Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/xnecview-1.37/postscript.c Examining data/xnecview-1.37/parse_output.c Examining data/xnecview-1.37/xnecview.h Examining data/xnecview-1.37/parse_input.c Examining data/xnecview-1.37/draw_opaque.c Examining data/xnecview-1.37/draw.c Examining data/xnecview-1.37/xwin.c Examining data/xnecview-1.37/config.h Examining data/xnecview-1.37/xnecview.c Examining data/xnecview-1.37/freqplot.c FINAL RESULTS: data/xnecview-1.37/draw_opaque.c:142:23: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define PRINTF(a) printf a /**/ data/xnecview-1.37/xnecview.c:350:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ar,s); data/xnecview-1.37/xwin.c:986:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s,inputfilename); data/xnecview-1.37/xwin.c:989:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,ext); data/xnecview-1.37/xnecview.c:274:11: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(myargc, myargv, "-h", longopts, NULL); data/xnecview-1.37/draw.c:101:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[20]; data/xnecview-1.37/draw.c:112:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%i",wi->itg); data/xnecview-1.37/draw.c:690:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char labels[numGS][6][4]= data/xnecview-1.37/draw.c:840:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[100]; data/xnecview-1.37/draw.c:876:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"f = %g MHz maxgain = %g dBi vgain = %g dBi", data/xnecview-1.37/draw.c:879:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"f = %g MHz", neco[rp_index].f); data/xnecview-1.37/freqplot.c:263:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[20]; data/xnecview-1.37/freqplot.c:271:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%g",f); data/xnecview-1.37/freqplot.c:276:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s," MHz"); data/xnecview-1.37/freqplot.c:285:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[20]; data/xnecview-1.37/freqplot.c:294:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%g ",f); data/xnecview-1.37/freqplot.c:302:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s," %g",f); data/xnecview-1.37/parse_input.c:33:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lastCard[2]; /* type of previous card */ data/xnecview-1.37/parse_input.c:377:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mmat,mat,sizeof(mat)); data/xnecview-1.37/parse_input.c:386:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mmat,mat,sizeof(mat)); data/xnecview-1.37/parse_input.c:395:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mmat,mat,sizeof(mat)); data/xnecview-1.37/parse_input.c:459:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gm[60]; data/xnecview-1.37/parse_input.c:463:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(gm,"GM %i %i 0 0 %g 0 0 0",inc,n-1,360./n); data/xnecview-1.37/parse_input.c:671:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[100]; data/xnecview-1.37/parse_output.c:189:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:308:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:379:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:410:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:425:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cu,cug,sizeof(Currents)); data/xnecview-1.37/parse_output.c:428:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cu->s,cug->s,cu->maxseg*sizeof(*(cu->s))); data/xnecview-1.37/parse_output.c:452:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:494:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:636:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/parse_output.c:718:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[200]; data/xnecview-1.37/postscript.c:112:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). psfile=fopen(filename,"w"); data/xnecview-1.37/xnecview.c:150:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f=fopen(s,"r"); data/xnecview-1.37/xnecview.c:224:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *myargv[Maxopts]; data/xnecview-1.37/xnecview.c:361:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(myargv+optind, av, ac*sizeof(char*)); data/xnecview-1.37/xwin.c:260:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f=fopen(filename,"wb"); data/xnecview-1.37/xwin.c:329:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[32]; data/xnecview-1.37/xwin.c:334:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"phi=%g theta=%g",rint(phi),rint(theta)); data/xnecview-1.37/xwin.c:1016:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[20]; data/xnecview-1.37/xwin.c:1029:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"Z0=%g",r0); data/xnecview-1.37/freqplot.c:275:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l=strlen(s); data/xnecview-1.37/xnecview.c:349:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ar=mymalloc(strlen(s)+1); data/xnecview-1.37/xnecview.c:352:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). av=mymalloc((1+strlen(s))*sizeof(char*)); data/xnecview-1.37/xwin.c:985:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s=mymalloc(strlen(inputfilename)+8); data/xnecview-1.37/xwin.c:988:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!p) p=s+strlen(s); ANALYSIS SUMMARY: Hits = 48 Lines analyzed = 7028 in approximately 0.23 seconds (30203 lines/second) Physical Source Lines of Code (SLOC) = 5550 Hits@level = [0] 143 [1] 5 [2] 38 [3] 1 [4] 4 [5] 0 Hits@level+ = [0+] 191 [1+] 48 [2+] 43 [3+] 5 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 34.4144 [1+] 8.64865 [2+] 7.74775 [3+] 0.900901 [4+] 0.720721 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.