Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gup-0.5.15/lock.c Examining data/gup-0.5.15/help.c Examining data/gup-0.5.15/config.h Examining data/gup-0.5.15/gup.c Examining data/gup-0.5.15/wildmat.c Examining data/gup-0.5.15/newsgroups.c Examining data/gup-0.5.15/misc.c Examining data/gup-0.5.15/sort.c Examining data/gup-0.5.15/rfc822.c Examining data/gup-0.5.15/rfc822.h Examining data/gup-0.5.15/prune.c Examining data/gup-0.5.15/mail.c Examining data/gup-0.5.15/log.c Examining data/gup-0.5.15/gup.h FINAL RESULTS: data/gup-0.5.15/wildmat.c:137:14: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. extern char *gets(); data/gup-0.5.15/wildmat.c:152:6: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. if (gets(p) == NULL || p[0] == '\0') data/gup-0.5.15/wildmat.c:157:10: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. if (gets(text) == NULL) data/gup-0.5.15/gup.c:205:6: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, progname); data/gup-0.5.15/gup.c:247:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, progname); data/gup-0.5.15/gup.c:442:16: [4] (crypto) crypt: The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment (CWE-327). Use a different algorithm, such as SHA-256, with a larger, non-repeating salt. cryptstr = crypt(tokens[1], hf_tokens[1]); data/gup-0.5.15/log.c:12:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(fp, out_msg, AP); data/gup-0.5.15/mail.c:28:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(m_command, command); data/gup-0.5.15/mail.c:30:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(m_command, BACKSTOP_MAILID); data/gup-0.5.15/mail.c:42:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen(m_command, "w"); data/gup-0.5.15/misc.c:225:12: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). return strcpy(res, str); data/gup-0.5.15/gup.c:194:18: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((cc = getopt(argc, argv, "a:d:hs:l:n:m:M:PvG:")) != -1) { data/gup-0.5.15/gup.c:126:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char curr_line[MAX_LINE_SIZE]; data/gup-0.5.15/gup.c:212:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(log_fp = fopen(optarg, "a"))) data/gup-0.5.15/gup.c:235:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maxgroups = atoi(optarg); data/gup-0.5.15/gup.c:283:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[LG_SIZE], buf2[LG_SIZE]; data/gup-0.5.15/gup.c:292:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf1[LG_SIZE], buf2[LG_SIZE]; data/gup-0.5.15/gup.c:324:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *tokens[10]; data/gup-0.5.15/gup.c:387:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *hf_tokens[4]; data/gup-0.5.15/gup.c:391:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbuf[MAX_LINE_SIZE]; data/gup-0.5.15/gup.c:398:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fp = fopen(CONFIG_FILENAME, "r"))) data/gup-0.5.15/gup.c:476:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(EXCLUSIONS_FILENAME, O_RDONLY)) >= 0) { data/gup-0.5.15/gup.c:483:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(BODY_FILENAME, O_RDONLY)) >= 0) { data/gup-0.5.15/gup.c:505:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(active_path, O_RDONLY)) < 0) data/gup-0.5.15/gup.c:523:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fp = fopen(NEWBODY_FILENAME, "w"))) data/gup-0.5.15/lock.c:15:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(".", O_RDONLY)) >= 0) { data/gup-0.5.15/lock.c:28:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("LOCK", O_CREAT | O_WRONLY | O_EXCL, 0644); data/gup-0.5.15/lock.c:34:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("LOCK", O_CREAT | O_WRONLY); data/gup-0.5.15/lock.c:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/gup-0.5.15/lock.c:46:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%5d\n", getpid()); data/gup-0.5.15/lock.c:72:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(".", O_RDONLY)) >= 0) { data/gup-0.5.15/log.c:21:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stamp[100]; data/gup-0.5.15/mail.c:29:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(m_command, " -f "); data/gup-0.5.15/mail.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbuf[MAX_LINE_SIZE]; data/gup-0.5.15/mail.c:58:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((hdr_fp = fopen(m_headers, "r"))) { data/gup-0.5.15/misc.c:16:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbuf[MAX_LINE_SIZE]; data/gup-0.5.15/newsgroups.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lbuf[MAX_LINE_SIZE]; data/gup-0.5.15/newsgroups.c:81:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fp = fopen(newsgroups_path, "r"))) { data/gup-0.5.15/newsgroups.c:119:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(newsgroups_path, O_RDONLY)) < 0) { data/gup-0.5.15/wildmat.c:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p[80]; data/gup-0.5.15/wildmat.c:143:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[80]; data/gup-0.5.15/gup.c:159:5: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(UMASK); data/gup-0.5.15/gup.c:649:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(str); data/gup-0.5.15/gup.c:716:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(curr_line); data/gup-0.5.15/lock.c:47:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). res = write(fd, buf, strlen(buf)); data/gup-0.5.15/mail.c:25:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m_command = malloc(strlen(command) + 4 + sizeof(BACKSTOP_MAILID)); data/gup-0.5.15/misc.c:26:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lbuf[strlen(lbuf) - 1] = '\0'; /* Zip trailing \n */ data/gup-0.5.15/misc.c:72:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). length = read(fd, name, (int) sb.st_size); data/gup-0.5.15/misc.c:222:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). res = malloc(strlen(str) + 1); data/gup-0.5.15/misc.c:224:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gupout(1, "xstrdup of %d failed", strlen(str)); data/gup-0.5.15/newsgroups.c:40:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). glen = strlen(gp->name); data/gup-0.5.15/newsgroups.c:87:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lbuf[strlen(lbuf) - 1] = '\0'; /* Zip trailing \n */ data/gup-0.5.15/newsgroups.c:137:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). length = read(fd, desc, (int) sb.st_size); ANALYSIS SUMMARY: Hits = 53 Lines analyzed = 2312 in approximately 0.12 seconds (19925 lines/second) Physical Source Lines of Code (SLOC) = 1592 Hits@level = [0] 23 [1] 12 [2] 29 [3] 1 [4] 8 [5] 3 Hits@level+ = [0+] 76 [1+] 53 [2+] 41 [3+] 12 [4+] 11 [5+] 3 Hits/KSLOC@level+ = [0+] 47.7387 [1+] 33.2915 [2+] 25.7538 [3+] 7.53769 [4+] 6.90955 [5+] 1.88442 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.