Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/authorized_keys/authorized_keys.cc Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/cache_refresh/cache_refresh.cc Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/include/compat.h Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/include/nss_cache_oslogin.h Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/include/oslogin_utils.h Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/nss/compat/getpwent_r.c Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/nss/nss_cache_oslogin.c Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/nss/nss_oslogin.cc Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_admin.cc Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_login.cc Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/utils.cc Examining data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/test/oslogin_utils_test.cc FINAL RESULTS: data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/cache_refresh/cache_refresh.cc:81:3: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. chown(kDefaultFilePath, 0, 0); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/cache_refresh/cache_refresh.cc:82:3: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(kDefaultFilePath, S_IRUSR | S_IWUSR | S_IROTH); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_admin.cc:92:7: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. chown(filename.c_str(), 0, 0); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_admin.cc:93:7: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(filename.c_str(), S_IRUSR | S_IRGRP); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_login.cc:100:7: [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead. chown(users_filename.c_str(), 0, 0); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_login.cc:101:7: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(users_filename.c_str(), S_IRUSR | S_IWUSR | S_IRGRP); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/include/compat.h:44:31: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. #define PAM_SYSLOG(pamh, ...) syslog(__VA_ARGS__) data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/include/nss_cache_oslogin.h:35:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, fmt, ##args); \ data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/cache_refresh/cache_refresh.cc:53:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[kPasswdBufferSize]; data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/nss/nss_cache_oslogin.c:35:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char p_filename[NSS_CACHE_OSLOGIN_PATH_LENGTH] = NSS_CACHE_OSLOGIN_PATH; data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/nss/nss_cache_oslogin.c:122:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p_file = fopen(p_filename, "r"); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/pam/pam_oslogin_admin.cc:88:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sudoers_file.open(filename.c_str()); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/utils.cc:61:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(*buffer, value.c_str(), bytes_to_write); data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/utils.cc:280:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->pw_name) == 0) { data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/utils.cc:284:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->pw_dir) == 0) { data/google-compute-image-packages-20190916/packages/google-compute-engine-oslogin/src/utils.cc:291:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(result->pw_shell) == 0) { ANALYSIS SUMMARY: Hits = 16 Lines analyzed = 2996 in approximately 0.22 seconds (13545 lines/second) Physical Source Lines of Code (SLOC) = 2219 Hits@level = [0] 9 [1] 4 [2] 4 [3] 0 [4] 2 [5] 6 Hits@level+ = [0+] 25 [1+] 16 [2+] 12 [3+] 8 [4+] 8 [5+] 6 Hits/KSLOC@level+ = [0+] 11.2663 [1+] 7.21046 [2+] 5.40784 [3+] 3.60523 [4+] 3.60523 [5+] 2.70392 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.