Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/attr-2.4.48/tools/attr.c
Examining data/attr-2.4.48/tools/setfattr.c
Examining data/attr-2.4.48/tools/getfattr.c
Examining data/attr-2.4.48/include/libattr.h
Examining data/attr-2.4.48/include/nls.h
Examining data/attr-2.4.48/include/attributes.h
Examining data/attr-2.4.48/include/error_context.h
Examining data/attr-2.4.48/include/misc.h
Examining data/attr-2.4.48/include/walk_tree.h
Examining data/attr-2.4.48/include/xattr.h
Examining data/attr-2.4.48/libattr/attr_copy_action.c
Examining data/attr-2.4.48/libattr/attr_copy_file.c
Examining data/attr-2.4.48/libattr/libattr.h
Examining data/attr-2.4.48/libattr/attr_copy_check.c
Examining data/attr-2.4.48/libattr/attr_copy_fd.c
Examining data/attr-2.4.48/libattr/syscalls.c
Examining data/attr-2.4.48/libattr/libattr.c
Examining data/attr-2.4.48/examples/copyattr.c
Examining data/attr-2.4.48/libmisc/unquote.c
Examining data/attr-2.4.48/libmisc/walk_tree.c
Examining data/attr-2.4.48/libmisc/next_line.c
Examining data/attr-2.4.48/libmisc/high_water_alloc.c
Examining data/attr-2.4.48/libmisc/quote.c
FINAL RESULTS:
data/attr-2.4.48/examples/copyattr.c:59:6: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (vfprintf(stderr, fmt, ap))
data/attr-2.4.48/libattr/libattr.c:60:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, xfsroot_name);
data/attr-2.4.48/libattr/libattr.c:62:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, trusted_name);
data/attr-2.4.48/libattr/libattr.c:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, secure_name);
data/attr-2.4.48/libattr/libattr.c:66:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, user_name);
data/attr-2.4.48/libattr/libattr.c:68:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, irixname);
data/attr-2.4.48/libattr/libattr.c:104:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, linuxname + length);
data/attr-2.4.48/libmisc/walk_tree.c:183:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path_end, entry->d_name);
data/attr-2.4.48/libmisc/walk_tree.c:231:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path_copy, path);
data/attr-2.4.48/tools/setfattr.c:148:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, l);
data/attr-2.4.48/tools/attr.c:82:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "s:V:g:r:lqLRS")) != EOF) {
data/attr-2.4.48/tools/getfattr.c:408:16: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, CMD_LINE_OPTIONS,
data/attr-2.4.48/tools/setfattr.c:205:16: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, CMD_LINE_OPTIONS,
data/attr-2.4.48/include/attributes.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_name[1]; /* attr name (NULL terminated) */
data/attr-2.4.48/include/attributes.h:88:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
&((char *)buffer)[ ((attrlist_t *)(buffer))->al_offset[index] ])
data/attr-2.4.48/libattr/attr_copy_action.c:68:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(ATTR_CONF, "r")) == NULL) {
data/attr-2.4.48/libattr/libattr.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[MAXLISTLEN+1];
data/attr-2.4.48/libattr/libattr.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libattr/libattr.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[MAXLISTLEN+1];
data/attr-2.4.48/libattr/libattr.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXNAMELEN+16];
data/attr-2.4.48/libmisc/walk_tree.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_copy[FILENAME_MAX];
data/attr-2.4.48/tools/setfattr.c:112:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "r");
data/attr-2.4.48/libattr/libattr.c:54:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(irixname) >= MAXNAMELEN) {
data/attr-2.4.48/libattr/libattr.c:77:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(user_name);
data/attr-2.4.48/libattr/libattr.c:82:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(secure_name);
data/attr-2.4.48/libattr/libattr.c:87:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(trusted_name);
data/attr-2.4.48/libattr/libattr.c:92:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(xfsroot_name);
data/attr-2.4.48/libattr/libattr.c:269:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = roundup(strlen(name) + 1 + sizeof(aentp->a_valuelen), 8);
data/attr-2.4.48/libattr/libattr.c:279:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(aentp->a_name, name, size - sizeof(aentp->a_valuelen));
data/attr-2.4.48/libmisc/walk_tree.c:175:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((path_end - path) + strlen(entry->d_name) + 1 >=
data/attr-2.4.48/libmisc/walk_tree.c:227:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) >= FILENAME_MAX) {
data/attr-2.4.48/tools/attr.c:173:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attrlength = strlen(attrvalue);
data/attr-2.4.48/tools/setfattr.c:143:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (high_water_alloc((void **)&path, &path_size, strlen(l)+1)) {
data/attr-2.4.48/tools/setfattr.c:277:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(value);
ANALYSIS SUMMARY:
Hits = 40
Lines analyzed = 3362 in approximately 0.12 seconds (27338 lines/second)
Physical Source Lines of Code (SLOC) = 2406
Hits@level = [0] 59 [1] 12 [2] 15 [3] 3 [4] 10 [5] 0
Hits@level+ = [0+] 99 [1+] 40 [2+] 28 [3+] 13 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 41.1471 [1+] 16.6251 [2+] 11.6376 [3+] 5.40316 [4+] 4.15628 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.