Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_basic_properties.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_basic_properties.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_channel.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_channel.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection_resource.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection_resource.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_decimal.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_decimal.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_envelope.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_envelope.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_exchange.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_exchange.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_methods_handling.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_methods_handling.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_queue.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_queue.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_timestamp.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_timestamp.h Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c Examining data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.h Examining data/php-amqp-1.10.2/amqp-1.10.2/php5_support.h Examining data/php-amqp-1.10.2/amqp-1.10.2/php7_support.h Examining data/php-amqp-1.10.2/amqp-1.10.2/php_amqp.h FINAL RESULTS: data/php-amqp-1.10.2/amqp-1.10.2/amqp_basic_properties.c:458:18: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int length = snprintf(timestamp_str, sizeof(timestamp_str), ZEND_ULONG_FMT, entry->value.value.u64); data/php-amqp-1.10.2/amqp-1.10.2/amqp_basic_properties.c:454:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestamp_str[20]; data/php-amqp-1.10.2/amqp-1.10.2/amqp_channel.c:1464:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&amqp_channel_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:1643:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&amqp_connection_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-amqp-1.10.2/amqp-1.10.2/amqp_timestamp.c:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char min[21], max[21]; data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]; data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:143:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. key_len = sprintf(str, "%lu", index); data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[16]; data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:210:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[16]; data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:279:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(type, "object"); data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:282:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(type, "resource"); data/php-amqp-1.10.2/amqp-1.10.2/amqp_type.c:285:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(type, "unknown"); data/php-amqp-1.10.2/amqp-1.10.2/php_amqp.h:267:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char verify_connection_error_tmp[255]; \ data/php-amqp-1.10.2/amqp-1.10.2/php_amqp.h:281:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char verify_channel_error_tmp[255]; \ data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:353:127: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("login"), INI_STR("amqp.login"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.login")) > 128 ? 128 : strlen(INI_STR("amqp.login"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:353:171: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("login"), INI_STR("amqp.login"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.login")) > 128 ? 128 : strlen(INI_STR("amqp.login"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:371:133: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("password"), INI_STR("amqp.password"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.password")) > 128 ? 128 : strlen(INI_STR("amqp.password"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:371:180: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("password"), INI_STR("amqp.password"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.password")) > 128 ? 128 : strlen(INI_STR("amqp.password"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:389:125: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("host"), INI_STR("amqp.host"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.host")) > 128 ? 128 : strlen(INI_STR("amqp.host"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:389:168: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("host"), INI_STR("amqp.host"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.host")) > 128 ? 128 : strlen(INI_STR("amqp.host"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:407:127: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("vhost"), INI_STR("amqp.vhost"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.vhost")) > 128 ? 128 : strlen(INI_STR("amqp.vhost"))) TSRMLS_CC); data/php-amqp-1.10.2/amqp-1.10.2/amqp_connection.c:407:171: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_update_property_stringl(this_ce, getThis(), ZEND_STRL("vhost"), INI_STR("amqp.vhost"), (PHP5to7_param_str_len_type_t) (strlen(INI_STR("amqp.vhost")) > 128 ? 128 : strlen(INI_STR("amqp.vhost"))) TSRMLS_CC); ANALYSIS SUMMARY: Hits = 22 Lines analyzed = 9344 in approximately 0.24 seconds (38189 lines/second) Physical Source Lines of Code (SLOC) = 5851 Hits@level = [0] 4 [1] 8 [2] 13 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 26 [1+] 22 [2+] 14 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 4.44368 [1+] 3.76004 [2+] 2.39275 [3+] 0.170911 [4+] 0.170911 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.