data/veroroute-1.99/Src/Board_import.cpp:44:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inStream.open(filename.c_str(), std::ios::in | std::ios::binary); data/veroroute-1.99/Src/Board_import.cpp:106:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nLength = atoi( pinStr.c_str() ); // Missing or zero ==> Use default length data/veroroute-1.99/Src/Board_import.cpp:112:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numPins = atoi( pinStr.c_str() ); data/veroroute-1.99/Src/Board_import.cpp:220:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const size_t iPinIndex = atoi(pinStr.c_str()) - 1; data/veroroute-1.99/Src/Board_import.cpp:285:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inStream.open(filename.c_str(), std::ios::in | std::ios::binary); data/veroroute-1.99/Src/Board_import.cpp:369:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nLength = atoi( pinStr.c_str() ); // Missing or zero ==> Use default length data/veroroute-1.99/Src/Board_import.cpp:375:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numPins = atoi( pinStr.c_str() ); data/veroroute-1.99/Src/Board_import.cpp:506:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const size_t iPinIndex = atoi(pinStr.c_str()) - 1; data/veroroute-1.99/Src/Board_import.cpp:566:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[32]; data/veroroute-1.99/Src/Board_import.cpp:567:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "_%d", (int)(iPinIndex+1)); data/veroroute-1.99/Src/CompManager.h:326:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256] = {'\0'}; data/veroroute-1.99/Src/CompTypes.h:600:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[32]; data/veroroute-1.99/Src/CompTypes.h:601:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d", (int)(iPinIndex+1)); // Pin numbers on screen start at 1 data/veroroute-1.99/Src/Component.h:344:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32] = {'\0'}; data/veroroute-1.99/Src/Component.h:345:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d", (int) GetNumPins()); data/veroroute-1.99/Src/Component.h:357:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32] = {'\0'}; data/veroroute-1.99/Src/Component.h:358:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d", (int) GetNumPins()); data/veroroute-1.99/Src/GWriter.cpp:72:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_os.open(str.c_str(), std::ios::out); data/veroroute-1.99/Src/HistoryManager.h:152:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. mutable char m_buffer[256]; // For constructing history filenames data/veroroute-1.99/Src/Persist.h:37:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_bOK = m_file.open(m_type == READ ? QIODevice::ReadOnly : QIODevice::WriteOnly); data/veroroute-1.99/Src/Template.h:68:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32] = {'\0'}; data/veroroute-1.99/Src/Template.h:73:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d", (int)GetNumPins()); data/veroroute-1.99/Src/Template.h:78:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d", (int)o.GetNumPins()); data/veroroute-1.99/Src/bomdialog.cpp:95:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256] = {'\0'}; data/veroroute-1.99/Src/bomdialog.cpp:104:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"%d",rowQuantity); data/veroroute-1.99/Src/bomdialog.cpp:121:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d", (int)p->GetNumPins()); data/veroroute-1.99/Src/bomdialog.cpp:126:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, " (%d pins)", (int)p->GetNumPins()); data/veroroute-1.99/Src/bomdialog.cpp:138:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"%d",rowQuantity); data/veroroute-1.99/Src/bomdialog.cpp:157:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outStream.open(fileNameStr.c_str(), std::ios::out); data/veroroute-1.99/Src/mainwindow.cpp:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256] = {'\0'}; data/veroroute-1.99/Src/mainwindow.cpp:444:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"Current rectangle (%d x %d) (%gmm x %gmm)", rect.GetCols(), rect.GetRows(), rect.GetCols()*2.54, rect.GetRows()*2.54); data/veroroute-1.99/Src/mainwindow.cpp:747:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file.open(QIODevice::WriteOnly); data/veroroute-1.99/Src/mainwindow.cpp:1021:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[256] = {'\0'}; data/veroroute-1.99/Src/mainwindow.cpp:1079:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bufferThis[8]; data/veroroute-1.99/Src/mainwindow.cpp:1082:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bufferOther[128]; data/veroroute-1.99/Src/mainwindow.cpp:1255:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). SetCurrentNodeId( atoi(item->text().toStdString().c_str()) ); data/veroroute-1.99/Src/mainwindow.cpp:1355:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64] = {'\0'}; data/veroroute-1.99/Src/mainwindow.cpp:1700:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256] = {'\0'}; data/veroroute-1.99/Src/mainwindow.cpp:1701:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, " (%d x %d) (%gmm x %gmm)", m_board.GetRows(), m_board.GetCols(), m_board.GetRows()*2.54, m_board.GetCols()*2.54); data/veroroute-1.99/Src/templatesdialog.cpp:181:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256] = {'\0'}; data/veroroute-1.99/Src/templatesdialog.cpp:263:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64] = {'\0'}; data/veroroute-1.99/Src/templatesdialog.cpp:264:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "No parts are currently selected in the main view."); data/veroroute-1.99/Src/templatesdialog.cpp:281:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[64] = {'\0'}; data/veroroute-1.99/Src/templatesdialog.cpp:282:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%d new templates added.", nCount); data/veroroute-1.99/Src/GPainter.h:49:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const auto length = strlen(sz); ANALYSIS SUMMARY: Hits = 55 Lines analyzed = 20320 in approximately 0.57 seconds (35373 lines/second) Physical Source Lines of Code (SLOC) = 16426 Hits@level = [0] 0 [1] 1 [2] 45 [3] 1 [4] 8 [5] 0 Hits@level+ = [0+] 55 [1+] 55 [2+] 54 [3+] 9 [4+] 8 [5+] 0 Hits/KSLOC@level+ = [0+] 3.34835 [1+] 3.34835 [2+] 3.28747 [3+] 0.547912 [4+] 0.487033 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.