Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/multicat-2.3/aggregartp.c
Examining data/multicat-2.3/ingests.c
Examining data/multicat-2.3/ingests_debug.c
Examining data/multicat-2.3/lasts.c
Examining data/multicat-2.3/multicat.c
Examining data/multicat-2.3/multicat_validate.c
Examining data/multicat-2.3/multilive.c
Examining data/multicat-2.3/offsets.c
Examining data/multicat-2.3/reordertp.c
Examining data/multicat-2.3/util.c
Examining data/multicat-2.3/util.h

FINAL RESULTS:

data/multicat-2.3/util.c:96:9:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        vfprintf( stderr, psz_fmt, args );
data/multicat-2.3/util.c:118:9:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        vfprintf( stderr, psz_fmt, args );
data/multicat-2.3/util.c:143:9:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        vfprintf( stderr, psz_fmt, args );
data/multicat-2.3/util.c:168:9:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        vfprintf( stderr, psz_fmt, args );
data/multicat-2.3/util.c:188:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf( stderr, psz_fmt, args );
data/multicat-2.3/util.c:1035:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( psz_aux, psz_arg );
data/multicat-2.3/util.c:1049:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat( psz_aux, "." PSZ_AUX_EXT );
data/multicat-2.3/util.c:1216:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf( psz_file, "%s/%"PRIu64"."PSZ_TS_EXT, psz_dir_path, i_file );
data/multicat-2.3/util.c:1248:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf( psz_file, "%s/%"PRIu64"."PSZ_TS_EXT, psz_dir_path, i_file );
data/multicat-2.3/aggregartp.c:276:18:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ( (c = getopt( i_argc, pp_argv, "i:l:t:wo:x:X:Um:R:h" )) != -1 )
data/multicat-2.3/ingests.c:200:19:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
        if ( (c = getopt(i_argc, pp_argv, "l:p:m:h")) == -1 )
data/multicat-2.3/multicat.c:950:18:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ( (c = getopt( i_argc, pp_argv, "i:l:t:XT:fp:CPs:n:k:d:ar:O:S:uUm:R:wh" )) != -1 )
data/multicat-2.3/multicat.c:1117:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand( time(NULL) * getpid() );
data/multicat-2.3/multicat_validate.c:111:18:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ( (c = getopt( i_argc, pp_argv, "l:k:r:O:W:m:h" )) != -1 )
data/multicat-2.3/multilive.c:132:18:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ( (c = getopt( i_argc, pp_argv, "i:l:t:y:p:d:h" )) != -1 )
data/multicat-2.3/multilive.c:226:25:  [3] (random) lrand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    uint32_t i_source = lrand48();
data/multicat-2.3/multilive.c:231:41:  [3] (random) lrand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    uint64_t i_master_expiration_skew = lrand48();
data/multicat-2.3/reordertp.c:508:18:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ( (c = getopt( i_argc, pp_argv, "i:l:t:b:g:j:r:n:x:X:UDm:R:h" )) != -1 )
data/multicat-2.3/lasts.c:50:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    i_fd = open(ppsz_argv[1], O_RDONLY);
data/multicat-2.3/multicat.c:201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( p_buf, p_tcp_buffer, i_len );
data/multicat-2.3/multicat.c:971:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            i_stc_fd = open( optarg, O_WRONLY | O_CREAT | O_TRUNC, 0644 );
data/multicat-2.3/multicat.c:1271:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char psz_stc[256];
data/multicat-2.3/multicat.c:1272:28:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            size_t i_len = sprintf( psz_stc, "<?xml version=\"1.0\" encoding=\"utf-8\"?><MULTICAT><STC value=\"%"PRIu64"\"/></MULTICAT>", i_stc );
data/multicat-2.3/util.c:94:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char psz_fmt[MAX_MSG];
data/multicat-2.3/util.c:116:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char psz_fmt[MAX_MSG];
data/multicat-2.3/util.c:141:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char psz_fmt[MAX_MSG];
data/multicat-2.3/util.c:166:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char psz_fmt[MAX_MSG];
data/multicat-2.3/util.c:184:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char psz_fmt[MAX_MSG];
data/multicat-2.3/util.c:311:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[INET6_ADDRSTRLEN];
data/multicat-2.3/util.c:325:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[INET6_ADDRSTRLEN];
data/multicat-2.3/util.c:341:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char psz_port_buffer[6];
data/multicat-2.3/util.c:393:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( psz_port_buffer, "%u", i_default_port );
data/multicat-2.3/util.c:414:42:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                p_sin->sin_port = ntohs( atoi( psz_port ) );
data/multicat-2.3/util.c:465:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ipsrc_str[16], ipdst_str[16];
data/multicat-2.3/util.c:600:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &connect_addr.ss, p_ai->ai_addr, p_ai->ai_addrlen );
data/multicat-2.3/util.c:611:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &bind_addr.ss, p_ai->ai_addr, p_ai->ai_addrlen );
data/multicat-2.3/util.c:1017:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( (i_fd = open( psz_arg, i_mode, 0644 )) < 0 )
data/multicat-2.3/util.c:1051:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( psz_aux + strlen(psz_aux), "%zu", i_payload_size );
data/multicat-2.3/util.c:1063:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( (p_aux = fopen( psz_arg,
data/multicat-2.3/util.c:1085:22:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( (i_stc_fd = open( psz_arg, O_RDONLY )) == -1 )
data/multicat-2.3/util.c:1212:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char psz_file[strlen(psz_dir_path) + sizeof(PSZ_TS_EXT) +
data/multicat-2.3/util.c:1246:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char psz_file[strlen(psz_dir_path) + sizeof(PSZ_TS_EXT) +
data/multicat-2.3/aggregartp.c:452:22:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            i_size = read( i_input_fd, p_read_buffer, i_wanted_size );
data/multicat-2.3/ingests.c:251:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if ( (i_ret = read( i_fd, p_buffer, TS_SIZE * READ_ONCE )) < 0 )
data/multicat-2.3/lasts.c:57:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(i_fd, p_aux, sizeof(p_aux)) != sizeof(p_aux))
data/multicat-2.3/lasts.c:80:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(i_fd, p_aux, sizeof(p_aux)) != sizeof(p_aux))
data/multicat-2.3/multicat.c:378:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( (i_ret = read( i_input_fd, p_buf + i_buf_offset,
data/multicat-2.3/multicat.c:460:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( (i_ret = read( i_input_fd, p_buf, i_len )) < 0 )
data/multicat-2.3/multilive.c:295:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            ssize_t i_size = read( i_input_fd, p_buffer, ANNOUNCE_SIZE );
data/multicat-2.3/reordertp.c:686:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    i_size = read( p_input->i_fd, p_buffer, i_size );
data/multicat-2.3/util.c:277:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy( ifr.ifr_name, psz_name, IFNAMSIZ );
data/multicat-2.3/util.c:389:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *ppsz_end = _psz_string + strlen(_psz_string);
data/multicat-2.3/util.c:469:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(ipsrc_str, inet_ntoa(insrc), 16);
data/multicat-2.3/util.c:470:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(ipdst_str, inet_ntoa(indst), 16);
data/multicat-2.3/util.c:525:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( !psz_string || strlen( psz_string ) == 0 )
data/multicat-2.3/util.c:637:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define IS_OPTION( option ) (!strncasecmp( psz_token2, option, strlen(option) ))
data/multicat-2.3/util.c:638:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ARG_OPTION( option ) (psz_token2 + strlen(option))
data/multicat-2.3/util.c:652:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                if (strlen(psz_ifname) >= IFNAMSIZ) {
data/multicat-2.3/util.c:881:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                 psz_ifname, strlen(psz_ifname)+1 ) < 0 ) {
data/multicat-2.3/util.c:1032:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *psz_aux = malloc( strlen(psz_arg) + 256 );
data/multicat-2.3/util.c:1051:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( psz_aux + strlen(psz_aux), "%zu", i_payload_size );
data/multicat-2.3/util.c:1212:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char psz_file[strlen(psz_dir_path) + sizeof(PSZ_TS_EXT) +
data/multicat-2.3/util.c:1246:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char psz_file[strlen(psz_dir_path) + sizeof(PSZ_TS_EXT) +

ANALYSIS SUMMARY:

Hits = 63
Lines analyzed = 5060 in approximately 0.13 seconds (38110 lines/second)
Physical Source Lines of Code (SLOC) = 3872
Hits@level = [0]  28 [1]  21 [2]  24 [3]   9 [4]   9 [5]   0
Hits@level+ = [0+]  91 [1+]  63 [2+]  42 [3+]  18 [4+]   9 [5+]   0
Hits/KSLOC@level+ = [0+] 23.5021 [1+] 16.2707 [2+] 10.8471 [3+] 4.64876 [4+] 2.32438 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.