Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/bibcursed-2.0.0/bibcursed.c FINAL RESULTS: data/bibcursed-2.0.0/bibcursed.c:825:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_string, bibfile); data/bibcursed-2.0.0/bibcursed.c:827:4: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(out_string); data/bibcursed-2.0.0/bibcursed.c:831:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_string, bibfile); data/bibcursed-2.0.0/bibcursed.c:832:4: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(out_string); data/bibcursed-2.0.0/bibcursed.c:884:10: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(str2, str); data/bibcursed-2.0.0/bibcursed.c:931:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_string, bibfile); data/bibcursed-2.0.0/bibcursed.c:933:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(out_string); data/bibcursed-2.0.0/bibcursed.c:936:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_string, bibfile); data/bibcursed-2.0.0/bibcursed.c:937:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(out_string); data/bibcursed-2.0.0/bibcursed.c:1166:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_string, bibfile); data/bibcursed-2.0.0/bibcursed.c:1168:4: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(out_string); data/bibcursed-2.0.0/bibcursed.c:1170:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out_string, bibfile); data/bibcursed-2.0.0/bibcursed.c:1171:4: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(out_string); data/bibcursed-2.0.0/bibcursed.c:1404:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(bibfile, argv[1]); data/bibcursed-2.0.0/bibcursed.c:30:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bibfile[100]; data/bibcursed-2.0.0/bibcursed.c:166:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[100], annote[100], author[100], booktitle[100], chapter[10], crossref[100], edition[100]; data/bibcursed-2.0.0/bibcursed.c:167:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char editor[100], howpublished[100], institution[100], journal[200], key[50], month[15]; data/bibcursed-2.0.0/bibcursed.c:168:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char note[400], number[10], organisation[100], pages[10], publisher[100], school[100], series[100]; data/bibcursed-2.0.0/bibcursed.c:169:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[200], type[100], volume[10], year[5]; data/bibcursed-2.0.0/bibcursed.c:170:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_name[100], out_string[100], str[100], *key_name; data/bibcursed-2.0.0/bibcursed.c:603:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(bibfile,"r"); data/bibcursed-2.0.0/bibcursed.c:611:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("bibcursed_tmp.out","w"); data/bibcursed-2.0.0/bibcursed.c:824:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out_string, "cp "); data/bibcursed-2.0.0/bibcursed.c:826:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(out_string, " bibfile.old"); data/bibcursed-2.0.0/bibcursed.c:830:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out_string, "mv bibcursed_tmp.out "); data/bibcursed-2.0.0/bibcursed.c:853:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_name[100], str[100], str2[100], out_string[100], ch; data/bibcursed-2.0.0/bibcursed.c:866:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(bibfile,"r"); data/bibcursed-2.0.0/bibcursed.c:868:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("bibcursed_tmp.out","w"); data/bibcursed-2.0.0/bibcursed.c:930:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out_string, "cp "); data/bibcursed-2.0.0/bibcursed.c:932:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(out_string, " bibfile.old"); data/bibcursed-2.0.0/bibcursed.c:935:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out_string, "mv bibcursed_tmp.out"); data/bibcursed-2.0.0/bibcursed.c:963:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry_name[100], str[100], ch, lch; data/bibcursed-2.0.0/bibcursed.c:974:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(bibfile, "r"); data/bibcursed-2.0.0/bibcursed.c:1039:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char field_data[200], str[200], out_string[100]; data/bibcursed-2.0.0/bibcursed.c:1110:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(bibfile,"r"); data/bibcursed-2.0.0/bibcursed.c:1113:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("bibcursed_tmp.out","w"); data/bibcursed-2.0.0/bibcursed.c:1165:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out_string, "cp "); data/bibcursed-2.0.0/bibcursed.c:1167:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(out_string, " bibfile.old"); data/bibcursed-2.0.0/bibcursed.c:1169:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out_string, "mv bibcursed_tmp.out "); data/bibcursed-2.0.0/bibcursed.c:1189:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char search_term[100]; data/bibcursed-2.0.0/bibcursed.c:1191:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[100], str2[100]; data/bibcursed-2.0.0/bibcursed.c:1238:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(bibfile, "r"); data/bibcursed-2.0.0/bibcursed.c:1391:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[100]; data/bibcursed-2.0.0/bibcursed.c:1405:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(bibfile, "r"); data/bibcursed-2.0.0/bibcursed.c:889:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(key_name); data/bibcursed-2.0.0/bibcursed.c:1135:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(field_data) > 0) ANALYSIS SUMMARY: Hits = 46 Lines analyzed = 1425 in approximately 0.05 seconds (26161 lines/second) Physical Source Lines of Code (SLOC) = 1264 Hits@level = [0] 84 [1] 2 [2] 30 [3] 0 [4] 14 [5] 0 Hits@level+ = [0+] 130 [1+] 46 [2+] 44 [3+] 14 [4+] 14 [5+] 0 Hits/KSLOC@level+ = [0+] 102.848 [1+] 36.3924 [2+] 34.8101 [3+] 11.0759 [4+] 11.0759 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.