Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/g-wrap-1.9.15/guile/g-wrap/guile-wct.h Examining data/g-wrap-1.9.15/guile/g-wrap/guile-compatibility.c Examining data/g-wrap-1.9.15/guile/g-wrap/guile-runtime.c Examining data/g-wrap-1.9.15/guile/g-wrap/guile-wct.c Examining data/g-wrap-1.9.15/guile/g-wrap/guile-runtime.h Examining data/g-wrap-1.9.15/guile/g-wrap/guile-compatibility.h Examining data/g-wrap-1.9.15/guile/test/guile-test-c-code.h Examining data/g-wrap-1.9.15/guile/test/guile-test-c-code.c Examining data/g-wrap-1.9.15/guile/examples/miscutils-guile.c Examining data/g-wrap-1.9.15/guile/examples/miscutils.c Examining data/g-wrap-1.9.15/guile/examples/miscutils-guile.h Examining data/g-wrap-1.9.15/guile/examples/miscutils.h Examining data/g-wrap-1.9.15/guile/g-wrap-wct.h Examining data/g-wrap-1.9.15/g-wrap/core-runtime.c Examining data/g-wrap-1.9.15/g-wrap/ffi-support.h Examining data/g-wrap-1.9.15/g-wrap/core-runtime.h Examining data/g-wrap-1.9.15/test/g-wrap-test-c-code.c Examining data/g-wrap-1.9.15/test/g-wrap-test-c-code.h Examining data/g-wrap-1.9.15/lib/asnprintf.c Examining data/g-wrap-1.9.15/lib/stdint_.h Examining data/g-wrap-1.9.15/lib/vasprintf.c Examining data/g-wrap-1.9.15/lib/alloca_.h Examining data/g-wrap-1.9.15/lib/printf-parse.h Examining data/g-wrap-1.9.15/lib/dummy.c Examining data/g-wrap-1.9.15/lib/printf-args.c Examining data/g-wrap-1.9.15/lib/size_max.h Examining data/g-wrap-1.9.15/lib/stdio_.h Examining data/g-wrap-1.9.15/lib/wchar_.h Examining data/g-wrap-1.9.15/lib/asprintf.c Examining data/g-wrap-1.9.15/lib/vasnprintf.c Examining data/g-wrap-1.9.15/lib/printf-parse.c Examining data/g-wrap-1.9.15/lib/xsize.h Examining data/g-wrap-1.9.15/lib/vasnprintf.h Examining data/g-wrap-1.9.15/lib/printf-args.h Examining data/g-wrap-1.9.15/lib/float+.h FINAL RESULTS: data/g-wrap-1.9.15/lib/stdio_.h:43:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define __printf__ printf data/g-wrap-1.9.15/lib/stdio_.h:58:11: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define fprintf rpl_fprintf data/g-wrap-1.9.15/lib/stdio_.h:59:12: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern int fprintf (FILE *fp, const char *format, ...) data/g-wrap-1.9.15/lib/stdio_.h:63:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # undef fprintf data/g-wrap-1.9.15/lib/stdio_.h:64:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define fprintf \ data/g-wrap-1.9.15/lib/stdio_.h:68:6: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf) data/g-wrap-1.9.15/lib/stdio_.h:73:11: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define vfprintf rpl_vfprintf data/g-wrap-1.9.15/lib/stdio_.h:74:12: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern int vfprintf (FILE *fp, const char *format, va_list args) data/g-wrap-1.9.15/lib/stdio_.h:78:9: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # undef vfprintf data/g-wrap-1.9.15/lib/stdio_.h:79:10: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define vfprintf(s,f,a) \ data/g-wrap-1.9.15/lib/stdio_.h:83:6: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (s, f, a)) data/g-wrap-1.9.15/lib/stdio_.h:89:11: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define printf __printf__ data/g-wrap-1.9.15/lib/stdio_.h:90:12: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern int printf (const char *format, ...) data/g-wrap-1.9.15/lib/stdio_.h:94:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # undef printf data/g-wrap-1.9.15/lib/stdio_.h:95:10: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define printf \ data/g-wrap-1.9.15/lib/stdio_.h:99:6: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf) data/g-wrap-1.9.15/lib/stdio_.h:111:11: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define vprintf rpl_vprintf data/g-wrap-1.9.15/lib/stdio_.h:112:12: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. extern int vprintf (const char *format, va_list args) data/g-wrap-1.9.15/lib/stdio_.h:116:9: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # undef vprintf data/g-wrap-1.9.15/lib/stdio_.h:117:10: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define vprintf(f,a) \ data/g-wrap-1.9.15/lib/stdio_.h:121:6: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf (f, a)) data/g-wrap-1.9.15/lib/stdio_.h:126:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf rpl_snprintf data/g-wrap-1.9.15/lib/stdio_.h:129:12: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. extern int snprintf (char *str, size_t size, const char *format, ...) data/g-wrap-1.9.15/lib/stdio_.h:133:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # undef snprintf data/g-wrap-1.9.15/lib/stdio_.h:134:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf \ data/g-wrap-1.9.15/lib/stdio_.h:137:6: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf) data/g-wrap-1.9.15/lib/stdio_.h:142:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf rpl_vsnprintf data/g-wrap-1.9.15/lib/stdio_.h:145:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. extern int vsnprintf (char *str, size_t size, const char *format, va_list args) data/g-wrap-1.9.15/lib/stdio_.h:149:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # undef vsnprintf data/g-wrap-1.9.15/lib/stdio_.h:150:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf(b,s,f,a) \ data/g-wrap-1.9.15/lib/stdio_.h:153:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf (b, s, f, a)) data/g-wrap-1.9.15/lib/stdio_.h:158:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # define sprintf rpl_sprintf data/g-wrap-1.9.15/lib/stdio_.h:159:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. extern int sprintf (char *str, const char *format, ...) data/g-wrap-1.9.15/lib/stdio_.h:163:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # undef sprintf data/g-wrap-1.9.15/lib/stdio_.h:164:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # define sprintf \ data/g-wrap-1.9.15/lib/stdio_.h:168:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf) data/g-wrap-1.9.15/lib/stdio_.h:173:11: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # define vsprintf rpl_vsprintf data/g-wrap-1.9.15/lib/stdio_.h:174:12: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. extern int vsprintf (char *str, const char *format, va_list args) data/g-wrap-1.9.15/lib/stdio_.h:178:9: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # undef vsprintf data/g-wrap-1.9.15/lib/stdio_.h:179:10: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. # define vsprintf(b,f,a) \ data/g-wrap-1.9.15/lib/stdio_.h:183:6: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf (b, f, a)) data/g-wrap-1.9.15/lib/vasnprintf.c:108:20: [4] (buffer) swprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # define SNPRINTF swprintf data/g-wrap-1.9.15/lib/vasnprintf.c:119:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define SNPRINTF _snprintf data/g-wrap-1.9.15/lib/vasnprintf.c:122:20: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define SNPRINTF snprintf data/g-wrap-1.9.15/lib/vasnprintf.c:124:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # undef snprintf data/g-wrap-1.9.15/lib/vasnprintf.c:128:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #undef sprintf data/g-wrap-1.9.15/lib/vasnprintf.c:1167:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. count = sprintf (tmp, buf, arg); \ data/g-wrap-1.9.15/lib/vasnprintf.c:1170:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. count = sprintf (tmp, buf, prefixes[0], arg); \ data/g-wrap-1.9.15/lib/vasnprintf.c:1173:12: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. count = sprintf (tmp, buf, prefixes[0], prefixes[1],\ data/g-wrap-1.9.15/lib/vasnprintf.h:36:22: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define __printf__ printf data/g-wrap-1.9.15/guile/examples/miscutils.c:34:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result, s1, len1); data/g-wrap-1.9.15/guile/examples/miscutils.c:35:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result + len1, s2, len2 + 1); data/g-wrap-1.9.15/guile/g-wrap/guile-compatibility.c:71:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result, SCM_STRING_CHARS (str), len); data/g-wrap-1.9.15/guile/g-wrap/guile-compatibility.c:84:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, SCM_STRING_CHARS (str), len); data/g-wrap-1.9.15/guile/g-wrap/guile-runtime.c:171:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/g-wrap-1.9.15/guile/g-wrap/guile-runtime.c:194:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buffer, "arg%d", i); data/g-wrap-1.9.15/guile/g-wrap/guile-wct.c:164:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char endstr[64]; data/g-wrap-1.9.15/guile/g-wrap/guile-wct.c:309:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr_data->wcp_dependencies, wcps, data/g-wrap-1.9.15/lib/vasnprintf.c:145:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pointbuf[5]; data/g-wrap-1.9.15/lib/vasnprintf.c:146:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (pointbuf, "%#.0f", 1.0); data/g-wrap-1.9.15/lib/vasnprintf.c:251:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (memory, result, length * sizeof (CHAR_T)); \ data/g-wrap-1.9.15/lib/vasnprintf.c:263:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result + length, cp, n * sizeof (CHAR_T)); data/g-wrap-1.9.15/lib/vasnprintf.c:570:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (p, "%+d", exponent); data/g-wrap-1.9.15/lib/vasnprintf.c:716:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (p, "%+d", exponent); data/g-wrap-1.9.15/lib/vasnprintf.c:777:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result + length, tmp, count * sizeof (CHAR_T)); data/g-wrap-1.9.15/lib/vasnprintf.c:1062:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (p, dp->width_start, n * sizeof (CHAR_T)); data/g-wrap-1.9.15/lib/vasnprintf.c:1068:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (p, dp->precision_start, n * sizeof (CHAR_T)); data/g-wrap-1.9.15/lib/vasnprintf.c:1382:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result + length, tmp, count * sizeof (CHAR_T)); data/g-wrap-1.9.15/test/g-wrap-test-c-code.c:73:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result + (i * len), str, len); data/g-wrap-1.9.15/guile/examples/miscutils.c:30:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len1 = strlen (s1); data/g-wrap-1.9.15/guile/examples/miscutils.c:31:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len2 = strlen (s2); data/g-wrap-1.9.15/lib/vasnprintf.c:74:24: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define local_wcslen wcslen data/g-wrap-1.9.15/lib/vasnprintf.c:1005:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_length = strlen (a.arg[dp->arg_index].a.a_string); data/g-wrap-1.9.15/test/g-wrap-test-c-code.c:65:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen (str); ANALYSIS SUMMARY: Hits = 74 Lines analyzed = 6876 in approximately 0.30 seconds (22797 lines/second) Physical Source Lines of Code (SLOC) = 4744 Hits@level = [0] 9 [1] 5 [2] 19 [3] 0 [4] 50 [5] 0 Hits@level+ = [0+] 83 [1+] 74 [2+] 69 [3+] 50 [4+] 50 [5+] 0 Hits/KSLOC@level+ = [0+] 17.4958 [1+] 15.5987 [2+] 14.5447 [3+] 10.5396 [4+] 10.5396 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.