Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c Examining data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c Examining data/xsynth-dssi-0.9.4/src/xsynth_voice_render-original.c Examining data/xsynth-dssi-0.9.4/src/gui_data.h Examining data/xsynth-dssi-0.9.4/src/gui_friendly_patches.c Examining data/xsynth-dssi-0.9.4/src/minblep_tables.c Examining data/xsynth-dssi-0.9.4/src/xsynth-dssi.c Examining data/xsynth-dssi-0.9.4/src/xsynth.h Examining data/xsynth-dssi-0.9.4/src/xsynth_data.c Examining data/xsynth-dssi-0.9.4/src/xsynth_ports.c Examining data/xsynth-dssi-0.9.4/src/xsynth_ports.h Examining data/xsynth-dssi-0.9.4/src/xsynth_synth.c Examining data/xsynth-dssi-0.9.4/src/xsynth_synth.h Examining data/xsynth-dssi-0.9.4/src/xsynth_types.h Examining data/xsynth-dssi-0.9.4/src/xsynth_voice.c Examining data/xsynth-dssi-0.9.4/src/xsynth_voice.h Examining data/xsynth-dssi-0.9.4/src/xsynth_voice_blosc.h Examining data/xsynth-dssi-0.9.4/src/xsynth_voice_render.c Examining data/xsynth-dssi-0.9.4/src/gui_callbacks.c Examining data/xsynth-dssi-0.9.4/src/gui_callbacks.h Examining data/xsynth-dssi-0.9.4/src/gui_data.c Examining data/xsynth-dssi-0.9.4/src/gui_images.c Examining data/xsynth-dssi-0.9.4/src/gui_images.h Examining data/xsynth-dssi-0.9.4/src/gui_interface.c Examining data/xsynth-dssi-0.9.4/src/gui_interface.h Examining data/xsynth-dssi-0.9.4/src/gui_main.c Examining data/xsynth-dssi-0.9.4/src/gui_main.h Examining data/xsynth-dssi-0.9.4/src/gtkknob.c Examining data/xsynth-dssi-0.9.4/src/gtkknob.h FINAL RESULTS: data/xsynth-dssi-0.9.4/src/gui_interface.c:1387:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "%s - Load Patch Bank", tag); data/xsynth-dssi-0.9.4/src/gui_interface.c:1425:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "%s - Save Patch Bank", tag); data/xsynth-dssi-0.9.4/src/gui_interface.c:1466:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "%s Notice", tag); data/xsynth-dssi-0.9.4/src/gui_interface.c:1539:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "%s Load Position", tag); data/xsynth-dssi-0.9.4/src/gui_interface.c:1659:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "%s Save Range", tag); data/xsynth-dssi-0.9.4/src/gui_interface.c:1820:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title, "%s Edit Save Position", tag); data/xsynth-dssi-0.9.4/src/gui_interface.c:1933:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tag, instance_tag); data/xsynth-dssi-0.9.4/src/xsynth-dssi.c:254:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buffer, 256, fmt, args); data/xsynth-dssi-0.9.4/src/xsynth.h:48:62: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define XDB_MESSAGE(type, fmt...) { if (XSYNTH_DEBUG & type) fprintf(stderr, "xsynth-dssi.so" fmt); } data/xsynth-dssi-0.9.4/src/xsynth.h:49:62: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define GDB_MESSAGE(type, fmt...) { if (XSYNTH_DEBUG & type) fprintf(stderr, "Xsynth_gtk" fmt); } data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[90]; data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:238:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patch, &tmp, sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:255:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = fopen(filename, "rb")) == NULL) { data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:48:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char c[4]; data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:94:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xsynth_patch->name, "imported patch"); data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:241:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[8192]; data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:246:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh = fopen(argv[1], "rb"); data/xsynth-dssi-0.9.4/src/gtkknob.c:828:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, cl->data + cl->offset, l); data/xsynth-dssi-0.9.4/src/gtkknob.c:1167:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char knob_c_png[1082] = data/xsynth-dssi-0.9.4/src/gtkknob.c:1212:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char knob_i_png[819] = data/xsynth-dssi-0.9.4/src/gui_callbacks.c:85:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[PATH_MAX]; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:133:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:445:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char midi[4]; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:530:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4]; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:567:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4]; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:862:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int poly = atoi(value); data/xsynth-dssi-0.9.4/src/gui_callbacks.c:930:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int range = atoi(value); data/xsynth-dssi-0.9.4/src/gui_callbacks.c:948:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char number[4], name[31]; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:949:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *data[2] = { number, name }; data/xsynth-dssi-0.9.4/src/gui_data.c:52:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. union { unsigned char c[4]; float f; } u; data/xsynth-dssi-0.9.4/src/gui_data.c:97:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xsynth_patch->name, "imported patch"); data/xsynth-dssi-0.9.4/src/gui_data.c:278:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[20]; data/xsynth-dssi-0.9.4/src/gui_data.c:282:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = fopen(filename, "wb")) == NULL) { data/xsynth-dssi-0.9.4/src/gui_data.c:327:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[20]; data/xsynth-dssi-0.9.4/src/gui_data.c:331:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fh = fopen(filename, "rb")) == NULL) { data/xsynth-dssi-0.9.4/src/gui_data.c:371:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patches, xsynth_friendly_patches, xsynth_friendly_patch_count * sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/src/gui_data.c:374:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&patches[i], &xsynth_init_voice, sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/src/gui_data.c:393:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(*ep, "%%%02x", patch->name[i]); data/xsynth-dssi-0.9.4/src/gui_data.c:433:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[9]; data/xsynth-dssi-0.9.4/src/gui_data.c:437:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ep, "Xp0 "); data/xsynth-dssi-0.9.4/src/gui_data.c:451:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ep, "end"); data/xsynth-dssi-0.9.4/src/gui_images.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char **waveform_xpms[7] = { data/xsynth-dssi-0.9.4/src/gui_interface.c:1923:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[50]; data/xsynth-dssi-0.9.4/src/gui_interface.c:1927:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tag, "Xsynth-DSSI"); data/xsynth-dssi-0.9.4/src/gui_main.c:71:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/xsynth-dssi-0.9.4/src/gui_main.c:284:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *test_argv[5] = { NULL, NULL, "-", "-", "Xsynth-DSSI" }; data/xsynth-dssi-0.9.4/src/xsynth-dssi.c:251:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/xsynth-dssi-0.9.4/src/xsynth_data.c:438:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], buf2[90]; data/xsynth-dssi-0.9.4/src/xsynth_data.c:535:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patch, &tmp, sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/src/xsynth_data.c:614:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patches, tmp, 32 * sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/src/xsynth_synth.c:462:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(synth->patches, xsynth_friendly_patches, xsynth_friendly_patch_count * sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/src/xsynth_synth.c:465:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&synth->patches[i], &xsynth_init_voice, sizeof(xsynth_patch_t)); data/xsynth-dssi-0.9.4/src/xsynth_synth.c:558:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int polyphony = atoi(value); data/xsynth-dssi-0.9.4/src/xsynth_synth.c:617:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int range = atoi(value); data/xsynth-dssi-0.9.4/src/xsynth_synth.h:65:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. signed char held_keys[8]; /* for monophonic key tracking, an array of note-ons, most recently received first */ data/xsynth-dssi-0.9.4/src/xsynth_synth.h:78:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key_pressure[128]; data/xsynth-dssi-0.9.4/src/xsynth_synth.h:79:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cc[128]; /* controller values */ data/xsynth-dssi-0.9.4/src/xsynth_voice.h:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[31]; data/xsynth-dssi-0.9.4/src/xsynth_voice_render.c:606:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(voice->osc_audio, voice->osc_audio + osc_index, data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:153:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(buf, " name %90s", buf2) != 1) return 0; data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:235:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(buf, " xsynth-dssi patch %3s", buf2) != 1) return 0; data/xsynth-dssi-0.9.4/src/gui_callbacks.c:83:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (project_directory && strlen(project_directory)) { data/xsynth-dssi-0.9.4/src/gui_callbacks.c:84:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (project_directory[strlen(project_directory) - 1] != '/') { data/xsynth-dssi-0.9.4/src/gui_callbacks.c:828:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(patch->name, gtk_entry_get_text(GTK_ENTRY(name_entry)), 30); data/xsynth-dssi-0.9.4/src/gui_callbacks.c:831:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(patch->name); data/xsynth-dssi-0.9.4/src/gui_callbacks.c:958:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(name, patches[i].name, 31); data/xsynth-dssi-0.9.4/src/gui_interface.c:1386:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). title = (char *)malloc(strlen(tag) + 19); data/xsynth-dssi-0.9.4/src/gui_interface.c:1424:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). title = (char *)malloc(strlen(tag) + 19); data/xsynth-dssi-0.9.4/src/gui_interface.c:1465:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). title = (char *)malloc(strlen(tag) + 8); data/xsynth-dssi-0.9.4/src/gui_interface.c:1538:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). title = (char *)malloc(strlen(tag) + 15); data/xsynth-dssi-0.9.4/src/gui_interface.c:1658:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). title = (char *)malloc(strlen(tag) + 12); data/xsynth-dssi-0.9.4/src/gui_interface.c:1819:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). title = (char *)malloc(strlen(tag) + 20); data/xsynth-dssi-0.9.4/src/gui_interface.c:1926:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(instance_tag) == 0) { data/xsynth-dssi-0.9.4/src/gui_interface.c:1930:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(instance_tag) > 49) { data/xsynth-dssi-0.9.4/src/gui_interface.c:1931:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(tag, 50, "...%s", instance_tag + strlen(instance_tag) - 46); /* hope the unique info is at the end */ data/xsynth-dssi-0.9.4/src/gui_interface.c:1936:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(instance_tag) > 37) { data/xsynth-dssi-0.9.4/src/gui_interface.c:1937:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(tag, 50, "Xsynth-DSSI ...%s", instance_tag + strlen(instance_tag) - 34); data/xsynth-dssi-0.9.4/src/gui_main.c:158:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) == 8 && !strncmp(key, "patches", 7) && data/xsynth-dssi-0.9.4/src/gui_main.c:343:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). osc_self_url = osc_build_path(tmp_url, (strlen(path) > 1 ? path + 1 : path)); data/xsynth-dssi-0.9.4/src/xsynth-dssi.c:269:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(key) == 8 && !strncmp(key, "patches", 7)) { data/xsynth-dssi-0.9.4/src/xsynth_data.c:297:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int dplen = strlen(lc->decimal_point); data/xsynth-dssi-0.9.4/src/xsynth_data.c:450:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(buf, " name %90s", buf2) != 1) return 0; data/xsynth-dssi-0.9.4/src/xsynth_data.c:532:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(buf, " xsynth-dssi patch %3s", buf2) != 1) return 0; ANALYSIS SUMMARY: Hits = 83 Lines analyzed = 13161 in approximately 0.63 seconds (20781 lines/second) Physical Source Lines of Code (SLOC) = 10117 Hits@level = [0] 89 [1] 24 [2] 49 [3] 0 [4] 10 [5] 0 Hits@level+ = [0+] 172 [1+] 83 [2+] 59 [3+] 10 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 17.0011 [1+] 8.20401 [2+] 5.83177 [3+] 0.988435 [4+] 0.988435 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.