Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c
Examining data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c
Examining data/xsynth-dssi-0.9.4/src/xsynth_voice_render-original.c
Examining data/xsynth-dssi-0.9.4/src/gui_data.h
Examining data/xsynth-dssi-0.9.4/src/gui_friendly_patches.c
Examining data/xsynth-dssi-0.9.4/src/minblep_tables.c
Examining data/xsynth-dssi-0.9.4/src/xsynth-dssi.c
Examining data/xsynth-dssi-0.9.4/src/xsynth.h
Examining data/xsynth-dssi-0.9.4/src/xsynth_data.c
Examining data/xsynth-dssi-0.9.4/src/xsynth_ports.c
Examining data/xsynth-dssi-0.9.4/src/xsynth_ports.h
Examining data/xsynth-dssi-0.9.4/src/xsynth_synth.c
Examining data/xsynth-dssi-0.9.4/src/xsynth_synth.h
Examining data/xsynth-dssi-0.9.4/src/xsynth_types.h
Examining data/xsynth-dssi-0.9.4/src/xsynth_voice.c
Examining data/xsynth-dssi-0.9.4/src/xsynth_voice.h
Examining data/xsynth-dssi-0.9.4/src/xsynth_voice_blosc.h
Examining data/xsynth-dssi-0.9.4/src/xsynth_voice_render.c
Examining data/xsynth-dssi-0.9.4/src/gui_callbacks.c
Examining data/xsynth-dssi-0.9.4/src/gui_callbacks.h
Examining data/xsynth-dssi-0.9.4/src/gui_data.c
Examining data/xsynth-dssi-0.9.4/src/gui_images.c
Examining data/xsynth-dssi-0.9.4/src/gui_images.h
Examining data/xsynth-dssi-0.9.4/src/gui_interface.c
Examining data/xsynth-dssi-0.9.4/src/gui_interface.h
Examining data/xsynth-dssi-0.9.4/src/gui_main.c
Examining data/xsynth-dssi-0.9.4/src/gui_main.h
Examining data/xsynth-dssi-0.9.4/src/gtkknob.c
Examining data/xsynth-dssi-0.9.4/src/gtkknob.h
FINAL RESULTS:
data/xsynth-dssi-0.9.4/src/gui_interface.c:1387:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s - Load Patch Bank", tag);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1425:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s - Save Patch Bank", tag);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1466:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s Notice", tag);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1539:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s Load Position", tag);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1659:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s Save Range", tag);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1820:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s Edit Save Position", tag);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1933:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tag, instance_tag);
data/xsynth-dssi-0.9.4/src/xsynth-dssi.c:254:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, 256, fmt, args);
data/xsynth-dssi-0.9.4/src/xsynth.h:48:62: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define XDB_MESSAGE(type, fmt...) { if (XSYNTH_DEBUG & type) fprintf(stderr, "xsynth-dssi.so" fmt); }
data/xsynth-dssi-0.9.4/src/xsynth.h:49:62: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define GDB_MESSAGE(type, fmt...) { if (XSYNTH_DEBUG & type) fprintf(stderr, "Xsynth_gtk" fmt); }
data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], buf2[90];
data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(patch, &tmp, sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:255:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fh = fopen(filename, "rb")) == NULL) {
data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[4];
data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:94:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xsynth_patch->name, "imported patch");
data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:241:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8192];
data/xsynth-dssi-0.9.4/extra/dump_old_xsynth_patch.c:246:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = fopen(argv[1], "rb");
data/xsynth-dssi-0.9.4/src/gtkknob.c:828:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, cl->data + cl->offset, l);
data/xsynth-dssi-0.9.4/src/gtkknob.c:1167:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char knob_c_png[1082] =
data/xsynth-dssi-0.9.4/src/gtkknob.c:1212:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char knob_i_png[819] =
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:85:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX];
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:445:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char midi[4];
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:530:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4];
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:567:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4];
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:862:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int poly = atoi(value);
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:930:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int range = atoi(value);
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:948:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[4], name[31];
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:949:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *data[2] = { number, name };
data/xsynth-dssi-0.9.4/src/gui_data.c:52:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { unsigned char c[4]; float f; } u;
data/xsynth-dssi-0.9.4/src/gui_data.c:97:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xsynth_patch->name, "imported patch");
data/xsynth-dssi-0.9.4/src/gui_data.c:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/xsynth-dssi-0.9.4/src/gui_data.c:282:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fh = fopen(filename, "wb")) == NULL) {
data/xsynth-dssi-0.9.4/src/gui_data.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/xsynth-dssi-0.9.4/src/gui_data.c:331:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fh = fopen(filename, "rb")) == NULL) {
data/xsynth-dssi-0.9.4/src/gui_data.c:371:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(patches, xsynth_friendly_patches, xsynth_friendly_patch_count * sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/src/gui_data.c:374:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&patches[i], &xsynth_init_voice, sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/src/gui_data.c:393:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*ep, "%%%02x", patch->name[i]);
data/xsynth-dssi-0.9.4/src/gui_data.c:433:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[9];
data/xsynth-dssi-0.9.4/src/gui_data.c:437:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ep, "Xp0 ");
data/xsynth-dssi-0.9.4/src/gui_data.c:451:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ep, "end");
data/xsynth-dssi-0.9.4/src/gui_images.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char **waveform_xpms[7] = {
data/xsynth-dssi-0.9.4/src/gui_interface.c:1923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[50];
data/xsynth-dssi-0.9.4/src/gui_interface.c:1927:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tag, "Xsynth-DSSI");
data/xsynth-dssi-0.9.4/src/gui_main.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/xsynth-dssi-0.9.4/src/gui_main.c:284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *test_argv[5] = { NULL, NULL, "-", "-", "Xsynth-DSSI" };
data/xsynth-dssi-0.9.4/src/xsynth-dssi.c:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/xsynth-dssi-0.9.4/src/xsynth_data.c:438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], buf2[90];
data/xsynth-dssi-0.9.4/src/xsynth_data.c:535:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(patch, &tmp, sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/src/xsynth_data.c:614:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(patches, tmp, 32 * sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/src/xsynth_synth.c:462:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(synth->patches, xsynth_friendly_patches, xsynth_friendly_patch_count * sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/src/xsynth_synth.c:465:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&synth->patches[i], &xsynth_init_voice, sizeof(xsynth_patch_t));
data/xsynth-dssi-0.9.4/src/xsynth_synth.c:558:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int polyphony = atoi(value);
data/xsynth-dssi-0.9.4/src/xsynth_synth.c:617:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int range = atoi(value);
data/xsynth-dssi-0.9.4/src/xsynth_synth.h:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char held_keys[8]; /* for monophonic key tracking, an array of note-ons, most recently received first */
data/xsynth-dssi-0.9.4/src/xsynth_synth.h:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key_pressure[128];
data/xsynth-dssi-0.9.4/src/xsynth_synth.h:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cc[128]; /* controller values */
data/xsynth-dssi-0.9.4/src/xsynth_voice.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[31];
data/xsynth-dssi-0.9.4/src/xsynth_voice_render.c:606:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(voice->osc_audio, voice->osc_audio + osc_index,
data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:153:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, " name %90s", buf2) != 1) return 0;
data/xsynth-dssi-0.9.4/extra/dump_friendly_patches.c:235:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, " xsynth-dssi patch %3s", buf2) != 1) return 0;
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:83:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (project_directory && strlen(project_directory)) {
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:84:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (project_directory[strlen(project_directory) - 1] != '/') {
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:828:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(patch->name, gtk_entry_get_text(GTK_ENTRY(name_entry)), 30);
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:831:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(patch->name);
data/xsynth-dssi-0.9.4/src/gui_callbacks.c:958:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, patches[i].name, 31);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1386:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title = (char *)malloc(strlen(tag) + 19);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1424:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title = (char *)malloc(strlen(tag) + 19);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1465:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title = (char *)malloc(strlen(tag) + 8);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1538:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title = (char *)malloc(strlen(tag) + 15);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1658:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title = (char *)malloc(strlen(tag) + 12);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1819:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
title = (char *)malloc(strlen(tag) + 20);
data/xsynth-dssi-0.9.4/src/gui_interface.c:1926:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(instance_tag) == 0) {
data/xsynth-dssi-0.9.4/src/gui_interface.c:1930:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(instance_tag) > 49) {
data/xsynth-dssi-0.9.4/src/gui_interface.c:1931:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(tag, 50, "...%s", instance_tag + strlen(instance_tag) - 46); /* hope the unique info is at the end */
data/xsynth-dssi-0.9.4/src/gui_interface.c:1936:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(instance_tag) > 37) {
data/xsynth-dssi-0.9.4/src/gui_interface.c:1937:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(tag, 50, "Xsynth-DSSI ...%s", instance_tag + strlen(instance_tag) - 34);
data/xsynth-dssi-0.9.4/src/gui_main.c:158:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 8 && !strncmp(key, "patches", 7) &&
data/xsynth-dssi-0.9.4/src/gui_main.c:343:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
osc_self_url = osc_build_path(tmp_url, (strlen(path) > 1 ? path + 1 : path));
data/xsynth-dssi-0.9.4/src/xsynth-dssi.c:269:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 8 && !strncmp(key, "patches", 7)) {
data/xsynth-dssi-0.9.4/src/xsynth_data.c:297:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int dplen = strlen(lc->decimal_point);
data/xsynth-dssi-0.9.4/src/xsynth_data.c:450:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, " name %90s", buf2) != 1) return 0;
data/xsynth-dssi-0.9.4/src/xsynth_data.c:532:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, " xsynth-dssi patch %3s", buf2) != 1) return 0;
ANALYSIS SUMMARY:
Hits = 83
Lines analyzed = 13161 in approximately 0.63 seconds (20781 lines/second)
Physical Source Lines of Code (SLOC) = 10117
Hits@level = [0] 89 [1] 24 [2] 49 [3] 0 [4] 10 [5] 0
Hits@level+ = [0+] 172 [1+] 83 [2+] 59 [3+] 10 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 17.0011 [1+] 8.20401 [2+] 5.83177 [3+] 0.988435 [4+] 0.988435 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.