Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/checkpw-1.02/auto_patrn.h
Examining data/checkpw-1.02/x86cpuid.c
Examining data/checkpw-1.02/env.c
Examining data/checkpw-1.02/env.h
Examining data/checkpw-1.02/fmt.h
Examining data/checkpw-1.02/md5.h
Examining data/checkpw-1.02/auto_password.h
Examining data/checkpw-1.02/str.h
Examining data/checkpw-1.02/open_read.c
Examining data/checkpw-1.02/auto_home.h
Examining data/checkpw-1.02/gen_allocdefs.h
Examining data/checkpw-1.02/stralloc.h
Examining data/checkpw-1.02/alloc_re.c
Examining data/checkpw-1.02/trycpp.c
Examining data/checkpw-1.02/openreadclose.c
Examining data/checkpw-1.02/openreadclose.h
Examining data/checkpw-1.02/str_start.c
Examining data/checkpw-1.02/instcheck.c
Examining data/checkpw-1.02/auto_maildir.h
Examining data/checkpw-1.02/open_trunc.c
Examining data/checkpw-1.02/error.c
Examining data/checkpw-1.02/error.h
Examining data/checkpw-1.02/strerr_die.c
Examining data/checkpw-1.02/buffer_get.c
Examining data/checkpw-1.02/fmt_ulong.c
Examining data/checkpw-1.02/buffer_put.c
Examining data/checkpw-1.02/strerr_sys.c
Examining data/checkpw-1.02/stralloc_catb.c
Examining data/checkpw-1.02/stralloc_cats.c
Examining data/checkpw-1.02/global.h
Examining data/checkpw-1.02/buffer_copy.c
Examining data/checkpw-1.02/stralloc_eady.c
Examining data/checkpw-1.02/byte.h
Examining data/checkpw-1.02/exit.h
Examining data/checkpw-1.02/pathexec_env.c
Examining data/checkpw-1.02/hier.c
Examining data/checkpw-1.02/pathexec_run.c
Examining data/checkpw-1.02/substdo.c
Examining data/checkpw-1.02/md5c.c
Examining data/checkpw-1.02/byte_cr.c
Examining data/checkpw-1.02/stralloc_pend.c
Examining data/checkpw-1.02/stralloc_opyb.c
Examining data/checkpw-1.02/stralloc_opys.c
Examining data/checkpw-1.02/open.h
Examining data/checkpw-1.02/prot.c
Examining data/checkpw-1.02/prot.h
Examining data/checkpw-1.02/auto-str.c
Examining data/checkpw-1.02/buffer.c
Examining data/checkpw-1.02/buffer.h
Examining data/checkpw-1.02/scan.h
Examining data/checkpw-1.02/readwrite.h
Examining data/checkpw-1.02/hasshsgr.h
Examining data/checkpw-1.02/readclose.c
Examining data/checkpw-1.02/readclose.h
Examining data/checkpw-1.02/alloc.c
Examining data/checkpw-1.02/alloc.h
Examining data/checkpw-1.02/pathexec.h
Examining data/checkpw-1.02/gen_alloc.h
Examining data/checkpw-1.02/stralloc_cat.c
Examining data/checkpw-1.02/buffer_2.c
Examining data/checkpw-1.02/substdio.h
Examining data/checkpw-1.02/byte_copy.c
Examining data/checkpw-1.02/byte_diff.c
Examining data/checkpw-1.02/auto-int8.c
Examining data/checkpw-1.02/error_str.c
Examining data/checkpw-1.02/strerr.h
Examining data/checkpw-1.02/install.c
Examining data/checkpw-1.02/str_chr.c
Examining data/checkpw-1.02/scan_8long.c
Examining data/checkpw-1.02/str_len.c
Examining data/checkpw-1.02/checkapoppw.c
Examining data/checkpw-1.02/checkpw.c

FINAL RESULTS:

data/checkpw-1.02/install.c:23:7:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
  if (chown(home,uid,gid) == -1)
data/checkpw-1.02/install.c:25:7:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
  if (chmod(home,mode) == -1)
data/checkpw-1.02/install.c:41:7:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
  if (chown(subdir,uid,gid) == -1)
data/checkpw-1.02/install.c:43:7:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
  if (chmod(subdir,mode) == -1)
data/checkpw-1.02/install.c:96:7:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
  if (chown(file,uid,gid) == -1)
data/checkpw-1.02/install.c:98:7:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
  if (chmod(file,mode) == -1)
data/checkpw-1.02/install.c:134:7:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
  if (chown(file,uid,gid) == -1)
data/checkpw-1.02/install.c:136:7:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
  if (chmod(file,mode) == -1)
data/checkpw-1.02/alloc.c:9:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef union { char irrelevant[ALIGNMENT]; double d; } aligned;
data/checkpw-1.02/auto-int8.c:7:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf1[256];
data/checkpw-1.02/auto-int8.c:23:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char strnum[FMT_ULONG];
data/checkpw-1.02/auto-str.c:5:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char bspace[256];
data/checkpw-1.02/auto-str.c:18:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char octal[4];
data/checkpw-1.02/buffer_2.c:4:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buffer_2_space[256];
data/checkpw-1.02/checkapoppw.c:19:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char up[513];
data/checkpw-1.02/checkapoppw.c:52:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char digest[16];
data/checkpw-1.02/checkapoppw.c:53:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char encrypted[16*2+1];
data/checkpw-1.02/checkpw.c:16:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char up[513];
data/checkpw-1.02/install.c:47:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char inbuf[BUFFER_INSIZE];
data/checkpw-1.02/install.c:48:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char outbuf[BUFFER_OUTSIZE];
data/checkpw-1.02/md5.h:30:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buffer[64];                         /* input buffer */
data/checkpw-1.02/md5c.c:56:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char PADDING[64] = {
data/checkpw-1.02/md5c.c:158:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char digest[16];                         /* message digest */
data/checkpw-1.02/md5c.c:161:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char bits[8];
data/checkpw-1.02/md5c.c:187:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char block[64];
data/checkpw-1.02/md5c.c:332:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ((char *)output)[i] = (char)value;
data/checkpw-1.02/open_read.c:6:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
{ return open(fn,O_RDONLY | O_NDELAY); }
data/checkpw-1.02/open_trunc.c:6:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
data/checkpw-1.02/checkapoppw.c:62:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      r = read(3,up + uplen,sizeof(up) - uplen);
data/checkpw-1.02/checkpw.c:51:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      r = read(3,up + uplen,sizeof(up) - uplen);
data/checkpw-1.02/install.c:69:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  buffer_init(&ssin,read,fdin,inbuf,sizeof inbuf);
data/checkpw-1.02/install.c:146:3:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
  umask(077);
data/checkpw-1.02/readclose.c:10:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    r = read(fd,sa->s + sa->len,bufsize);
data/checkpw-1.02/readwrite.h:4:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
extern int read();

ANALYSIS SUMMARY:

Hits = 34
Lines analyzed = 2636 in approximately 0.10 seconds (26688 lines/second)
Physical Source Lines of Code (SLOC) = 2169
Hits@level = [0]   3 [1]   6 [2]  20 [3]   0 [4]   0 [5]   8
Hits@level+ = [0+]  37 [1+]  34 [2+]  28 [3+]   8 [4+]   8 [5+]   8
Hits/KSLOC@level+ = [0+] 17.0586 [1+] 15.6754 [2+] 12.9092 [3+] 3.68834 [4+] 3.68834 [5+] 3.68834
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.