Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/drm-info-2.2.0/drm_info.h
Examining data/drm-info-2.2.0/json.c
Examining data/drm-info-2.2.0/main.c
Examining data/drm-info-2.2.0/pretty.c
Examining data/drm-info-2.2.0/tables.h
FINAL RESULTS:
data/drm-info-2.2.0/json.c:58:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int len = snprintf(buf, sizeof(buf), "%" PRIu64, u);
data/drm-info-2.2.0/pretty.c:57:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_VAL "Driver: %s (%s) version %d.%d.%d (%s)\n", name, desc,
data/drm-info-2.2.0/pretty.c:65:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE L_VAL "DRM_CLIENT_CAP_%s %s\n", iter.key,
data/drm-info-2.2.0/pretty.c:71:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(!iter.entry->next ? L_LINE L_LAST : L_LINE L_VAL);
data/drm-info-2.2.0/pretty.c:97:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_VAL "Device: %s", bustype_str(bus_type));
data/drm-info-2.2.0/pretty.c:312:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("%s" L_LAST, prefix);
data/drm-info-2.2.0/pretty.c:604:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_VAL "Connectors\n");
data/drm-info-2.2.0/pretty.c:619:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%sConnector %zu\n", last ? L_LAST : L_VAL, i);
data/drm-info-2.2.0/pretty.c:621:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Object ID: %"PRIu32"\n",
data/drm-info-2.2.0/pretty.c:623:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Type: %s\n", last ? L_GAP : L_LINE,
data/drm-info-2.2.0/pretty.c:625:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Status: %s\n", last ? L_GAP : L_LINE,
data/drm-info-2.2.0/pretty.c:628:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Physical size: %"PRIu32"x%"PRIu32" mm\n",
data/drm-info-2.2.0/pretty.c:630:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Subpixel: %s\n", last ? L_GAP : L_LINE,
data/drm-info-2.2.0/pretty.c:635:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Encoders: {", last ? L_GAP : L_LINE);
data/drm-info-2.2.0/pretty.c:674:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("%s%"PRIu32, first ? "" : ", ", i);
data/drm-info-2.2.0/pretty.c:682:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_VAL "Encoders\n");
data/drm-info-2.2.0/pretty.c:692:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%sEncoder %zu\n", last ? L_LAST : L_VAL, i);
data/drm-info-2.2.0/pretty.c:694:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Object ID: %"PRIu32"\n",
data/drm-info-2.2.0/pretty.c:696:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Type: %s\n", last ? L_GAP : L_LINE,
data/drm-info-2.2.0/pretty.c:699:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "CRTCS: ", last ? L_GAP : L_LINE);
data/drm-info-2.2.0/pretty.c:703:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_LAST "Clones: ", last ? L_GAP : L_LINE);
data/drm-info-2.2.0/pretty.c:711:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_VAL "CRTCs\n");
data/drm-info-2.2.0/pretty.c:719:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%sCRTC %zu\n", last ? L_LAST : L_VAL, i);
data/drm-info-2.2.0/pretty.c:721:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Object ID: %"PRIu32"\n",
data/drm-info-2.2.0/pretty.c:726:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE "%s" L_VAL "Mode: ", last ? L_GAP : L_LINE);
data/drm-info-2.2.0/pretty.c:737:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LAST "Planes\n");
data/drm-info-2.2.0/pretty.c:747:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_GAP "%sPlane %zu\n", last ? L_LAST : L_VAL, i);
data/drm-info-2.2.0/pretty.c:749:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_GAP "%s" L_VAL "Object ID: %"PRIu32"\n",
data/drm-info-2.2.0/pretty.c:751:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_GAP "%s" L_VAL "CRTCs: ", last ? L_GAP : L_LINE);
data/drm-info-2.2.0/pretty.c:755:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_GAP "%s" L_VAL "Formats:\n", last ? L_GAP : L_LINE);
data/drm-info-2.2.0/pretty.c:761:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_GAP "%s" L_LINE "%s%s (0x%08"PRIx32")\n", last ? L_GAP : L_LINE,
data/drm-info-2.2.0/pretty.c:776:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_VAL "Framebuffer size\n");
data/drm-info-2.2.0/pretty.c:778:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE L_VAL "Width: [%"PRIu64", %"PRIu64"]\n",
data/drm-info-2.2.0/pretty.c:781:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(L_LINE L_LAST "Height: [%"PRIu64", %"PRIu64"]\n",
data/drm-info-2.2.0/main.c:17:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "j")) != -1) {
data/drm-info-2.2.0/json.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[21]; // 20 digits + NULL byte
data/drm-info-2.2.0/json.c:647:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path, O_RDONLY);
data/drm-info-2.2.0/pretty.c:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512];
data/drm-info-2.2.0/pretty.c:368:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sub_prefix[strlen(prefix) + 2 * strlen(L_VAL) + 1];
data/drm-info-2.2.0/pretty.c:368:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char sub_prefix[strlen(prefix) + 2 * strlen(L_VAL) + 1];
data/drm-info-2.2.0/pretty.c:368:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char sub_prefix[strlen(prefix) + 2 * strlen(L_VAL) + 1];
ANALYSIS SUMMARY:
Hits = 41
Lines analyzed = 1589 in approximately 0.06 seconds (24818 lines/second)
Physical Source Lines of Code (SLOC) = 1339
Hits@level = [0] 89 [1] 2 [2] 4 [3] 1 [4] 34 [5] 0
Hits@level+ = [0+] 130 [1+] 41 [2+] 39 [3+] 35 [4+] 34 [5+] 0
Hits/KSLOC@level+ = [0+] 97.0874 [1+] 30.6199 [2+] 29.1262 [3+] 26.1389 [4+] 25.3921 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.