Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libcutl-1.10.0+ds1/cutl/compiler/context.cxx Examining data/libcutl-1.10.0+ds1/cutl/compiler/cxx-indenter.cxx Examining data/libcutl-1.10.0+ds1/cutl/compiler/type-info.cxx Examining data/libcutl-1.10.0+ds1/cutl/details/config-vc.h Examining data/libcutl-1.10.0+ds1/cutl/details/genx/char-props.c Examining data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c Examining data/libcutl-1.10.0+ds1/cutl/details/genx/genx.h Examining data/libcutl-1.10.0+ds1/cutl/exception.cxx Examining data/libcutl-1.10.0+ds1/cutl/fs/auto-remove.cxx Examining data/libcutl-1.10.0+ds1/cutl/fs/exception.cxx Examining data/libcutl-1.10.0+ds1/cutl/fs/path.cxx Examining data/libcutl-1.10.0+ds1/cutl/re/re.cxx Examining data/libcutl-1.10.0+ds1/cutl/shared-ptr/base.cxx Examining data/libcutl-1.10.0+ds1/cutl/xml/parser.cxx Examining data/libcutl-1.10.0+ds1/cutl/xml/qname.cxx Examining data/libcutl-1.10.0+ds1/cutl/xml/serializer.cxx Examining data/libcutl-1.10.0+ds1/cutl/xml/value-traits.cxx FINAL RESULTS: data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:184:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *) temp, (const char *) from); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:229:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *) c->buf, (const char *) string); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:359:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf((char *) buf, "xmlns:%s", prefix); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:113:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xmlChars[GENX_CHAR_TABLE_SIZE]; data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:127:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * etext[100]; data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:313:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp((char *) uri, (const char *) nn[i]->name) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:313:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp((char *) uri, (const char *) nn[i]->name) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:328:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (ee[i]->ns == NULL && strcmp((const char *) type, data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:329:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. (const char *) ee[i]->type) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:335:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcmp((const char *) xmlns, (const char *) ee[i]->ns->name) == 0 && data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:335:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcmp((const char *) xmlns, (const char *) ee[i]->ns->name) == 0 && data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:336:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcmp((const char *) type, (const char *) ee[i]->type) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:336:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. strcmp((const char *) type, (const char *) ee[i]->type) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:353:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[1024]; data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:367:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp((const char *) prefix, (const char *) pp[probe]) < 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:367:46: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (strcmp((const char *) prefix, (const char *) pp[probe]) < 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:374:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (low != -1 && strcmp((const char *) prefix, (const char *) pp[low]) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:374:57: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if (low != -1 && strcmp((const char *) prefix, (const char *) pp[low]) == 0) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:895:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char newPrefix[100]; data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:932:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char *) newPrefix, "g%d", w->nextPrefix++); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:1992:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char cUTF8[10]; data/libcutl-1.10.0+ds1/cutl/fs/path.cxx:38:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[_MAX_PATH]; data/libcutl-1.10.0+ds1/cutl/fs/path.cxx:42:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[PATH_MAX]; data/libcutl-1.10.0+ds1/cutl/fs/path.cxx:77:7: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wcwd[_MAX_PATH]; data/libcutl-1.10.0+ds1/cutl/fs/path.cxx:81:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[PATH_MAX]; data/libcutl-1.10.0+ds1/cutl/fs/path.cxx:85:7: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t wcwd[PATH_MAX]; data/libcutl-1.10.0+ds1/cutl/fs/path.cxx:106:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ns[PATH_MAX + 1]; data/libcutl-1.10.0+ds1/cutl/xml/parser.cxx:752:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c (s[i]); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:182:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((temp = (utf8) allocate(w, strlen((const char *) from) + 1)) == NULL) data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:205:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy((char *) newSpace, (const char *) c->buf, c->used); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:223:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int sl = strlen((const char *) string); data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:233:160: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define collectPiece(w,c,d,size) {if (((c)->used+(size))>=(c)->space){if (((w)->status=growCollector(w,c,(c)->used+(size)))!=GENX_SUCCESS) return (w)->status;}strncpy((char *)(c)->buf+(c)->used,d,size);(c)->used+=size;} data/libcutl-1.10.0+ds1/cutl/details/genx/genx.c:2198:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen((const char *) target) >= 3) && data/libcutl-1.10.0+ds1/cutl/xml/parser.cxx:569:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). is_.read (b, static_cast<streamsize> (cap)); data/libcutl-1.10.0+ds1/cutl/xml/serializer.cxx:64:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). os->write (s, static_cast<streamsize> (strlen (s))); ANALYSIS SUMMARY: Hits = 35 Lines analyzed = 4824 in approximately 0.20 seconds (24262 lines/second) Physical Source Lines of Code (SLOC) = 3423 Hits@level = [0] 0 [1] 7 [2] 25 [3] 0 [4] 3 [5] 0 Hits@level+ = [0+] 35 [1+] 35 [2+] 28 [3+] 3 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 10.2249 [1+] 10.2249 [2+] 8.17996 [3+] 0.876424 [4+] 0.876424 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.