Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pgtcl-2.7.5/generic/libpgtcl.h Examining data/pgtcl-2.7.5/generic/pgtcl.c Examining data/pgtcl-2.7.5/generic/pgtclAppInit.c Examining data/pgtcl-2.7.5/generic/pgtclCmds.c Examining data/pgtcl-2.7.5/generic/pgtclCmds.h Examining data/pgtcl-2.7.5/generic/pgtclId.c Examining data/pgtcl-2.7.5/generic/pgtclId.h Examining data/pgtcl-2.7.5/generic/pgtclSqlite.c Examining data/pgtcl-2.7.5/generic/pgtclSqlite.h Examining data/pgtcl-2.7.5/generic/tokenize.c Examining data/pgtcl-2.7.5/generic/tokenize.h Examining data/pgtcl-2.7.5/win/nmakehlp.c FINAL RESULTS: data/pgtcl-2.7.5/generic/pgtclCmds.c:1768:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (resultid->nullValueString, nullValueString); data/pgtcl-2.7.5/generic/pgtclCmds.c:3461:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(caserelname, origrelname + 1); data/pgtcl-2.7.5/generic/pgtclCmds.c:3481:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(callback, callbackStr); data/pgtcl-2.7.5/generic/pgtclCmds.c:3529:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "LISTEN %s", origrelname); data/pgtcl-2.7.5/generic/pgtclCmds.c:3574:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "UNLISTEN %s", origrelname); data/pgtcl-2.7.5/generic/pgtclCmds.c:4227:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (connid->nullValueString, nullValueString); data/pgtcl-2.7.5/generic/pgtclCmds.c:4339:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(callback, callbackStr); data/pgtcl-2.7.5/generic/pgtclCmds.c:4876:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s.%d", connString, i); data/pgtcl-2.7.5/generic/pgtclId.c:254:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(connid->id, "%spgsql%p", ns, connid); data/pgtcl-2.7.5/generic/pgtclId.c:258:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(connid->id, "%s%s", ns, chandle); data/pgtcl-2.7.5/generic/pgtclId.c:944:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s.%d", connid_c, resid); data/pgtcl-2.7.5/generic/pgtclId.c:1207:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(svcallback, callback); data/pgtcl-2.7.5/generic/pgtclSqlite.c:355:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(primaryKeyNames[k], column); data/pgtcl-2.7.5/generic/pgtclSqlite.c:359:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(primaryKeyNames[k], column); data/pgtcl-2.7.5/generic/pgtclSqlite.c:1772:10: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(maxString, val); data/pgtcl-2.7.5/win/nmakehlp.c:139:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmdline, option); data/pgtcl-2.7.5/win/nmakehlp.c:234:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmdline, option); data/pgtcl-2.7.5/generic/pgtcl.c:138:13: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. if (LoadLibrary("libpq.dll") == NULL) { data/pgtcl-2.7.5/win/nmakehlp.c:143:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. ok = CreateProcess( data/pgtcl-2.7.5/win/nmakehlp.c:143:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. ok = CreateProcess( data/pgtcl-2.7.5/win/nmakehlp.c:238:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. ok = CreateProcess( data/pgtcl-2.7.5/win/nmakehlp.c:238:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. ok = CreateProcess( data/pgtcl-2.7.5/generic/pgtclCmds.c:1027:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[60]; data/pgtcl-2.7.5/generic/pgtclCmds.c:1029:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "\n (\"pg_result_foreach\" body line %d)", data/pgtcl-2.7.5/generic/pgtclCmds.c:2885:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(output, "$%d", paramIndex + 1); data/pgtcl-2.7.5/generic/pgtclCmds.c:3228:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64]; data/pgtcl-2.7.5/generic/pgtclCmds.c:3230:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "PQfname() returned NULL for column %d, ncols %d", data/pgtcl-2.7.5/generic/pgtclCmds.c:3317:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[60]; data/pgtcl-2.7.5/generic/pgtclCmds.c:3319:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "\n (\"pg_select\" body line %d)", data/pgtcl-2.7.5/generic/pgtclCmds.c:4689:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. from = (const unsigned char *)Tcl_GetStringFromObj(objv[1], &fromLen); data/pgtcl-2.7.5/generic/pgtclCmds.c:4751:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/pgtcl-2.7.5/generic/pgtclId.c:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, bufPtr, avail); data/pgtcl-2.7.5/generic/pgtclId.c:883:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/pgtcl-2.7.5/generic/pgtclId.h:69:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[32]; data/pgtcl-2.7.5/generic/pgtclSqlite.c:163:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *typenames[PG_SQLITE_NOTYPE] = { NULL }; data/pgtcl-2.7.5/generic/pgtclSqlite.c:281:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(value); data/pgtcl-2.7.5/generic/pgtclSqlite.c:297:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int ival = atoi(value); data/pgtcl-2.7.5/generic/pgtclSqlite.c:513:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int rval = atoi(row[i]); data/pgtcl-2.7.5/generic/pgtclSqlite.c:725:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_name[256 + 1]; data/pgtcl-2.7.5/generic/pgtclSqlite.c:726:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char create_cmd[256 + 18 + 1]; data/pgtcl-2.7.5/generic/pgtclSqlite.c:727:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char delete_cmd[256 + 7 + 1]; data/pgtcl-2.7.5/generic/pgtclSqlite.c:949:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argerr[NUM_COMMANDS] = { "" }; data/pgtcl-2.7.5/generic/pgtclSqlite.c:1676:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char maxString[BUFSIZ]; data/pgtcl-2.7.5/generic/pgtclSqlite.c:1778:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int valInt = atoi(val); data/pgtcl-2.7.5/generic/tokenize.c:84:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char sqlite3CtypeMap[256] = { data/pgtcl-2.7.5/generic/tokenize.c:507:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(q, "$%d", nextVarIndex+1); //1 indexed data/pgtcl-2.7.5/win/nmakehlp.c:31:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1000]; data/pgtcl-2.7.5/win/nmakehlp.c:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[300]; data/pgtcl-2.7.5/win/nmakehlp.c:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[300]; data/pgtcl-2.7.5/win/nmakehlp.c:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[100]; data/pgtcl-2.7.5/win/nmakehlp.c:137:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cmdline, "cl.exe -nologo -c -TC -Fdtemp "); data/pgtcl-2.7.5/win/nmakehlp.c:141:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(cmdline, " nul"); data/pgtcl-2.7.5/win/nmakehlp.c:201:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[300]; data/pgtcl-2.7.5/win/nmakehlp.c:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdline[100]; data/pgtcl-2.7.5/win/nmakehlp.c:232:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cmdline, "link.exe -nologo "); data/pgtcl-2.7.5/win/nmakehlp.c:319:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(file, "r"); data/pgtcl-2.7.5/win/nmakehlp.c:344:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *ofp = fopen("version.vc", "w"); data/pgtcl-2.7.5/generic/pgtclCmds.c:175:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). last = strlen(value) - 1; data/pgtcl-2.7.5/generic/pgtclCmds.c:2825:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *newQueryString = (char *)ckalloc(strlen(queryString) + 5 * nParams); data/pgtcl-2.7.5/generic/pgtclCmds.c:2865:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(paramName, nameMarker, paramNameLength); data/pgtcl-2.7.5/generic/pgtclCmds.c:2886:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). output += strlen(output); data/pgtcl-2.7.5/generic/pgtclId.c:1206:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). svcallback = (char *)ckalloc((unsigned)(strlen(callback) + 1)); data/pgtcl-2.7.5/generic/pgtclSqlite.c:358:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). primaryKeyNames[k] = (char *)ckalloc(strlen(column) + 1); data/pgtcl-2.7.5/generic/pgtclSqlite.c:794:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int sepLen = strlen(sepStr); data/pgtcl-2.7.5/generic/pgtclSqlite.c:839:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int sepLen = strlen(sepStr); data/pgtcl-2.7.5/generic/tokenize.c:460:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *newSql = ckalloc(strlen(sql)+1); data/pgtcl-2.7.5/generic/tokenize.c:463:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const char **replacementArray = (const char **)ckalloc((strlen(sql)/2) * (sizeof *replacementArray)); data/pgtcl-2.7.5/win/nmakehlp.c:162:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). WriteFile(GetStdHandle(STD_ERROR_HANDLE), msg, strlen(msg), &err, NULL); data/pgtcl-2.7.5/win/nmakehlp.c:257:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). WriteFile(GetStdHandle(STD_ERROR_HANDLE), msg, strlen(msg), &err, NULL); ANALYSIS SUMMARY: Hits = 69 Lines analyzed = 10447 in approximately 0.31 seconds (33360 lines/second) Physical Source Lines of Code (SLOC) = 7140 Hits@level = [0] 11 [1] 12 [2] 35 [3] 5 [4] 17 [5] 0 Hits@level+ = [0+] 80 [1+] 69 [2+] 57 [3+] 22 [4+] 17 [5+] 0 Hits/KSLOC@level+ = [0+] 11.2045 [1+] 9.66387 [2+] 7.98319 [3+] 3.08123 [4+] 2.38095 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.