Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c Examining data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.h Examining data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_private.h Examining data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c FINAL RESULTS: data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:187:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(code,buf); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:251:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(code,get_resource(ctx,req)->code); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:257:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(code,resource->code); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:276:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(code,curr->entry->code); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:291:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(call, data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:407:25: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(property->value,value); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:548:15: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (p!=NULL) strcpy(p,s); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:561:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(out,array[i]); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:25:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(ps,tmp); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:30:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(ps,tmp); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_LINE]; data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:78:4: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f=fopen(filename, "r"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:451:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. hex+=sprintf(hex,"%02X",in[i]); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:24:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(ps,"%!PS\n"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:27:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(ps,"gsave\n"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:28:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(ps,"50 150 translate\n"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:32:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(ps,"grestore\n"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:135:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(buf,"% --",4)==0 && strlen(buf)>=9 && data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:404:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(property->value) + data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:405:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(value) + data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:438:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* out=malloc((3*strlen(in)+3) * sizeof(char)); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:441:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. hex+=sprintf(hex,"<"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:442:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=0; i<strlen(in); i++) { data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:444:9: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. hex+=sprintf(hex,"\n"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:448:9: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. hex+=sprintf(hex," "); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:454:7: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. hex+=sprintf(hex,">"); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:547:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *p=malloc(strlen(s)+1); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:562:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(out,","); data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode.c:565:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). out[strlen(out)-1]='\0'; data/libpostscriptbarcode-20200401/libs/c/postscriptbarcode_test.c:22:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ps=malloc(strlen(tmp)+1000*sizeof(char)); ANALYSIS SUMMARY: Hits = 30 Lines analyzed = 874 in approximately 0.08 seconds (11495 lines/second) Physical Source Lines of Code (SLOC) = 563 Hits@level = [0] 2 [1] 13 [2] 7 [3] 0 [4] 10 [5] 0 Hits@level+ = [0+] 32 [1+] 30 [2+] 17 [3+] 10 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 56.8384 [1+] 53.286 [2+] 30.1954 [3+] 17.762 [4+] 17.762 [5+] 0 Symlinks skipped = 1 (--allowlink overrides but see doc for security issue) Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.