Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xplot-1.19/src/plot.h
Examining data/xplot-1.19/src/xplot.c
Examining data/xplot-1.19/src/usage.c
Examining data/xplot-1.19/src/readfile.c
Examining data/xplot-1.19/src/error.c
Examining data/xplot-1.19/src/fgetline.c
Examining data/xplot-1.19/src/redraw.c
Examining data/xplot-1.19/src/warning.c
Examining data/xplot-1.19/src/setrange.c
Examining data/xplot-1.19/src/guessy.c
Examining data/xplot-1.19/src/boundaries.c
Examining data/xplot-1.19/src/setlinetype.c
Examining data/xplot-1.19/src/forms.c
Examining data/xplot-1.19/src/activatesets.c
Examining data/xplot-1.19/src/activatordone.c
Examining data/xplot-1.19/src/doblowup.c
Examining data/xplot-1.19/src/setactive.c
Examining data/xplot-1.19/src/quit.c
Examining data/xplot-1.19/src/dohelp.c
Examining data/xplot-1.19/src/quitblowup.c
Examining data/xplot-1.19/src/setautoredraw.c
Examining data/xplot-1.19/src/checkranges.c
Examining data/xplot-1.19/src/setboundary.c
Examining data/xplot-1.19/src/setinputstrings.c
Examining data/xplot-1.19/src/helpdone.c
Examining data/xplot-1.19/src/settitle.c
Examining data/xplot-1.19/src/showform.c
Examining data/xplot-1.19/src/redrawplots.c
Examining data/xplot-1.19/src/xplot.h
Examining data/xplot-1.19/src/plot.c
Examining data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c
Examining data/xplot-1.19/libfli/lib/helpbrowser/fliloadhelpbrowser.c
Examining data/xplot-1.19/libfli/lib/helpbrowser/fliparsehelpfile.c
Examining data/xplot-1.19/libfli/lib/helpbrowser/fliterminatehelpbrowser.c
Examining data/xplot-1.19/libfli/lib/colorlookup/flilookupcolor.c
Examining data/xplot-1.19/libfli/lib/colormapping/flimapnextcolor.c
Examining data/xplot-1.19/libfli/lib/geometry/fliparsegeometry.c
Examining data/xplot-1.19/libfli/lib/geometry/fliapplygeometry.c
Examining data/xplot-1.19/libfli/lib/fli.h
FINAL RESULTS:
data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c:24:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, fl_get_browser_line (ob, fl_get_browser (ob)));
data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c:28:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (buf, "%*[^[][%s]", selection) < 1)
data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c:39:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (selection, cp);
data/xplot-1.19/libfli/lib/helpbrowser/fliparsehelpfile.c:34:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (entry, entry + 1);
data/xplot-1.19/libfli/lib/helpbrowser/fliparsehelpfile.c:59:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, one);
data/xplot-1.19/src/error.c:41:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (fmt, args);
data/xplot-1.19/src/readfile.c:84:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
res = sscanf (buf, formatstring, &curx, &cury);
data/xplot-1.19/src/readfile.c:141:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buf, "@C%d[+] %s", dest->color, name);
data/xplot-1.19/src/redraw.c:101:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (oldtitlestring, titlestring);
data/xplot-1.19/src/setactive.c:46:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, line);
data/xplot-1.19/src/warning.c:41:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (fmt, args);
data/xplot-1.19/src/xplot.c:68:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (titlestring, argv [2]);
data/xplot-1.19/src/xplot.c:77:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (formatstring, argv [2]);
data/xplot-1.19/libfli/lib/colorlookup/flilookupcolor.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/libfli/lib/colorlookup/flilookupcolor.c:21:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (! (f = fopen (FLI_RGB_DATABASE, "r")) )
data/xplot-1.19/libfli/lib/geometry/fliparsegeometry.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/libfli/lib/helpbrowser/fliloadhelpbrowser.c:23:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (! (f = fopen (fname, "r")) )
data/xplot-1.19/libfli/lib/helpbrowser/fliparsehelpfile.c:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/libfli/lib/helpbrowser/fliparsehelpfile.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/src/doblowup.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/src/doblowup.c:62:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (title, "XPlot blowup %d", nblowups);
data/xplot-1.19/src/readfile.c:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/src/readfile.c:58:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (formatstring, "%f %f ");
data/xplot-1.19/src/redraw.c:41:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char
data/xplot-1.19/src/setactive.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/src/setinputstrings.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/src/setinputstrings.c:38:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%g", curminx);
data/xplot-1.19/src/setinputstrings.c:40:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%g", curmaxx);
data/xplot-1.19/src/setinputstrings.c:42:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%g", curminy);
data/xplot-1.19/src/setinputstrings.c:44:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%g", curmaxy);
data/xplot-1.19/src/xplot.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char
data/xplot-1.19/src/xplot.c:139:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (! (f = fopen (argv [i], "r")) )
data/xplot-1.19/libfli/lib/colorlookup/flilookupcolor.c:44:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (! strncmp (col, cp, strlen (col)) )
data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c:42:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (selection, "]");
data/xplot-1.19/libfli/lib/helpbrowser/flihelpbrowsercb.c:62:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (! strncmp (buf + 1, selection, strlen (selection)))
data/xplot-1.19/src/settitle.c:36:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (titlestring, fl_get_input (ob), 255);
ANALYSIS SUMMARY:
Hits = 37
Lines analyzed = 2505 in approximately 0.10 seconds (26011 lines/second)
Physical Source Lines of Code (SLOC) = 1264
Hits@level = [0] 14 [1] 4 [2] 20 [3] 0 [4] 13 [5] 0
Hits@level+ = [0+] 51 [1+] 37 [2+] 33 [3+] 13 [4+] 13 [5+] 0
Hits/KSLOC@level+ = [0+] 40.3481 [1+] 29.2722 [2+] 26.1076 [3+] 10.2848 [4+] 10.2848 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.