Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ndppd-0.2.5/src/address.cc
Examining data/ndppd-0.2.5/src/address.h
Examining data/ndppd-0.2.5/src/conf.cc
Examining data/ndppd-0.2.5/src/conf.h
Examining data/ndppd-0.2.5/src/iface.cc
Examining data/ndppd-0.2.5/src/iface.h
Examining data/ndppd-0.2.5/src/logger.cc
Examining data/ndppd-0.2.5/src/logger.h
Examining data/ndppd-0.2.5/src/ndppd.h
Examining data/ndppd-0.2.5/src/proxy.cc
Examining data/ndppd-0.2.5/src/proxy.h
Examining data/ndppd-0.2.5/src/ptr.h
Examining data/ndppd-0.2.5/src/route.cc
Examining data/ndppd-0.2.5/src/route.h
Examining data/ndppd-0.2.5/src/rule.cc
Examining data/ndppd-0.2.5/src/rule.h
Examining data/ndppd-0.2.5/src/session.cc
Examining data/ndppd-0.2.5/src/session.h
Examining data/ndppd-0.2.5/src/ndppd.cc

FINAL RESULTS:

data/ndppd-0.2.5/src/logger.cc:78:5:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    vsnprintf(buf, sizeof(buf), fmt.c_str(), va);
data/ndppd-0.2.5/src/logger.cc:165:14:  [4] (format) syslog:
  If syslog's format strings can be influenced by an attacker, they can be
  exploited (CWE-134). Use a constant format string for syslog.
void logger::syslog(bool sl)
data/ndppd-0.2.5/src/logger.cc:178:14:  [4] (format) syslog:
  If syslog's format strings can be influenced by an attacker, they can be
  exploited (CWE-134). Use a constant format string for syslog.
bool logger::syslog()
data/ndppd-0.2.5/src/logger.h:45:17:  [4] (format) syslog:
  If syslog's format strings can be influenced by an attacker, they can be
  exploited (CWE-134). Use a constant format string for syslog.
    static void syslog(bool enable);
data/ndppd-0.2.5/src/logger.h:46:17:  [4] (format) syslog:
  If syslog's format strings can be influenced by an attacker, they can be
  exploited (CWE-134). Use a constant format string for syslog.
    static bool syslog();
data/ndppd-0.2.5/src/ndppd.cc:265:17:  [4] (format) syslog:
  If syslog's format strings can be influenced by an attacker, they can be
  exploited (CWE-134). Use a constant format string for syslog.
        logger::syslog(true);
data/ndppd-0.2.5/src/ndppd.cc:224:13:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
        c = getopt_long(argc, argv, "c:dp:v", long_options,& opt);
data/ndppd-0.2.5/src/address.cc:178:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[INET6_ADDRSTRLEN + 8];
data/ndppd-0.2.5/src/address.cc:188:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf + strlen(buf), "/%d", p);
data/ndppd-0.2.5/src/address.cc:196:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[INET6_ADDRSTRLEN],* b;
data/ndppd-0.2.5/src/address.cc:270:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    prefix(atoi(buf));
data/ndppd-0.2.5/src/conf.cc:67:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(_value.c_str());
data/ndppd-0.2.5/src/conf.cc:80:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        ifs.open(path.c_str(), std::ios::in);
data/ndppd-0.2.5/src/iface.cc:282:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ifa->hwaddr, ifr.ifr_hwaddr.sa_data, sizeof(struct ether_addr));
data/ndppd-0.2.5/src/iface.cc:327:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&daddr_tmp.sin6_addr,& daddr.const_addr(), sizeof(struct in6_addr));
data/ndppd-0.2.5/src/iface.cc:376:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/ndppd-0.2.5/src/iface.cc:391:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ns->nd_ns_target,& taddr.const_addr(), sizeof(struct in6_addr));
data/ndppd-0.2.5/src/iface.cc:393:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + sizeof(struct nd_neighbor_solicit) + sizeof(struct nd_opt_hdr),
data/ndppd-0.2.5/src/iface.cc:416:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/ndppd-0.2.5/src/iface.cc:432:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&na->nd_na_target,& taddr.const_addr(), sizeof(struct in6_addr));
data/ndppd-0.2.5/src/iface.cc:434:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + sizeof(struct nd_neighbor_advert) + sizeof(struct nd_opt_hdr),
data/ndppd-0.2.5/src/logger.cc:75:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2048];
data/ndppd-0.2.5/src/logger.cc:85:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2048];
data/ndppd-0.2.5/src/logger.cc:210:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        _max_pri = atoi(c_name);
data/ndppd-0.2.5/src/ndppd.cc:152:32:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        ptr<proxy> pr = proxy::open(*pr_cf);
data/ndppd-0.2.5/src/ndppd.cc:279:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        pf.open(pidfile.c_str(), std::ios::out | std::ios::trunc);
data/ndppd-0.2.5/src/proxy.cc:52:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
ptr<proxy> proxy::open(const std::string& ifname)
data/ndppd-0.2.5/src/proxy.h:35:23:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    static ptr<proxy> open(const std::string& ifn);
data/ndppd-0.2.5/src/route.cc:91:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        ifs.open(path.c_str(), std::ios::in);
data/ndppd-0.2.5/src/route.cc:95:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf[1024];
data/ndppd-0.2.5/src/address.cc:188:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf(buf + strlen(buf), "/%d", p);
data/ndppd-0.2.5/src/iface.cc:198:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(ifr.ifr_name, name.c_str(), IFNAMSIZ - 1);
data/ndppd-0.2.5/src/iface.cc:210:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(ifr.ifr_name, name.c_str(), IFNAMSIZ - 1);
data/ndppd-0.2.5/src/iface.cc:289:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
ssize_t iface::read(int fd, struct sockaddr* saddr, uint8_t* msg, size_t size)
data/ndppd-0.2.5/src/iface.cc:355:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ((len = read(_pfd, (struct sockaddr*)&t_saddr, msg, sizeof(msg))) < 0)
data/ndppd-0.2.5/src/iface.cc:450:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ((len = read(_ifd, (struct sockaddr* )&t_saddr, msg, sizeof(msg))) < 0)
data/ndppd-0.2.5/src/iface.cc:609:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(ifr.ifr_name, _name.c_str(), IFNAMSIZ);
data/ndppd-0.2.5/src/iface.h:45:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    static ssize_t read(int fd, struct sockaddr* saddr, uint8_t* msg, size_t size);
data/ndppd-0.2.5/src/logger.cc:215:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (!strncmp(c_name, _pri_names[i].name, strlen(_pri_names[i].name))) {
data/ndppd-0.2.5/src/ndppd.cc:46:5:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    umask(0);
data/ndppd-0.2.5/src/ndppd.cc:277:28:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
        mode_t old_umask = umask(022);
data/ndppd-0.2.5/src/ndppd.cc:282:9:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
        umask(old_umask);

ANALYSIS SUMMARY:

Hits = 42
Lines analyzed = 3351 in approximately 0.08 seconds (40972 lines/second)
Physical Source Lines of Code (SLOC) = 2178
Hits@level = [0]   2 [1]  12 [2]  23 [3]   1 [4]   6 [5]   0
Hits@level+ = [0+]  44 [1+]  42 [2+]  30 [3+]   7 [4+]   6 [5+]   0
Hits/KSLOC@level+ = [0+] 20.202 [1+] 19.2837 [2+] 13.7741 [3+] 3.21396 [4+] 2.75482 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.