Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ddate-0.2.2/ddate.c FINAL RESULTS: data/ddate-0.2.2/ddate.c:206:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(("%s (%s)\n"), progname, PACKAGE_STRING); data/ddate-0.2.2/ddate.c:230:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr,("usage: %s [+format] [day month year]\n"), argv[0]); data/ddate-0.2.2/ddate.c:277:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(bufptr, ("St. Tib's Day")); data/ddate-0.2.2/ddate.c:289:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case 'e': sprintf(snarf, "%d%s", dt.day+1, ending(dt.day+1)); data/ddate-0.2.2/ddate.c:308:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(bufptr, wibble); bufptr+=strlen(wibble); data/ddate-0.2.2/ddate.c:173:17: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return(strings[random()%num]); data/ddate-0.2.2/ddate.c:198:5: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(time(NULL)); data/ddate-0.2.2/ddate.c:105:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *day_long[5] = { data/ddate-0.2.2/ddate.c:109:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *day_short[5] = {"SM","BT","PD","PP","SO"}; data/ddate-0.2.2/ddate.c:111:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *season_long[5] = { data/ddate-0.2.2/ddate.c:115:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *season_short[5] = {"Chs", "Dsc", "Cfn", "Bcy", "Afm"}; data/ddate-0.2.2/ddate.c:117:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *holyday[5][2] = { data/ddate-0.2.2/ddate.c:190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char schwa[23*17], *fnord=0; data/ddate-0.2.2/ddate.c:215:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int moe=atoi(argv[pi]), larry=atoi(argv[pi+1]), curly=atoi(argv[pi+2]); data/ddate-0.2.2/ddate.c:215:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int moe=atoi(argv[pi]), larry=atoi(argv[pi+1]), curly=atoi(argv[pi+2]); data/ddate-0.2.2/ddate.c:215:56: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int moe=atoi(argv[pi]), larry=atoi(argv[pi+1]), curly=atoi(argv[pi+2]); data/ddate-0.2.2/ddate.c:288:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'd': sprintf(snarf, "%d", dt.day+1); wibble=snarf; break; data/ddate-0.2.2/ddate.c:297:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'Y': sprintf(snarf, "%d", dt.year); wibble=snarf; break; data/ddate-0.2.2/ddate.c:301:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'X': sprintf(snarf, "%d", data/ddate-0.2.2/ddate.c:249:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, fmtlen=strlen(fmt); data/ddate-0.2.2/ddate.c:278:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bufptr += strlen(bufptr); data/ddate-0.2.2/ddate.c:308:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(bufptr, wibble); bufptr+=strlen(wibble); ANALYSIS SUMMARY: Hits = 22 Lines analyzed = 399 in approximately 0.04 seconds (11394 lines/second) Physical Source Lines of Code (SLOC) = 257 Hits@level = [0] 2 [1] 3 [2] 12 [3] 2 [4] 5 [5] 0 Hits@level+ = [0+] 24 [1+] 22 [2+] 19 [3+] 7 [4+] 5 [5+] 0 Hits/KSLOC@level+ = [0+] 93.3852 [1+] 85.6031 [2+] 73.93 [3+] 27.2374 [4+] 19.4553 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.