Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dis51-0.5/global.c
Examining data/dis51-0.5/global.h
Examining data/dis51-0.5/hexfile.c
Examining data/dis51-0.5/hexfile.h
Examining data/dis51-0.5/main.c
Examining data/dis51-0.5/distypes.h
Examining data/dis51-0.5/pass1.c
Examining data/dis51-0.5/pass1.h
Examining data/dis51-0.5/pass2.h
Examining data/dis51-0.5/pass2.c
FINAL RESULTS:
data/dis51-0.5/pass2.c:191:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name);
data/dis51-0.5/pass2.c:196:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name);
data/dis51-0.5/pass2.c:201:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name);
data/dis51-0.5/pass2.c:207:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], label);
data/dis51-0.5/pass2.c:213:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], label);
data/dis51-0.5/pass2.c:218:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], op1, op2);
data/dis51-0.5/pass2.c:224:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name, name2);
data/dis51-0.5/pass2.c:231:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name2, name);
data/dis51-0.5/pass2.c:237:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name, label);
data/dis51-0.5/pass2.c:243:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name, label);
data/dis51-0.5/pass2.c:249:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], name, label);
data/dis51-0.5/pass2.c:255:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ofile, mnemonic[opcode], label);
data/dis51-0.5/global.c:30:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mnemonic[256][20] = {
data/dis51-0.5/global.c:323:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char op_format[256] = {
data/dis51-0.5/global.c:342:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char sfbitname[128][6] = {
data/dis51-0.5/global.c:377:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char sfrname[128][5] = {
data/dis51-0.5/global.h:33:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char mnemonic[256][20];
data/dis51-0.5/global.h:34:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char op_format[256];
data/dis51-0.5/global.h:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char sfrname[128][5];
data/dis51-0.5/global.h:36:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char sfbitname[128][6];
data/dis51-0.5/hexfile.c:46:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hf->ifile = fopen(filename, "r");
data/dis51-0.5/hexfile.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputbuf[HFINPUTSIZE];
data/dis51-0.5/hexfile.c:287:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cmem+hl->addr, hl->membuf, hl->len);
data/dis51-0.5/pass2.c:49:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "L%04d", lbl[addr]);
data/dis51-0.5/pass2.c:65:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "L%04d", lbl[addr]);
data/dis51-0.5/pass2.c:81:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(label, "L%04d", lbl[addr]);
data/dis51-0.5/pass2.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[6];
data/dis51-0.5/pass2.c:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[6];
data/dis51-0.5/pass2.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[5];
data/dis51-0.5/hexfile.c:172:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bufPtr) != 10+hl->len*2)
data/dis51-0.5/pass2.c:107:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, sfrname[sfr&0x7f], 5);
data/dis51-0.5/pass2.c:120:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, sfbitname[sfbit&0x7f], 6);
ANALYSIS SUMMARY:
Hits = 32
Lines analyzed = 1688 in approximately 0.09 seconds (17894 lines/second)
Physical Source Lines of Code (SLOC) = 910
Hits@level = [0] 43 [1] 3 [2] 17 [3] 0 [4] 12 [5] 0
Hits@level+ = [0+] 75 [1+] 32 [2+] 29 [3+] 12 [4+] 12 [5+] 0
Hits/KSLOC@level+ = [0+] 82.4176 [1+] 35.1648 [2+] 31.8681 [3+] 13.1868 [4+] 13.1868 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.