Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/irssi-plugin-xmpp-0.54/src/core/loudmouth-tools.c Examining data/irssi-plugin-xmpp-0.54/src/core/loudmouth-tools.h Examining data/irssi-plugin-xmpp-0.54/src/core/module.h Examining data/irssi-plugin-xmpp-0.54/src/core/protocol.h Examining data/irssi-plugin-xmpp-0.54/src/core/rosters-tools.c Examining data/irssi-plugin-xmpp-0.54/src/core/rosters-tools.h Examining data/irssi-plugin-xmpp-0.54/src/core/stanzas.c Examining data/irssi-plugin-xmpp-0.54/src/core/stanzas.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/chatstates.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/chatstates.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/composing.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/composing.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/delay.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/delay.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/disco.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-commands.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-reconnect.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-reconnect.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/oob.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/oob.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/ping.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/ping.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/registration.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/registration.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/tool_datalist.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/tool_datalist.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/vcard.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/vcard.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/version.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/version.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/xep.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/carbons.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/carbons.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/xep.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-affiliation.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-affiliation.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-nicklist.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-nicklist.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-role.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-role.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc-commands.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc.c Examining data/irssi-plugin-xmpp-0.54/src/core/xep/muc.h Examining data/irssi-plugin-xmpp-0.54/src/core/xep/disco.c Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.h Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-core.c Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-queries.h Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers-reconnect.c Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers-reconnect.h Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-settings.c Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-settings.h Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.h Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp.h Examining data/irssi-plugin-xmpp-0.54/src/core/rosters.h Examining data/irssi-plugin-xmpp-0.54/src/core/tools.h Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c Examining data/irssi-plugin-xmpp-0.54/src/core/popenRWE.h Examining data/irssi-plugin-xmpp-0.54/src/core/protocol.c Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-queries.c Examining data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.c Examining data/irssi-plugin-xmpp-0.54/src/core/popenRWE.c Examining data/irssi-plugin-xmpp-0.54/src/core/tools.c Examining data/irssi-plugin-xmpp-0.54/src/core/rosters.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-rosters.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-core.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-messages.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-queries.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-status.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-windows.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-windows.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/module.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-composing.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-composing.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-muc.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-ping.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-ping.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-registration.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-registration.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-vcard.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-vcard.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-version.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-version.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-xep.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-carbons.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-carbons.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-xep.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-muc.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-formats.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-formats.h Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-rosters.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-queries.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-status.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/fe-xmpp-messages.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/module-formats.c Examining data/irssi-plugin-xmpp-0.54/src/fe-common/module-formats.h Examining data/irssi-plugin-xmpp-0.54/src/fe-text/module.h Examining data/irssi-plugin-xmpp-0.54/src/fe-text/text-xmpp-core.c Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-composing.c Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-composing.h Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-muc.c Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-muc.h Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-xep.c Examining data/irssi-plugin-xmpp-0.54/src/fe-text/xep/text-xep.h FINAL RESULTS: data/irssi-plugin-xmpp-0.54/src/core/popenRWE.c:66:3: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(argv[0], (char**)argv); data/irssi-plugin-xmpp-0.54/src/core/protocol.c:141:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(send_to_gpg, encrypted->value); data/irssi-plugin-xmpp-0.54/src/core/rosters.c:516:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(send_to_gpg, signature->value); data/irssi-plugin-xmpp-0.54/src/core/tools.c:73:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, keyid); data/irssi-plugin-xmpp-0.54/src/core/tools.c:81:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmd, switches); data/irssi-plugin-xmpp-0.54/src/core/tools.c:108:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(output, buf2); data/irssi-plugin-xmpp-0.54/src/core/tools.c:115:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf2, buf); data/irssi-plugin-xmpp-0.54/src/core/tools.c:125:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(output, buf2); data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.c:574:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(res->pgp_keyid, data); data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:111:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(switches, encrypt_to); data/irssi-plugin-xmpp-0.54/src/core/popenRWE.c:31:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *argv[4] = {"sh", "-c", NULL, NULL}; data/irssi-plugin-xmpp-0.54/src/core/protocol.c:140:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(send_to_gpg, "-----BEGIN PGP MESSAGE-----\n\n"); data/irssi-plugin-xmpp-0.54/src/core/protocol.c:142:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(send_to_gpg, "-----END PGP MESSAGE-----\n"); data/irssi-plugin-xmpp-0.54/src/core/rosters.c:388:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(priority_str) : resource->priority; data/irssi-plugin-xmpp-0.54/src/core/rosters.c:515:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(send_to_gpg, "-----BEGIN PGP SIGNATURE-----\n\n"); data/irssi-plugin-xmpp-0.54/src/core/rosters.c:517:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(send_to_gpg, "-----END PGP SIGNATURE-----\n"); data/irssi-plugin-xmpp-0.54/src/core/tools.c:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100], buf2[100] = ""; data/irssi-plugin-xmpp-0.54/src/core/tools.c:72:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cmd, "gpg -u '"); data/irssi-plugin-xmpp-0.54/src/core/tools.c:74:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(cmd, "' "); data/irssi-plugin-xmpp-0.54/src/core/tools.c:76:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cmd+strlen(cmd), "--passphrase-fd '%d' ", pass_pipe[0]); data/irssi-plugin-xmpp-0.54/src/core/tools.c:79:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cmd, "gpg "); data/irssi-plugin-xmpp-0.54/src/core/tools.c:82:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(cmd, " --enable-special-filenames --trust-model always -qo -" \ data/irssi-plugin-xmpp-0.54/src/core/tools.c:86:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cmd+strlen(cmd), "'-&%d'", input2_pipe[0]); data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.c:69:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(tz); data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:233:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN; data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:249:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN; data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:276:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN; data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:289:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error = code != NULL ? atoi(code) : MUC_ERROR_UNKNOWN; data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:318:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX_LONG_STRLEN], *data, *recoded; data/irssi-plugin-xmpp-0.54/src/core/xep/muc-events.c:412:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). switch (atoi(status_code)) { data/irssi-plugin-xmpp-0.54/src/core/xep/registration.c:91:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). error = atoi(lm_message_node_get_attribute(node, "code")); data/irssi-plugin-xmpp-0.54/src/core/xep/registration.c:238:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rd->port = (str = g_hash_table_lookup(optlist, "port")) ? atoi(str) : 0; data/irssi-plugin-xmpp-0.54/src/core/xmpp-commands.c:97:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). network, host, atoi(port), password, jid); data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:108:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char switches[sizeof("-aesR 00000000")] = "-ae"; data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:110:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(switches, "R "); data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:311:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[2048], *ret = NULL; data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:318:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open("/dev/tty", O_RDONLY)) < 0) { data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stamp[BUFSIZ]; data/irssi-plugin-xmpp-0.54/src/fe-common/xep/fe-delay.c:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stamp[BUFSIZ]; data/irssi-plugin-xmpp-0.54/src/core/protocol.c:135:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(encrypted->value)+1 \ data/irssi-plugin-xmpp-0.54/src/core/rosters.c:509:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(signature->value)+1 \ data/irssi-plugin-xmpp-0.54/src/core/rosters.c:527:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pgp_keyid, s+7, 8); data/irssi-plugin-xmpp-0.54/src/core/tools.c:54:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(write(pass_pipe[1], pgp_passwd, strlen(pgp_passwd)) < 0) goto pgp_error; data/irssi-plugin-xmpp-0.54/src/core/tools.c:60:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(write(input2_pipe[1], input2, strlen(input2)) < 0) goto pgp_error; data/irssi-plugin-xmpp-0.54/src/core/tools.c:67:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). +1+strlen(switches)+ \ data/irssi-plugin-xmpp-0.54/src/core/tools.c:68:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (keyid ? strlen(keyid) : 0)+ \ data/irssi-plugin-xmpp-0.54/src/core/tools.c:76:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(cmd+strlen(cmd), "--passphrase-fd '%d' ", pass_pipe[0]); data/irssi-plugin-xmpp-0.54/src/core/tools.c:86:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(cmd+strlen(cmd), "'-&%d'", input2_pipe[0]); data/irssi-plugin-xmpp-0.54/src/core/tools.c:92:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(write(rwepipe[0], input, strlen(input)) < 0) goto pgp_error; data/irssi-plugin-xmpp-0.54/src/core/tools.c:103:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(buf2) > 0) { data/irssi-plugin-xmpp-0.54/src/core/tools.c:104:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). output = realloc(output, output_size+strlen(buf2)+1); data/irssi-plugin-xmpp-0.54/src/core/tools.c:107:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). output_size += strlen(buf2); data/irssi-plugin-xmpp-0.54/src/core/tools.c:120:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!snip_data && strlen(buf2) > 0) { data/irssi-plugin-xmpp-0.54/src/core/tools.c:121:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). output = realloc(output, output_size+strlen(buf2)+1); data/irssi-plugin-xmpp-0.54/src/core/tools.c:124:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). output_size += strlen(buf2); data/irssi-plugin-xmpp-0.54/src/core/xep/datetime.c:68:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((*tz == '+' || *tz == '-') && strlen(tz) == 5) { data/irssi-plugin-xmpp-0.54/src/core/xep/muc.c:344:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (int i = 1; i < strlen(mode); i++) { data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:109:36: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if(settings_get_str("xmpp_pgp")) strcat(switches, "s"); data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:340:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((read(fd, input, sizeof(input))) < 0) { data/irssi-plugin-xmpp-0.54/src/core/xmpp-servers.c:346:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(input) <= 1) { data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.c:60:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = g_strdup_printf("%lu", (unsigned long)strlen(msg)); data/irssi-plugin-xmpp-0.54/src/fe-common/fe-stanzas.c:80:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = g_strdup_printf("%lu", (unsigned long)strlen(msg)); data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:57:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = resource_name != NULL ? strlen(resource_name) : 0; data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:82:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(jid); data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:122:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(nick); data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:198:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(word); data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:276:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(word); data/irssi-plugin-xmpp-0.54/src/fe-common/xmpp-completion.c:349:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(word); ANALYSIS SUMMARY: Hits = 68 Lines analyzed = 11150 in approximately 0.34 seconds (32911 lines/second) Physical Source Lines of Code (SLOC) = 8831 Hits@level = [0] 1 [1] 29 [2] 29 [3] 0 [4] 10 [5] 0 Hits@level+ = [0+] 69 [1+] 68 [2+] 39 [3+] 10 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 7.81338 [1+] 7.70015 [2+] 4.41626 [3+] 1.13237 [4+] 1.13237 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.