Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse.h
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.h
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.c
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.h
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/arginfo.h
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse.h
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.h
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.c
Examining data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.h
FINAL RESULTS:
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:1161:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[i], "%s%c", intbuf, id->next ? '.' : '\0');
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:437:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newstr, Z_STRVAL_PP(zheaderval));
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:439:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newstr, header_val);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.c:42:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define DBG_STATE(lbl) printf(lbl " %d:%c %d:%c\n", *YYCURSOR, *YYCURSOR, *start, *start)
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.c:341:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(toks->buffer, header);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:1155:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buf[i], "%s%c", intbuf, id->next ? '.' : '\0');
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:437:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newstr, Z_STRVAL_P(zheaderval));
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:439:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newstr, header_val);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.c:39:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define DBG_STATE(lbl) printf(lbl " %d:%c %d:%c\n", *YYCURSOR, *YYCURSOR, *start, *start)
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.c:338:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(toks->buffer, header);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:295:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:1139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intbuf[16];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:1147:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intbuf, "%d", id->id);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:438:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(newstr, ", ");
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.c:424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret + len, tokvalue, toklen);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:1133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intbuf[16];
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:1141:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(intbuf, "%d", id->id);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:438:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(newstr, ", ");
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.c:421:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret + len, tokvalue, toklen);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:530:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(origfilename);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:612:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(origfilename);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:804:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(origfilename);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:1012:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:1148:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(intbuf);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/mailparse.c:1430:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SUCCESS == zend_hash_find(Z_ARRVAL_P(headers), headerkey, strlen(headerkey)+1, (void**)&headerval)) {
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:208:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
charset_p = *(name+strlen(name)-1) == '*';
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:386:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SUCCESS == zend_hash_find(Z_ARRVAL_P(attr->attributes), attrname, strlen(attrname)+1, (void**)&attrval))
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:430:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SUCCESS == zend_hash_find(Z_ARRVAL_P(part->headerhash), header_key, strlen(header_key)+1, (void**)&zheaderval)) {
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:434:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(header_val) + Z_STRLEN_PP(zheaderval) + 3;
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:442:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(zend_hash_find(Z_ARRVAL_P(part->headerhash), header_key, strlen(header_key)+1, (void**)&zheaderval) == SUCCESS) {
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_mime.c:589:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bound_len = strlen(workpart->boundary);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.c:59:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
YYLIMIT = YYCURSOR + strlen(YYCURSOR) + 1;
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-2.1.7-dev/php_mailparse_rfc822.c:338:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(header);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:530:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(origfilename);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:612:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(origfilename);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:802:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(origfilename);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:1012:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:1142:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(intbuf);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/mailparse.c:1417:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash_key = zend_string_init(headerkey, strlen(headerkey), 0);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:206:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
charset_p = *(name+strlen(name)-1) == '*';
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:379:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash_key = zend_string_init(attrname, strlen(attrname), 0);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:429:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header_zstring = zend_string_init(header_key, strlen(header_key), 0);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:434:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newlen = strlen(header_val) + Z_STRLEN_P(zheaderval) + 3;
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_mime.c:597:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bound_len = strlen(workpart->boundary);
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.c:57:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
YYLIMIT = YYCURSOR + strlen(YYCURSOR) + 1;
data/php-mailparse-3.1.0+2.1.7~dev20160128/mailparse-3.1.0/php_mailparse_rfc822.c:335:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(header);
ANALYSIS SUMMARY:
Hits = 53
Lines analyzed = 7210 in approximately 0.18 seconds (39721 lines/second)
Physical Source Lines of Code (SLOC) = 5172
Hits@level = [0] 14 [1] 27 [2] 16 [3] 0 [4] 10 [5] 0
Hits@level+ = [0+] 67 [1+] 53 [2+] 26 [3+] 10 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 12.9544 [1+] 10.2475 [2+] 5.02707 [3+] 1.93349 [4+] 1.93349 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.