Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libvirt-python-6.1.0/libvirt-lxc-override.c
Examining data/libvirt-python-6.1.0/libvirt-override.c
Examining data/libvirt-python-6.1.0/libvirt-qemu-override.c
Examining data/libvirt-python-6.1.0/libvirt-utils.c
Examining data/libvirt-python-6.1.0/libvirt-utils.h
Examining data/libvirt-python-6.1.0/typewrappers.c
Examining data/libvirt-python-6.1.0/typewrappers.h

FINAL RESULTS:

data/libvirt-python-6.1.0/libvirt-lxc-override.c:36:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(fmt, __VA_ARGS__)
data/libvirt-python-6.1.0/libvirt-override.c:40:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(fmt, __VA_ARGS__)
data/libvirt-python-6.1.0/libvirt-qemu-override.c:36:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(fmt, __VA_ARGS__)
data/libvirt-python-6.1.0/libvirt-override.c:2986:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char uuid[VIR_UUID_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:3012:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuidstr[VIR_UUID_STRING_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:3229:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char uuid[VIR_UUID_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:3255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuidstr[VIR_UUID_STRING_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:3938:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char uuid[VIR_UUID_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:3964:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuidstr[VIR_UUID_STRING_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:4179:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char uuid[VIR_UUID_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:4205:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuidstr[VIR_UUID_STRING_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:4416:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char uuid[VIR_UUID_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:4443:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuidstr[VIR_UUID_STRING_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:10193:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char uuid[VIR_UUID_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:10219:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char uuidstr[VIR_UUID_STRING_BUFLEN];
data/libvirt-python-6.1.0/libvirt-override.c:1983:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                cred[i].resultlen = strlen(result);
data/libvirt-python-6.1.0/libvirt-override.c:7771:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    DEBUG("StreamRecv ret=%d strlen=%d\n", ret, (int) strlen(buf));
data/libvirt-python-6.1.0/libvirt-override.c:9912:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    DEBUG("StreamRecvFlags ret=%d strlen=%d\n", ret, (int) strlen(buf));
data/libvirt-python-6.1.0/libvirt-utils.c:316:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(temp->field, keystr, VIR_TYPED_PARAM_FIELD_LENGTH - 1);

ANALYSIS SUMMARY:

Hits = 19
Lines analyzed = 12971 in approximately 0.27 seconds (47672 lines/second)
Physical Source Lines of Code (SLOC) = 10097
Hits@level = [0]   2 [1]   4 [2]  12 [3]   0 [4]   3 [5]   0
Hits@level+ = [0+]  21 [1+]  19 [2+]  15 [3+]   3 [4+]   3 [5+]   0
Hits/KSLOC@level+ = [0+] 2.07983 [1+] 1.88175 [2+] 1.48559 [3+] 0.297118 [4+] 0.297118 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.