Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ftpgrab-0.1.5/fgpickregexpsync.h
Examining data/ftpgrab-0.1.5/fgfilegrab.h
Examining data/ftpgrab-0.1.5/fgactioni.h
Examining data/ftpgrab-0.1.5/fgcharcomp.cc
Examining data/ftpgrab-0.1.5/fglogger.cc
Examining data/ftpgrab-0.1.5/fgfilelist.cc
Examining data/ftpgrab-0.1.5/fgmrank.h
Examining data/ftpgrab-0.1.5/fglogger.h
Examining data/ftpgrab-0.1.5/fgfshelp.h
Examining data/ftpgrab-0.1.5/fgdyymmddcomp.h
Examining data/ftpgrab-0.1.5/fgpickall.h
Examining data/ftpgrab-0.1.5/fgftpcon.cc
Examining data/ftpgrab-0.1.5/fgpickbest.cc
Examining data/ftpgrab-0.1.5/fgscomp.h
Examining data/ftpgrab-0.1.5/fgfpicki.cc
Examining data/ftpgrab-0.1.5/fgicomp.h
Examining data/ftpgrab-0.1.5/fgdelaction.cc
Examining data/ftpgrab-0.1.5/fgdlaction.h
Examining data/ftpgrab-0.1.5/fgglob.h
Examining data/ftpgrab-0.1.5/fgalist.h
Examining data/ftpgrab-0.1.5/fgpickall.cc
Examining data/ftpgrab-0.1.5/fgfshelp.cc
Examining data/ftpgrab-0.1.5/fgpickregexpsync.cc
Examining data/ftpgrab-0.1.5/fgpickallrecurse.h
Examining data/ftpgrab-0.1.5/fgstring.h
Examining data/ftpgrab-0.1.5/fgexc.cc
Examining data/ftpgrab-0.1.5/fgftpcon.h
Examining data/ftpgrab-0.1.5/fgicomp.cc
Examining data/ftpgrab-0.1.5/fgconi.cc
Examining data/ftpgrab-0.1.5/fgscomp.cc
Examining data/ftpgrab-0.1.5/fghttpcon.h
Examining data/ftpgrab-0.1.5/fgpickregexp.cc
Examining data/ftpgrab-0.1.5/fgfileinfo.h
Examining data/ftpgrab-0.1.5/fgfileinfo.cc
Examining data/ftpgrab-0.1.5/fgpickallrecurse.cc
Examining data/ftpgrab-0.1.5/fgactioni.cc
Examining data/ftpgrab-0.1.5/fgconi.h
Examining data/ftpgrab-0.1.5/fgdlist.h
Examining data/ftpgrab-0.1.5/fgbdfname.h
Examining data/ftpgrab-0.1.5/fgstring.cc
Examining data/ftpgrab-0.1.5/fgbdfname.cc
Examining data/ftpgrab-0.1.5/fgfilegrab.cc
Examining data/ftpgrab-0.1.5/fgcharcomp.h
Examining data/ftpgrab-0.1.5/fgdelaction.h
Examining data/ftpgrab-0.1.5/fgexc.h
Examining data/ftpgrab-0.1.5/fgpickallsync.cc
Examining data/ftpgrab-0.1.5/fgfilelist.h
Examining data/ftpgrab-0.1.5/fgfpicki.h
Examining data/ftpgrab-0.1.5/fgdlist.cc
Examining data/ftpgrab-0.1.5/fgdyymmddcomp.cc
Examining data/ftpgrab-0.1.5/fgdlaction.cc
Examining data/ftpgrab-0.1.5/fgfncomp.cc
Examining data/ftpgrab-0.1.5/fgpickbest.h
Examining data/ftpgrab-0.1.5/fgmrank.cc
Examining data/ftpgrab-0.1.5/fgfncomp.h
Examining data/ftpgrab-0.1.5/fgpickallsync.h
Examining data/ftpgrab-0.1.5/fgalist.cc
Examining data/ftpgrab-0.1.5/fgpickregexp.h
Examining data/ftpgrab-0.1.5/main.cc
FINAL RESULTS:
data/ftpgrab-0.1.5/fgstring.cc:19:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mpString, other);
data/ftpgrab-0.1.5/fgstring.cc:39:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mpString, other);
data/ftpgrab-0.1.5/fgstring.cc:58:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mpString, pStr);
data/ftpgrab-0.1.5/fgstring.cc:78:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pTmp, mpString);
data/ftpgrab-0.1.5/fgstring.cc:79:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pTmp, other);
data/ftpgrab-0.1.5/fgstring.cc:82:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pTmp, other);
data/ftpgrab-0.1.5/fgstring.cc:94:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pTmp, mpString);
data/ftpgrab-0.1.5/main.cc:58:20: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((option = getopt(argc, argv, "hnvl:r:t:")) != EOF) {
data/ftpgrab-0.1.5/fgdyymmddcomp.cc:47:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int year = atoi(yearStr);
data/ftpgrab-0.1.5/fgdyymmddcomp.cc:56:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yearBuf[3];
data/ftpgrab-0.1.5/fgdyymmddcomp.cc:57:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(yearBuf, "%d", year);
data/ftpgrab-0.1.5/fgdyymmddcomp.cc:64:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*pMatchVal = atoi(theVal);
data/ftpgrab-0.1.5/fgfilegrab.cc:103:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int newRevs = atoi(strNum);
data/ftpgrab-0.1.5/fgfilelist.cc:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intBuf[10];
data/ftpgrab-0.1.5/fgfilelist.cc:96:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intBuf, "%d", mLine);
data/ftpgrab-0.1.5/fgfilelist.cc:105:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* pFile = fopen(configFile, "r");
data/ftpgrab-0.1.5/fgfilelist.cc:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ftpgrab-0.1.5/fgfshelp.cc:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[msTransferBufSize];
data/ftpgrab-0.1.5/fgfshelp.cc:140:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int theFD = open(file, O_CREAT | O_WRONLY,
data/ftpgrab-0.1.5/fgftpcon.cc:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char randomBuf[1024];
data/ftpgrab-0.1.5/fgftpcon.cc:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char miniBuf[4];
data/ftpgrab-0.1.5/fgftpcon.cc:164:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mResponse = atoi(miniBuf);
data/ftpgrab-0.1.5/fgftpcon.cc:195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[2048];
data/ftpgrab-0.1.5/fgftpcon.cc:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ftpgrab-0.1.5/fgftpcon.cc:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileBuf[256];
data/ftpgrab-0.1.5/fgftpcon.cc:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duffBuf[32];
data/ftpgrab-0.1.5/fgftpcon.cc:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perms[20];
data/ftpgrab-0.1.5/fgftpcon.cc:324:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mon[10];
data/ftpgrab-0.1.5/fgftpcon.cc:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time[10];
data/ftpgrab-0.1.5/fgftpcon.h:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mBuf[1024];
data/ftpgrab-0.1.5/fglogger.cc:52:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mpFile = fopen(fileName, "a");
data/ftpgrab-0.1.5/fglogger.cc:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dateBuf[64];
data/ftpgrab-0.1.5/fgstring.cc:194:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(mpString);
data/ftpgrab-0.1.5/main.cc:76:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int threads = atoi(optarg);
data/ftpgrab-0.1.5/fgfshelp.cc:99:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int numRead = read(fromFD, buf, sizeof(buf));
data/ftpgrab-0.1.5/fgftpcon.cc:147:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(mBuf);
data/ftpgrab-0.1.5/fgftpcon.cc:163:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(miniBuf, mBuf, 3);
data/ftpgrab-0.1.5/fgftpcon.cc:198:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int numWrite = strlen(cmdbuf);
data/ftpgrab-0.1.5/fgftpcon.cc:302:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mBuf) == 0) {
data/ftpgrab-0.1.5/fgftpcon.cc:306:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* pEndNul = mBuf + strlen(mBuf);
data/ftpgrab-0.1.5/fgftpcon.cc:326:20: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int numFound = sscanf(mBuf, "%19s %d %31s %31s %d %9s %d %9s %255s",
data/ftpgrab-0.1.5/fgstring.cc:56:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mLength = strlen(pStr);
data/ftpgrab-0.1.5/fgstring.cc:164:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ret.mpString, mpString, num);
data/ftpgrab-0.1.5/fgstring.cc:185:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ret.mpString, mpString + mLength - num, num);
ANALYSIS SUMMARY:
Hits = 44
Lines analyzed = 4223 in approximately 0.10 seconds (43161 lines/second)
Physical Source Lines of Code (SLOC) = 2795
Hits@level = [0] 19 [1] 10 [2] 26 [3] 1 [4] 7 [5] 0
Hits@level+ = [0+] 63 [1+] 44 [2+] 34 [3+] 8 [4+] 7 [5+] 0
Hits/KSLOC@level+ = [0+] 22.5403 [1+] 15.7424 [2+] 12.1646 [3+] 2.86225 [4+] 2.50447 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.