Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/jo-1.3/base64.c Examining data/jo-1.3/base64.h Examining data/jo-1.3/jo.c Examining data/jo-1.3/json.c Examining data/jo-1.3/json.h FINAL RESULTS: data/jo-1.3/jo.c:47:22: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define err(n, s) { fprintf(stderr, s); exit(n); } data/jo-1.3/jo.c:48:26: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define errx(n, f, a) { fprintf(stderr, f, a); exit(n); } data/jo-1.3/json.c:47:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ret, str); data/jo-1.3/json.c:1326:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(errmsg, 256, __VA_ARGS__); \ data/jo-1.3/jo.c:615:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "aBd:hpevV")) != EOF) { data/jo-1.3/jo.c:115:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(maybe_stdin(filename), "r")) == NULL) { data/jo-1.3/jo.c:335:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return json_mkbool(atoi(str)); data/jo-1.3/jo.c:514:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). wcssize = MultiByteToWideChar(GetACP(), 0, str, len, NULL, 0); data/jo-1.3/jo.c:519:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). wcssize = MultiByteToWideChar(GetACP(), 0, str, len, wcsp, wcssize + 1); data/jo-1.3/jo.c:547:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). wcssize = MultiByteToWideChar(CP_UTF8, 0, utf8, len, NULL, 0); data/jo-1.3/jo.c:552:12: [2] (buffer) MultiByteToWideChar: Requires maximum length in CHARACTERS, not bytes (CWE-120). wcssize = MultiByteToWideChar(CP_UTF8, 0, utf8, len, wcsp, wcssize + 1); data/jo-1.3/jo.c:602:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *kv, *js_string, *progname, buf[BUFSIZ], *p; data/jo-1.3/json.c:95:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sb->cur, bytes, count); data/jo-1.3/json.c:802:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char throwaway_buffer[4]; data/jo-1.3/json.c:1180:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(b, "\\uFFFD"); data/jo-1.3/json.c:1242:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/jo-1.3/json.c:1322:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. bool json_check(const JsonNode *node, char errmsg[256]) data/jo-1.3/json.h:115:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. bool json_check(const JsonNode *node, char errmsg[256]); data/jo-1.3/base64.c:91:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(s); data/jo-1.3/jo.c:132:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = fgetc(fp)) != EOF) { data/jo-1.3/jo.c:184:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return json_mknumber(strlen(str)); data/jo-1.3/jo.c:188:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return json_mkbool(strlen(str) > 0); data/jo-1.3/jo.c:224:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(str) == 0) { data/jo-1.3/jo.c:232:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *bp = str + strlen(str) - 1; data/jo-1.3/jo.c:290:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *bp = content + strlen(content) - 1; data/jo-1.3/jo.c:327:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(str) == 0) { data/jo-1.3/jo.c:512:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/jo-1.3/jo.c:545:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(utf8); data/jo-1.3/jo.c:661:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (buf[strlen(buf) - 1] == '\n') data/jo-1.3/jo.c:662:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf[strlen(buf) - 1] = 0; data/jo-1.3/json.c:40:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(str) + 1; data/jo-1.3/json.c:107:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sb_put(sb, str, strlen(str)); data/jo-1.3/json.c:113:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(sb->start <= sb->cur && strlen(sb->start) == (size_t)(sb->cur - sb->start)); ANALYSIS SUMMARY: Hits = 33 Lines analyzed = 2365 in approximately 0.09 seconds (25559 lines/second) Physical Source Lines of Code (SLOC) = 1734 Hits@level = [0] 21 [1] 15 [2] 13 [3] 1 [4] 4 [5] 0 Hits@level+ = [0+] 54 [1+] 33 [2+] 18 [3+] 5 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 31.1419 [1+] 19.0311 [2+] 10.3806 [3+] 2.88351 [4+] 2.30681 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.