Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gupnp-tools-0.10.0/src/universal-cp/gui.h
Examining data/gupnp-tools-0.10.0/src/universal-cp/device-treeview.c
Examining data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.h
Examining data/gupnp-tools-0.10.0/src/universal-cp/main.c
Examining data/gupnp-tools-0.10.0/src/universal-cp/action-dialog.h
Examining data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c
Examining data/gupnp-tools-0.10.0/src/universal-cp/action-dialog.c
Examining data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c
Examining data/gupnp-tools-0.10.0/src/universal-cp/device-treeview.h
Examining data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.h
Examining data/gupnp-tools-0.10.0/src/universal-cp/main.h
Examining data/gupnp-tools-0.10.0/src/universal-cp/gui.c
Examining data/gupnp-tools-0.10.0/src/upload/main.c
Examining data/gupnp-tools-0.10.0/src/upload/transfer.c
Examining data/gupnp-tools-0.10.0/src/upload/container-search.c
Examining data/gupnp-tools-0.10.0/src/upload/item-creation.h
Examining data/gupnp-tools-0.10.0/src/upload/main.h
Examining data/gupnp-tools-0.10.0/src/upload/transfer.h
Examining data/gupnp-tools-0.10.0/src/upload/container-search.h
Examining data/gupnp-tools-0.10.0/src/upload/item-creation.c
Examining data/gupnp-tools-0.10.0/src/upload/control_point.h
Examining data/gupnp-tools-0.10.0/src/upload/control_point.c
Examining data/gupnp-tools-0.10.0/src/av-cp/gui.h
Examining data/gupnp-tools-0.10.0/src/av-cp/main.c
Examining data/gupnp-tools-0.10.0/src/av-cp/renderer-controls.c
Examining data/gupnp-tools-0.10.0/src/av-cp/renderer-controls.h
Examining data/gupnp-tools-0.10.0/src/av-cp/server-device.c
Examining data/gupnp-tools-0.10.0/src/av-cp/playlist-treeview.c
Examining data/gupnp-tools-0.10.0/src/av-cp/renderer-combo.c
Examining data/gupnp-tools-0.10.0/src/av-cp/didl-dialog.h
Examining data/gupnp-tools-0.10.0/src/av-cp/search-dialog.c
Examining data/gupnp-tools-0.10.0/src/av-cp/search-dialog.h
Examining data/gupnp-tools-0.10.0/src/av-cp/renderer-combo.h
Examining data/gupnp-tools-0.10.0/src/av-cp/didl-dialog.c
Examining data/gupnp-tools-0.10.0/src/av-cp/main.h
Examining data/gupnp-tools-0.10.0/src/av-cp/playlist-treeview.h
Examining data/gupnp-tools-0.10.0/src/av-cp/gui.c
Examining data/gupnp-tools-0.10.0/src/av-cp/server-device.h
Examining data/gupnp-tools-0.10.0/src/network-light/gui.h
Examining data/gupnp-tools-0.10.0/src/network-light/upnp.c
Examining data/gupnp-tools-0.10.0/src/network-light/main.c
Examining data/gupnp-tools-0.10.0/src/network-light/upnp.h
Examining data/gupnp-tools-0.10.0/src/network-light/main.h
Examining data/gupnp-tools-0.10.0/src/network-light/gui.c
Examining data/gupnp-tools-0.10.0/src/discover/gssdp-discover.c
Examining data/gupnp-tools-0.10.0/src/common/icons.h
Examining data/gupnp-tools-0.10.0/src/common/pretty-print.h
Examining data/gupnp-tools-0.10.0/src/common/pretty-print.c
Examining data/gupnp-tools-0.10.0/src/common/icons.c
FINAL RESULTS:
data/gupnp-tools-0.10.0/src/common/icons.c:199:16: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
GList *gets;
data/gupnp-tools-0.10.0/src/common/icons.c:201:35: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
for (gets = pending_gets; gets; gets = gets->next) {
data/gupnp-tools-0.10.0/src/network-light/upnp.c:672:42: [3] (buffer) g_get_tmp_dir:
This function is synonymous with 'getenv("TMP")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
g_get_tmp_dir (),
data/gupnp-tools-0.10.0/src/av-cp/search-dialog.c:592:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi (position));
data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c:195:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *details[32];
data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c:223:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *details[32];
data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c:245:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *details[32];
data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c:312:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *details[32];
data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c:359:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *details[32];
data/gupnp-tools-0.10.0/src/universal-cp/details-treeview.c:431:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *headers[3] = { _("Name"),
data/gupnp-tools-0.10.0/src/universal-cp/device-treeview.c:67:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *details[32];
data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c:186:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[5];
data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c:240:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[5];
data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c:406:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *headers[6] = {_("Time"),
data/gupnp-tools-0.10.0/src/av-cp/playlist-treeview.c:495:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ITEM_CLASS_IMAGE))) {
data/gupnp-tools-0.10.0/src/av-cp/playlist-treeview.c:499:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ITEM_CLASS_AUDIO))) {
data/gupnp-tools-0.10.0/src/av-cp/playlist-treeview.c:503:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ITEM_CLASS_VIDEO))) {
data/gupnp-tools-0.10.0/src/av-cp/playlist-treeview.c:507:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ITEM_CLASS_TEXT))) {
data/gupnp-tools-0.10.0/src/common/pretty-print.c:35:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doc = xmlRecoverMemory (xml, strlen (xml));
data/gupnp-tools-0.10.0/src/network-light/gui.c:242:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name && (strlen(name) > 0)) {
data/gupnp-tools-0.10.0/src/network-light/upnp.c:662:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name && (strlen(name) > 0)) {
data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c:108:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) != 0) {
data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c:288:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen (value);
data/gupnp-tools-0.10.0/src/universal-cp/event-treeview.c:308:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen (value);
ANALYSIS SUMMARY:
Hits = 24
Lines analyzed = 11495 in approximately 0.27 seconds (41868 lines/second)
Physical Source Lines of Code (SLOC) = 8400
Hits@level = [0] 0 [1] 10 [2] 11 [3] 1 [4] 0 [5] 2
Hits@level+ = [0+] 24 [1+] 24 [2+] 14 [3+] 3 [4+] 2 [5+] 2
Hits/KSLOC@level+ = [0+] 2.85714 [1+] 2.85714 [2+] 1.66667 [3+] 0.357143 [4+] 0.238095 [5+] 0.238095
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.