Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/irssi-plugin-xmpp-0.54/src/core/loudmouth-tools.c
Examining data/irssi-plugin-xmpp-0.54/src/core/loudmouth-tools.h
Examining data/irssi-plugin-xmpp-0.54/src/core/module.h
Examining data/irssi-plugin-xmpp-0.54/src/core/protocol.h
Examining data/irssi-plugin-xmpp-0.54/src/core/rosters-tools.c
Examining data/irssi-plugin-xmpp-0.54/src/core/rosters-tools.h
Examining data/irssi-plugin-xmpp-0.54/src/core/stanzas.c
Examining data/irssi-plugin-xmpp-0.54/src/core/stanzas.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/chatstates.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/chatstates.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/composing.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/composing.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/delay.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/delay.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/disco.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-commands.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-reconnect.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-reconnect.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/oob.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/oob.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/ping.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/ping.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/registration.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/registration.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/tool_datalist.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/tool_datalist.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/vcard.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/vcard.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/version.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/version.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/xep.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/carbons.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/carbons.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/xep.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-affiliation.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-affiliation.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-nicklist.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-nicklist.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-role.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-role.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-commands.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xep/disco.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-core.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-queries.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers-reconnect.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers-reconnect.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-settings.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-settings.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp.h
Examining data/irssi-plugin-xmpp-0.54/src/core/rosters.h
Examining data/irssi-plugin-xmpp-0.54/src/core/tools.h
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c
Examining data/irssi-plugin-xmpp-0.54/src/core/popenRWE.h
Examining data/irssi-plugin-xmpp-0.54/src/core/protocol.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-queries.c
Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.c
Examining data/irssi-plugin-xmpp-0.54/src/core/popenRWE.c
Examining data/irssi-plugin-xmpp-0.54/src/core/tools.c
Examining data/irssi-plugin-xmpp-0.54/src/core/rosters.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-rosters.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-core.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-messages.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-queries.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-status.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-windows.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-windows.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/module.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-composing.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-composing.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-muc.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-ping.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-ping.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-registration.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-registration.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-vcard.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-vcard.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-version.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-version.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-xep.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-carbons.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-carbons.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-xep.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-muc.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-formats.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-formats.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-rosters.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-queries.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-status.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-messages.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/module-formats.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-common/module-formats.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/module.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/text-xmpp-core.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-composing.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-composing.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-muc.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-muc.h
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-xep.c
Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-xep.h
FINAL RESULTS:
data/irssi-plugin-xmpp-0.54/src/core/popenRWE.c:66:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], (char**)argv);
data/irssi-plugin-xmpp-0.54/src/core/protocol.c:141:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(send_to_gpg, encrypted->value);
data/irssi-plugin-xmpp-0.54/src/core/rosters.c:516:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(send_to_gpg, signature->value);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:73:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, keyid);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:81:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, switches);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:108:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(output, buf2);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:115:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf2, buf);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:125:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(output, buf2);
data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.c:574:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(res->pgp_keyid, data);
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:111:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(switches, encrypt_to);
data/irssi-plugin-xmpp-0.54/src/core/popenRWE.c:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[4] = {"sh", "-c", NULL, NULL};
data/irssi-plugin-xmpp-0.54/src/core/protocol.c:140:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(send_to_gpg, "-----BEGIN PGP MESSAGE-----\n\n");
data/irssi-plugin-xmpp-0.54/src/core/protocol.c:142:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(send_to_gpg, "-----END PGP MESSAGE-----\n");
data/irssi-plugin-xmpp-0.54/src/core/rosters.c:388:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(priority_str) : resource->priority;
data/irssi-plugin-xmpp-0.54/src/core/rosters.c:515:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(send_to_gpg, "-----BEGIN PGP SIGNATURE-----\n\n");
data/irssi-plugin-xmpp-0.54/src/core/rosters.c:517:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(send_to_gpg, "-----END PGP SIGNATURE-----\n");
data/irssi-plugin-xmpp-0.54/src/core/tools.c:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100], buf2[100] = "";
data/irssi-plugin-xmpp-0.54/src/core/tools.c:72:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "gpg -u '");
data/irssi-plugin-xmpp-0.54/src/core/tools.c:74:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, "' ");
data/irssi-plugin-xmpp-0.54/src/core/tools.c:76:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd+strlen(cmd), "--passphrase-fd '%d' ", pass_pipe[0]);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:79:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "gpg ");
data/irssi-plugin-xmpp-0.54/src/core/tools.c:82:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd, " --enable-special-filenames --trust-model always -qo -" \
data/irssi-plugin-xmpp-0.54/src/core/tools.c:86:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd+strlen(cmd), "'-&%d'", input2_pipe[0]);
data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.c:69:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(tz);
data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:233:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN;
data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:249:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN;
data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:276:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN;
data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:289:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN;
data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:318:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_LONG_STRLEN], *data, *recoded;
data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:412:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(status_code)) {
data/irssi-plugin-xmpp-0.54/src/core/xep/registration.c:91:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = atoi(lm_message_node_get_attribute(node, "code"));
data/irssi-plugin-xmpp-0.54/src/core/xep/registration.c:238:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rd->port = (str = g_hash_table_lookup(optlist, "port")) ? atoi(str) : 0;
data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.c:97:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
network, host, atoi(port), password, jid);
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char switches[sizeof("-aesR 00000000")] = "-ae";
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:110:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(switches, "R ");
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[2048], *ret = NULL;
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:318:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/tty", O_RDONLY)) < 0) {
data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[BUFSIZ];
data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[BUFSIZ];
data/irssi-plugin-xmpp-0.54/src/core/protocol.c:135:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(encrypted->value)+1 \
data/irssi-plugin-xmpp-0.54/src/core/rosters.c:509:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(signature->value)+1 \
data/irssi-plugin-xmpp-0.54/src/core/rosters.c:527:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pgp_keyid, s+7, 8);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:54:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(write(pass_pipe[1], pgp_passwd, strlen(pgp_passwd)) < 0) goto pgp_error;
data/irssi-plugin-xmpp-0.54/src/core/tools.c:60:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(write(input2_pipe[1], input2, strlen(input2)) < 0) goto pgp_error;
data/irssi-plugin-xmpp-0.54/src/core/tools.c:67:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+1+strlen(switches)+ \
data/irssi-plugin-xmpp-0.54/src/core/tools.c:68:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(keyid ? strlen(keyid) : 0)+ \
data/irssi-plugin-xmpp-0.54/src/core/tools.c:76:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(cmd+strlen(cmd), "--passphrase-fd '%d' ", pass_pipe[0]);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:86:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(cmd+strlen(cmd), "'-&%d'", input2_pipe[0]);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:92:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(write(rwepipe[0], input, strlen(input)) < 0) goto pgp_error;
data/irssi-plugin-xmpp-0.54/src/core/tools.c:103:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(buf2) > 0) {
data/irssi-plugin-xmpp-0.54/src/core/tools.c:104:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output = realloc(output, output_size+strlen(buf2)+1);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:107:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_size += strlen(buf2);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:120:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!snip_data && strlen(buf2) > 0) {
data/irssi-plugin-xmpp-0.54/src/core/tools.c:121:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output = realloc(output, output_size+strlen(buf2)+1);
data/irssi-plugin-xmpp-0.54/src/core/tools.c:124:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_size += strlen(buf2);
data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.c:68:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((*tz == '+' || *tz == '-') && strlen(tz) == 5) {
data/irssi-plugin-xmpp-0.54/src/core/xep/muc.c:344:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (int i = 1; i < strlen(mode); i++) {
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:109:36: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if(settings_get_str("xmpp_pgp")) strcat(switches, "s");
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:340:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read(fd, input, sizeof(input))) < 0) {
data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:346:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) <= 1) {
data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.c:60:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = g_strdup_printf("%lu", (unsigned long)strlen(msg));
data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.c:80:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = g_strdup_printf("%lu", (unsigned long)strlen(msg));
data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:57:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = resource_name != NULL ? strlen(resource_name) : 0;
data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:82:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(jid);
data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:122:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(nick);
data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:198:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(word);
data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:276:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(word);
data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:349:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(word);
ANALYSIS SUMMARY:
Hits = 68
Lines analyzed = 11150 in approximately 0.34 seconds (32911 lines/second)
Physical Source Lines of Code (SLOC) = 8831
Hits@level = [0] 1 [1] 29 [2] 29 [3] 0 [4] 10 [5] 0
Hits@level+ = [0+] 69 [1+] 68 [2+] 39 [3+] 10 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 7.81338 [1+] 7.70015 [2+] 4.41626 [3+] 1.13237 [4+] 1.13237 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.