Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libmpack-1.0.5/src/conv.c
Examining data/libmpack-1.0.5/src/conv.h
Examining data/libmpack-1.0.5/src/core.c
Examining data/libmpack-1.0.5/src/core.h
Examining data/libmpack-1.0.5/src/mpack.c
Examining data/libmpack-1.0.5/src/object.c
Examining data/libmpack-1.0.5/src/object.h
Examining data/libmpack-1.0.5/src/rpc.c
Examining data/libmpack-1.0.5/src/rpc.h
Examining data/libmpack-1.0.5/test/deps/tap/tap.c
Examining data/libmpack-1.0.5/test/deps/tap/tap.h
Examining data/libmpack-1.0.5/test/fixtures.c
Examining data/libmpack-1.0.5/test/fixtures.h
Examining data/libmpack-1.0.5/test/mpack.c
FINAL RESULTS:
data/libmpack-1.0.5/test/deps/tap/tap.c:28:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
size = vsnprintf(NULL, 0, fmt, args2) + 2;
data/libmpack-1.0.5/test/deps/tap/tap.c:34:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(str, fmt, args);
data/libmpack-1.0.5/test/deps/tap/tap.c:261:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, args);
data/libmpack-1.0.5/test/fixtures.c:58:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(b, sizeof(b), js_item_pattern, (unsigned int)i);
data/libmpack-1.0.5/test/mpack.c:49:21: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
bufpos += (size_t)vsnprintf(buf + bufpos, sizeof(buf) - bufpos, fmt, ap);
data/libmpack-1.0.5/src/conv.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[sizeof(mpack_uint32_t)];
data/libmpack-1.0.5/src/core.c:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, tok.data.chunk_ptr + written, count);
data/libmpack-1.0.5/src/core.c:152:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, tokbuf->pending, write_cnt);
data/libmpack-1.0.5/src/core.c:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->pending + state->ppos, *buf, count);
data/libmpack-1.0.5/src/core.c:360:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*buf, state->pending + state->ppos, count);
data/libmpack-1.0.5/src/core.h:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pending[MPACK_MAX_TOKEN_LEN];
data/libmpack-1.0.5/src/object.c:134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(mpack_one_parser_t) - sizeof(mpack_node_t));
data/libmpack-1.0.5/src/rpc.c:245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(mpack_rpc_one_session_t) -
data/libmpack-1.0.5/test/deps/tap/tap.c:201:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
diag(" got: 0x%02x", ((unsigned char *)got)[offset]);
data/libmpack-1.0.5/test/deps/tap/tap.c:202:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
diag(" expected: 0x%02x", ((unsigned char *)expected)[offset]);
data/libmpack-1.0.5/test/deps/tap/tap.c:330:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[256];
data/libmpack-1.0.5/test/fixtures.c:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char jsbuf[0xffffff];
data/libmpack-1.0.5/test/fixtures.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[sizeof(js_item_pattern) + 1];
data/libmpack-1.0.5/test/fixtures.c:59:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*js + jsoff, b, sizeof(b) - 1);
data/libmpack-1.0.5/test/fixtures.c:62:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*mp + mpoff, mp_item_pattern, sizeof(mp_item_pattern));
data/libmpack-1.0.5/test/fixtures.c:63:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*mp + mpoff + 2, b + 2, 5);
data/libmpack-1.0.5/test/fixtures.c:102:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*mp + mpoff, mp_item_pattern, sizeof(mp_item_pattern));
data/libmpack-1.0.5/test/fixtures.c:104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*js + jsoff, js_item_pattern, sizeof(js_item_pattern) - 1);
data/libmpack-1.0.5/test/mpack.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[0xffffff];
data/libmpack-1.0.5/test/mpack.c:115:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/libmpack-1.0.5/test/mpack.c:116:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, p, l);
data/libmpack-1.0.5/test/mpack.c:295:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char repr[32];
data/libmpack-1.0.5/test/mpack.c:344:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mpackbuf[256];
data/libmpack-1.0.5/test/mpack.c:533:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64], *ptr = buf;
data/libmpack-1.0.5/test/fixtures.c:156:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t patlen = strlen(pattern);
ANALYSIS SUMMARY:
Hits = 30
Lines analyzed = 4141 in approximately 0.18 seconds (23006 lines/second)
Physical Source Lines of Code (SLOC) = 3634
Hits@level = [0] 20 [1] 1 [2] 24 [3] 0 [4] 5 [5] 0
Hits@level+ = [0+] 50 [1+] 30 [2+] 29 [3+] 5 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 13.7589 [1+] 8.25537 [2+] 7.98019 [3+] 1.37589 [4+] 1.37589 [5+] 0
Symlinks skipped = 1 (--allowlink overrides but see doc for security issue)
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.