Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cutils-1.6/lib/alist.c
Examining data/cutils-1.6/lib/alist.h
Examining data/cutils-1.6/lib/err.c
Examining data/cutils-1.6/lib/err.h
Examining data/cutils-1.6/lib/htable.c
Examining data/cutils-1.6/lib/htable.h
Examining data/cutils-1.6/lib/xmalloc.c
Examining data/cutils-1.6/lib/xrealloc.c
Examining data/cutils-1.6/lib/xstrdup.c
Examining data/cutils-1.6/src/cdecl/cdecl.c
Examining data/cutils-1.6/src/chilight/chilight.c
Examining data/cutils-1.6/src/chilight/tokens.h
Examining data/cutils-1.6/src/cobfusc/cobfusc.c
Examining data/cutils-1.6/src/cobfusc/keywords.h
Examining data/cutils-1.6/src/cobfusc/tokens.h
Examining data/cutils-1.6/src/cundecl/cundecl.c
Examining data/cutils-1.6/src/cunloop/cunloop.c
Examining data/cutils-1.6/src/cunloop/tokens.h
Examining data/cutils-1.6/src/yyextract/tree.c
Examining data/cutils-1.6/src/yyextract/tree.h
Examining data/cutils-1.6/src/yyextract/yyextract.c
Examining data/cutils-1.6/src/yyref/yyref.c
Examining data/cutils-1.6/version.h
Examining data/cutils-1.6/conf_post.h
FINAL RESULTS:
data/cutils-1.6/lib/err.c:57:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/cutils-1.6/lib/err.c:78:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/cutils-1.6/lib/err.c:99:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/cutils-1.6/lib/err.c:118:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/cutils-1.6/lib/xstrdup.c:12:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(xmalloc(strlen(s) + 1), s);
data/cutils-1.6/src/cobfusc/cobfusc.c:297:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, s);
data/cutils-1.6/src/cobfusc/cobfusc.c:330:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, opt_prefix);
data/cutils-1.6/src/cobfusc/cobfusc.c:333:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, words_table[wordrenum]);
data/cutils-1.6/src/cobfusc/cobfusc.c:336:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, words_table[wordnum++]);
data/cutils-1.6/src/cobfusc/cobfusc.c:342:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%d", opt_prefix, idnum++);
data/cutils-1.6/src/cobfusc/cobfusc.c:392:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(buf,"%s %s", buf1, buf2);
data/cutils-1.6/src/cobfusc/cobfusc.c:714:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, token_buffer);
data/cutils-1.6/src/cobfusc/cobfusc.c:718:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf1, buf);
data/cutils-1.6/src/cobfusc/cobfusc.c:782:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(oname, "%s%s", filename, opt_separate_output);
data/cutils-1.6/src/yyref/yyref.c:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table[i].ident, s);
data/cutils-1.6/src/cdecl/cdecl.c:77:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "o:V")) != -1)
data/cutils-1.6/src/chilight/chilight.c:366:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "f:o:t:w:V")) != -1)
data/cutils-1.6/src/cobfusc/cobfusc.c:832:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "Aabc:def:g:i:mno:p:r:s:tu:Vw:xz:")) != -1)
data/cutils-1.6/src/cobfusc/cobfusc.c:911:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(opt_random_seed);
data/cutils-1.6/src/cundecl/cundecl.c:77:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "o:V")) != -1)
data/cutils-1.6/src/cunloop/cunloop.c:389:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "Vo:p:")) != -1)
data/cutils-1.6/src/yyextract/yyextract.c:421:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "beho:t:yw:V")) != -1)
data/cutils-1.6/src/yyref/yyref.c:152:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "o:V")) != -1)
data/cutils-1.6/src/cdecl/cdecl.c:44:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/cdecl/cdecl.c:82:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/chilight/chilight.c:325:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/chilight/chilight.c:387:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/chilight/chilight.c:394:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_tab_width = atoi(optarg);
data/cutils-1.6/src/cobfusc/cobfusc.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/cutils-1.6/src/cobfusc/cobfusc.c:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255], buf1[255], buf2[255];
data/cutils-1.6/src/cobfusc/cobfusc.c:384:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(fname, "r")) == NULL)
data/cutils-1.6/src/cobfusc/cobfusc.c:421:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/cutils-1.6/src/cobfusc/cobfusc.c:423:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(fname, "r")) == NULL)
data/cutils-1.6/src/cobfusc/cobfusc.c:451:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(%d*%d+%d)", i1, i2, i3);
data/cutils-1.6/src/cobfusc/cobfusc.c:460:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(%d*(%d*%d+%d)+%d)", i1, i4, i5, i6, i3);
data/cutils-1.6/src/cobfusc/cobfusc.c:466:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(%d+%d)", i1, i1 + i2);
data/cutils-1.6/src/cobfusc/cobfusc.c:468:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "(%d+%d)", i1 + i2, i1);
data/cutils-1.6/src/cobfusc/cobfusc.c:481:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[12];
data/cutils-1.6/src/cobfusc/cobfusc.c:535:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf1, "\\%o", *sp++);
data/cutils-1.6/src/cobfusc/cobfusc.c:698:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/cutils-1.6/src/cobfusc/cobfusc.c:699:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((toint = atoi(yytext)) > 0 && toint < 50)
data/cutils-1.6/src/cobfusc/cobfusc.c:778:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/cobfusc/cobfusc.c:781:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oname[255];
data/cutils-1.6/src/cobfusc/cobfusc.c:785:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(oname, "w")) == NULL)
data/cutils-1.6/src/cobfusc/cobfusc.c:830:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_ro_identifier((char *)reserved_identifiers[i]);
data/cutils-1.6/src/cobfusc/cobfusc.c:900:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/cobfusc/cobfusc.c:910:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_random_seed = atoi(optarg);
data/cutils-1.6/src/cobfusc/cobfusc.c:920:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((dump_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/cobfusc/cobfusc.c:927:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((opt_width = atoi(optarg)) < 2)
data/cutils-1.6/src/cundecl/cundecl.c:44:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/cundecl/cundecl.c:82:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/cunloop/cunloop.c:354:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/cunloop/cunloop.c:394:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/yyextract/yyextract.c:360:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/yyextract/yyextract.c:435:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/src/yyextract/yyextract.c:443:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((opt_width_arg = atoi(optarg)) < 10)
data/cutils-1.6/src/yyref/yyref.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ident[MAXCHARS];
data/cutils-1.6/src/yyref/yyref.c:114:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((yyin = fopen(filename, "r")) == NULL)
data/cutils-1.6/src/yyref/yyref.c:157:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_file = fopen(optarg, "w")) == NULL)
data/cutils-1.6/lib/xstrdup.c:12:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strcpy(xmalloc(strlen(s) + 1), s);
data/cutils-1.6/src/chilight/chilight.c:224:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_buf = strlen(s) + 10;
data/cutils-1.6/src/cobfusc/cobfusc.c:130:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = (int)strlen(s);
data/cutils-1.6/src/cobfusc/cobfusc.c:334:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "_");
data/cutils-1.6/src/cobfusc/cobfusc.c:388:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) <= 1)
data/cutils-1.6/src/cobfusc/cobfusc.c:393:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf2) < 1)
data/cutils-1.6/src/cobfusc/cobfusc.c:427:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 1) {
data/cutils-1.6/src/cobfusc/cobfusc.c:428:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/cutils-1.6/src/cobfusc/cobfusc.c:536:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int)strlen(buf1); ++i)
data/cutils-1.6/src/cobfusc/cobfusc.c:712:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *)xmalloc(strlen(token_buffer) * 4 + 1);
data/cutils-1.6/src/cobfusc/cobfusc.c:713:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf1 = (char *)xmalloc(strlen(token_buffer) * 4 + 1);
data/cutils-1.6/src/cobfusc/cobfusc.c:715:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf1[strlen(buf1) - 1] = '\0';
data/cutils-1.6/src/cobfusc/cobfusc.c:717:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf1, "\"");
data/cutils-1.6/src/cobfusc/cobfusc.c:719:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf1, "\"");
data/cutils-1.6/src/yyextract/yyextract.c:129:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ptr->token) + 1 + col >= opt_width_arg) {
data/cutils-1.6/src/yyextract/yyextract.c:140:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col += strlen(ptr->token) + 1;
data/cutils-1.6/src/yyextract/yyextract.c:158:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ptr->token) + 1 + col >= opt_width_arg) {
data/cutils-1.6/src/yyextract/yyextract.c:171:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
col += strlen(ptr->token) + 2;
data/cutils-1.6/src/yyextract/yyextract.c:288:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bnf_output_components(p->assoc, strlen(p->value) + 7);
data/cutils-1.6/src/yyextract/yyextract.c:351:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ebnf_output_components(p->assoc, strlen(p->value) + 7);
data/cutils-1.6/src/yyref/yyref.c:119:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(table[0].ident, "");
ANALYSIS SUMMARY:
Hits = 80
Lines analyzed = 4259 in approximately 0.29 seconds (14651 lines/second)
Physical Source Lines of Code (SLOC) = 3002
Hits@level = [0] 127 [1] 21 [2] 36 [3] 8 [4] 15 [5] 0
Hits@level+ = [0+] 207 [1+] 80 [2+] 59 [3+] 23 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 68.954 [1+] 26.6489 [2+] 19.6536 [3+] 7.66156 [4+] 4.99667 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.