Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/netifaces-0.10.9/netifaces.c

FINAL RESULTS:

data/netifaces-0.10.9/netifaces.c:513:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy (bufptr, pfxbuf);
data/netifaces-0.10.9/netifaces.c:614:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (bufptr, pfxbuf);
data/netifaces-0.10.9/netifaces.c:634:20:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
    HMODULE hmod = LoadLibrary ("ws2_32.dll");
data/netifaces-0.10.9/netifaces.c:650:20:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
    HMODULE hmod = LoadLibrary ("ws2_32.dll");
data/netifaces-0.10.9/netifaces.c:270:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmpbuf[20];
data/netifaces-0.10.9/netifaces.c:272:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf (tmpbuf, "%d.%d.%d.%d",
data/netifaces-0.10.9/netifaces.c:284:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmpbuf[80], *ptr = tmpbuf;
data/netifaces-0.10.9/netifaces.c:297:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf (ptr, "%x%02x", b1, b2);
data/netifaces-0.10.9/netifaces.c:305:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf (ptr, "%x", b2);
data/netifaces-0.10.9/netifaces.c:363:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bigaddr, addr, SA_LEN(addr));
data/netifaces-0.10.9/netifaces.c:424:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf (ptr, "%02x:", data[n] & 0xff);
data/netifaces-0.10.9/netifaces.c:453:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pfxbuf[16];
data/netifaces-0.10.9/netifaces.c:510:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (pfxbuf, "/%u", prefix);
data/netifaces-0.10.9/netifaces.c:563:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[256];
data/netifaces-0.10.9/netifaces.c:572:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pfxbuf[16];
data/netifaces-0.10.9/netifaces.c:611:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf (pfxbuf, "/%u", prefix);
data/netifaces-0.10.9/netifaces.c:666:5:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    wchar_t buffer[256];
data/netifaces-0.10.9/netifaces.c:675:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[256];
data/netifaces-0.10.9/netifaces.c:787:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[256];
data/netifaces-0.10.9/netifaces.c:802:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf (ptr, "%02x:", pInfo->PhysicalAddress[n] & 0xff);
data/netifaces-0.10.9/netifaces.c:1026:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[256];
data/netifaces-0.10.9/netifaces.c:1146:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[256];
data/netifaces-0.10.9/netifaces.c:1645:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char gwbuf[16];
data/netifaces-0.10.9/netifaces.c:1661:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf (gwbuf, "%u.%u.%u.%u",
data/netifaces-0.10.9/netifaces.c:1715:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char            data[0];
data/netifaces-0.10.9/netifaces.c:1898:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char buffer[256];
data/netifaces-0.10.9/netifaces.c:1899:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char ifnamebuf[IF_NAMESIZE];
data/netifaces-0.10.9/netifaces.c:1980:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ifnamebuf[IF_NAMESIZE];
data/netifaces-0.10.9/netifaces.c:2078:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char strbuf[256];
data/netifaces-0.10.9/netifaces.c:2147:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ifnamebuf[IF_NAMESIZE];
data/netifaces-0.10.9/netifaces.c:2297:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buffer[256];
data/netifaces-0.10.9/netifaces.c:2302:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy (ifnamebuf, ifp->sdl_data, ifp->sdl_nlen);
data/netifaces-0.10.9/netifaces.c:2476:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buffer[256];
data/netifaces-0.10.9/netifaces.c:2481:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy (ifnamebuf, ifp->sdl_data, ifp->sdl_nlen);
data/netifaces-0.10.9/netifaces.c:7:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  Py_ssize_t len = strlen(s);
data/netifaces-0.10.9/netifaces.c:275:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy (buffer, tmpbuf, buflen);
data/netifaces-0.10.9/netifaces.c:298:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          ptr += strlen (ptr);
data/netifaces-0.10.9/netifaces.c:306:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          ptr += strlen (ptr);
data/netifaces-0.10.9/netifaces.c:330:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy (buffer, tmpbuf, buflen);
data/netifaces-0.10.9/netifaces.c:512:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (bufend - bufptr > (int)strlen(pfxbuf))
data/netifaces-0.10.9/netifaces.c:613:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if ((size_t)(bufend - bufptr) > strlen(pfxbuf))
data/netifaces-0.10.9/netifaces.c:1059:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy (ifr6.ifr_name, addr->ifa_name, IFNAMSIZ);
data/netifaces-0.10.9/netifaces.c:1148:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy (ifr.CNAME(ifr_name), ifname, IFNAMSIZ);
data/netifaces-0.10.9/netifaces.c:1569:44:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ifname = PyUnicode_FromUnicode (pwcsName, wcslen (pwcsName));
data/netifaces-0.10.9/netifaces.c:1676:49:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ifname = PyUnicode_FromUnicode (pwcsName, wcslen (pwcsName));

ANALYSIS SUMMARY:

Hits = 45
Lines analyzed = 2905 in approximately 0.09 seconds (32664 lines/second)
Physical Source Lines of Code (SLOC) = 2347
Hits@level = [0]   3 [1]  11 [2]  30 [3]   2 [4]   2 [5]   0
Hits@level+ = [0+]  48 [1+]  45 [2+]  34 [3+]   4 [4+]   2 [5+]   0
Hits/KSLOC@level+ = [0+] 20.4516 [1+] 19.1734 [2+] 14.4866 [3+] 1.7043 [4+] 0.852152 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.