Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/noweb-2.11b/contrib/norman/htmlgif/newer.c
Examining data/noweb-2.11b/examples/README.h
Examining data/noweb-2.11b/src/c/columns.c
Examining data/noweb-2.11b/src/c/columns.h
Examining data/noweb-2.11b/src/c/errors.c
Examining data/noweb-2.11b/src/c/errors.h
Examining data/noweb-2.11b/src/c/finduses.c
Examining data/noweb-2.11b/src/c/getline.c
Examining data/noweb-2.11b/src/c/getline.h
Examining data/noweb-2.11b/src/c/main.c
Examining data/noweb-2.11b/src/c/markmain.c
Examining data/noweb-2.11b/src/c/markup.c
Examining data/noweb-2.11b/src/c/markup.h
Examining data/noweb-2.11b/src/c/match.c
Examining data/noweb-2.11b/src/c/match.h
Examining data/noweb-2.11b/src/c/mnt.c
Examining data/noweb-2.11b/src/c/modtrees.c
Examining data/noweb-2.11b/src/c/modtrees.h
Examining data/noweb-2.11b/src/c/modules.c
Examining data/noweb-2.11b/src/c/modules.h
Examining data/noweb-2.11b/src/c/notangle.c
Examining data/noweb-2.11b/src/c/notangle.h
Examining data/noweb-2.11b/src/c/readme.c
Examining data/noweb-2.11b/src/c/recognize.c
Examining data/noweb-2.11b/src/c/recognize.h
Examining data/noweb-2.11b/src/c/strsave.c
Examining data/noweb-2.11b/src/c/strsave.h
FINAL RESULTS:
data/noweb-2.11b/examples/README.h:28:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
and <t>write</t> system calls (along with some others) to
data/noweb-2.11b/src/c/errors.c:29:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, s, args);
data/noweb-2.11b/src/c/errors.c:45:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, s, args);
data/noweb-2.11b/src/c/notangle.c:60:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,line+strlen("@file "));
data/noweb-2.11b/src/c/notangle.c:72:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,line+strlen("@line "));
data/noweb-2.11b/src/c/notangle.c:99:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(modname,line+strlen("@defn "));
data/noweb-2.11b/src/c/notangle.c:128:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,line+strlen("@file "));
data/noweb-2.11b/src/c/notangle.c:140:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp,line+strlen("@line "));
data/noweb-2.11b/src/c/recognize.c:124:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copy, id);
data/noweb-2.11b/src/c/strsave.c:13:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t,s);
data/noweb-2.11b/src/c/mnt.c:23:14: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
extern char *tempnam (const char *dir, const char *pfx); /* temp file in dir */
data/noweb-2.11b/src/c/mnt.c:25:9: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
#define tempnam(DIR,PFX) (strsave(tmpnam(NULL)))
data/noweb-2.11b/src/c/mnt.c:25:35: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
#define tempnam(DIR,PFX) (strsave(tmpnam(NULL)))
data/noweb-2.11b/src/c/mnt.c:110:20: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
char *tempname = tempnam(".", 0);
data/noweb-2.11b/examples/README.h:27:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
A library that modifies the <t>open</t>, <t>close</t>, <t>read</t>,
data/noweb-2.11b/src/c/finduses.c:46:17: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
{ FILE *tmp = tmpfile();
data/noweb-2.11b/src/c/finduses.c:76:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp=fopen(argv[i],"r"))==NULL)
data/noweb-2.11b/src/c/main.c:34:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tabsize = atoi(argv[i]+2);
data/noweb-2.11b/src/c/markmain.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modname[MAX_MODNAME+1] = ""; /* name of module currently being read,
data/noweb-2.11b/src/c/markmain.c:378:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tabsize = atoi(argv[i]+2);
data/noweb-2.11b/src/c/markmain.c:393:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp=fopen(argv[i],"r"))==NULL) {
data/noweb-2.11b/src/c/mnt.c:61:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tabsize = atoi(argv[i]+1);
data/noweb-2.11b/src/c/mnt.c:133:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(tempname, "w");
data/noweb-2.11b/src/c/mnt.c:145:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dest = fopen(filename, "r");
data/noweb-2.11b/src/c/mnt.c:148:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp = fopen(tempname, "r");
data/noweb-2.11b/src/c/mnt.c:165:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/noweb-2.11b/src/c/notangle.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modname[MAX_MODNAME+1] = ""; /* name of module currently being read,
data/noweb-2.11b/src/c/notangle.c:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char temp[MAX_MODNAME+1];
data/noweb-2.11b/src/c/notangle.c:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char temp[MAX_MODNAME+1];
data/noweb-2.11b/src/c/notangle.c:82:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
loc.lineno = atoi(temp);
data/noweb-2.11b/src/c/notangle.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char temp[MAX_MODNAME+1];
data/noweb-2.11b/src/c/notangle.c:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char temp[MAX_MODNAME+1];
data/noweb-2.11b/src/c/notangle.c:150:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
loc.lineno = atoi(temp);
data/noweb-2.11b/examples/README.h:27:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
A library that modifies the <t>open</t>, <t>close</t>, <t>read</t>,
data/noweb-2.11b/examples/README.h:29:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
transparently read and write files in Unix <t>compress</t> format.
data/noweb-2.11b/src/c/finduses.c:58:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line)-1] == '\n') line[strlen(line)-1] = 0;
data/noweb-2.11b/src/c/finduses.c:58:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line)-1] == '\n') line[strlen(line)-1] = 0;
data/noweb-2.11b/src/c/finduses.c:61:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line)-1] == '\n') line[strlen(line)-1] = 0;
data/noweb-2.11b/src/c/finduses.c:61:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line)-1] == '\n') line[strlen(line)-1] = 0;
data/noweb-2.11b/src/c/finduses.c:93:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line)-1] == '\n') line[strlen(line)-1] = 0;
data/noweb-2.11b/src/c/finduses.c:93:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line)-1] == '\n') line[strlen(line)-1] = 0;
data/noweb-2.11b/src/c/finduses.c:122:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->line = emit_up_to(info->out, info->line, instance + strlen(id));
data/noweb-2.11b/src/c/getline.c:34:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (buf1[strlen(buf1)-1] != '\n') { /* failed to get whole line */
data/noweb-2.11b/src/c/getline.c:37:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fgets(buf1+strlen(buf1),buf_size-strlen(buf1),fp)==NULL)
data/noweb-2.11b/src/c/getline.c:37:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fgets(buf1+strlen(buf1),buf_size-strlen(buf1),fp)==NULL)
data/noweb-2.11b/src/c/markmain.c:37:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int last=strlen(value)-1;
data/noweb-2.11b/src/c/markmain.c:69:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
missing_newline = line[strlen(line)-1] != '\n';
data/noweb-2.11b/src/c/markmain.c:148:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buflen < strlen(line) + 1 + 2) {
data/noweb-2.11b/src/c/markmain.c:149:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (buflen < strlen(line) + 1 + 2)
data/noweb-2.11b/src/c/markup.c:36:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(def_marker) == def_length);
data/noweb-2.11b/src/c/markup.c:96:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest,q,size-1);
data/noweb-2.11b/src/c/markup.c:104:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int searchlen = strlen(search);
data/noweb-2.11b/src/c/markup.c:105:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int escapelen = (escape != NULL ? strlen(escape) : 0);
data/noweb-2.11b/src/c/match.c:7:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return !strncmp(line,search,strlen(search));
data/noweb-2.11b/src/c/match.c:13:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(line[strlen(keyword)+1]==' ' || line[strlen(keyword)+1]=='\n' ||
data/noweb-2.11b/src/c/match.c:13:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(line[strlen(keyword)+1]==' ' || line[strlen(keyword)+1]=='\n' ||
data/noweb-2.11b/src/c/match.c:14:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(keyword)+1]=='\0');
data/noweb-2.11b/src/c/mnt.c:115:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ int n = strlen(modname) - 1;
data/noweb-2.11b/src/c/mnt.c:151:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = getc(tmp);
data/noweb-2.11b/src/c/mnt.c:152:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
y = getc(dest);
data/noweb-2.11b/src/c/modules.c:49:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ int k = strlen(p->contents)-1;
data/noweb-2.11b/src/c/notangle.c:58:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@file "))
data/noweb-2.11b/src/c/notangle.c:58:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@file "))
data/noweb-2.11b/src/c/notangle.c:60:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(temp,line+strlen("@file "));
data/noweb-2.11b/src/c/notangle.c:61:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1]='\0';
data/noweb-2.11b/src/c/notangle.c:70:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@line "))
data/noweb-2.11b/src/c/notangle.c:70:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@line "))
data/noweb-2.11b/src/c/notangle.c:72:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(temp,line+strlen("@line "));
data/noweb-2.11b/src/c/notangle.c:73:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1]='\0';
data/noweb-2.11b/src/c/notangle.c:99:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(modname,line+strlen("@defn "));
data/noweb-2.11b/src/c/notangle.c:100:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
modname[strlen(modname)-1]='\0';
data/noweb-2.11b/src/c/notangle.c:126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@file "))
data/noweb-2.11b/src/c/notangle.c:126:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@file "))
data/noweb-2.11b/src/c/notangle.c:128:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(temp,line+strlen("@file "));
data/noweb-2.11b/src/c/notangle.c:129:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1]='\0';
data/noweb-2.11b/src/c/notangle.c:138:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@line "))
data/noweb-2.11b/src/c/notangle.c:138:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) >= MAX_MODNAME + strlen("@line "))
data/noweb-2.11b/src/c/notangle.c:140:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(temp,line+strlen("@line "));
data/noweb-2.11b/src/c/notangle.c:141:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1]='\0';
data/noweb-2.11b/src/c/notangle.c:173:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strcmp(modname+strlen(modname)-3,"..."))
data/noweb-2.11b/src/c/recognize.c:123:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *copy = malloc(strlen(id) + 1);
data/noweb-2.11b/src/c/recognize.c:188:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f(closure, p->name, current - strlen(p->name));
data/noweb-2.11b/src/c/recognize.c:200:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(id);
data/noweb-2.11b/src/c/strsave.c:11:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *t = malloc (strlen(s)+1);
ANALYSIS SUMMARY:
Hits = 84
Lines analyzed = 1987 in approximately 0.13 seconds (14816 lines/second)
Physical Source Lines of Code (SLOC) = 1814
Hits@level = [0] 22 [1] 51 [2] 19 [3] 4 [4] 10 [5] 0
Hits@level+ = [0+] 106 [1+] 84 [2+] 33 [3+] 14 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 58.4344 [1+] 46.3065 [2+] 18.1918 [3+] 7.71775 [4+] 5.51268 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.