./flawfinder test.c
Flawfinder version 0.16, (C) 2001 David A. Wheeler.
Number of dangerous functions in C ruleset: 54
Processing file test.c
test.c:29 [5] (buffer) gets: does not check for buffer overflows. Use fgets() instead. 
test.c:14 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. 
test.c:17 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. 
test.c:18 [4] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. 
test.c:19 [4] (format) sprintf: Potential format string problem. Make Format string constant. 
test.c:20 [4] (format) printf: if format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification. 
test.c:22 [4] (buffer) scanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function. 
test.c:24 [4] (buffer) scanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function. 
test.c:13 [2] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant string.
test.c:16 [2] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length.
test.c:12 [1] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy. Risk is low because the source is a constant character.
test.c:15 [1] (buffer) sprintf: does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source is a constant character.
test.c:23 [1] (buffer) scanf: the scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function. Only low-risk scanf formats detected.
Number of hits = 13
There are probably other security vulnerabilities as well; review your code!
