stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.h
Examining data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c

FINAL RESULTS:

data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:89:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy (message, optarg);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:99:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy (title, optarg);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:265:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
		rv = system (command);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:421:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (buses.bus[buses.bus_count].username, username);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:432:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (buses.bus[buses.bus_count].dbus_address, dbus_address);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:521:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
						strcpy (bus_result, fcontent + i);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:534:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
						strcpy (user_result, fcontent + i + user_search_len);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:66:7:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
		c = getopt_long (argc, argv, "m:t:bdhv", long_options, &option_index);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:37:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char msgbuf[IPWDGN_MSG_BUFSIZ];
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:219:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char command[IPWDGN_MSG_BUFSIZ];
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:315:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char b[IPWDGN_FILE_BUFSIZ];
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:328:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fd = open (filename, O_RDONLY);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:343:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (c + cl, b, rl);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:459:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char filename[PATH_MAX];
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:489:7:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		if (atoi (dir_entry->d_name) < 1)
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:83:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				if ((message = (char *) malloc ((strlen (optarg) + 1) * sizeof (char))) == NULL)
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:93:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				if ((title = (char *) malloc ((strlen (optarg) + 1) * sizeof (char))) == NULL)
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:334:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	rl = read (fd, b, IPWDGN_FILE_BUFSIZ);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:347:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		rl = read (fd, b, IPWDGN_FILE_BUFSIZ);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:416:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((buses.bus[buses.bus_count].username  = (char *) malloc ((strlen (username) + 1) * sizeof (char))) == NULL)
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:427:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((buses.bus[buses.bus_count].dbus_address  = (char *) malloc ((strlen (dbus_address) + 1) * sizeof (char))) == NULL)
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:467:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int bus_search_len = strlen (bus_search);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:471:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int user_search_len = strlen (user_search);
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:518:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					bus_result = (char *) malloc ((strlen (fcontent + i) + 1) * sizeof (char) );
data/ipwatchd-gnotify-1.0.1/src/ipwatchd-gnotify.c:531:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					user_result = (char *) malloc ((strlen (fcontent + i + user_search_len) +  1) * sizeof (char) );

ANALYSIS SUMMARY:

Hits = 25
Lines analyzed = 707 in approximately 0.04 seconds (18716 lines/second)
Physical Source Lines of Code (SLOC) = 443
Hits@level = [0]  36 [1]  10 [2]   7 [3]   1 [4]   7 [5]   0
Hits@level+ = [0+]  61 [1+]  25 [2+]  15 [3+]   8 [4+]   7 [5+]   0
Hits/KSLOC@level+ = [0+] 137.698 [1+] 56.4334 [2+] 33.86 [3+] 18.0587 [4+] 15.8014 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.