Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/preload-0.6.4/src/state.c
Examining data/preload-0.6.4/src/conf.h
Examining data/preload-0.6.4/src/readahead.c
Examining data/preload-0.6.4/src/cmdline.c
Examining data/preload-0.6.4/src/readahead.h
Examining data/preload-0.6.4/src/spy.h
Examining data/preload-0.6.4/src/conf.c
Examining data/preload-0.6.4/src/preload.c
Examining data/preload-0.6.4/src/cmdline.h
Examining data/preload-0.6.4/src/proc.h
Examining data/preload-0.6.4/src/prophet.c
Examining data/preload-0.6.4/src/confkeys.h
Examining data/preload-0.6.4/src/state.h
Examining data/preload-0.6.4/src/prophet.h
Examining data/preload-0.6.4/src/common.h
Examining data/preload-0.6.4/src/proc.c
Examining data/preload-0.6.4/src/preload.h
Examining data/preload-0.6.4/src/log.c
Examining data/preload-0.6.4/src/spy.c
Examining data/preload-0.6.4/src/log.h
FINAL RESULTS:
data/preload-0.6.4/src/proc.c:187:10: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
len = readlink (name, exe_buffer, sizeof (exe_buffer));
data/preload-0.6.4/src/conf.c:93:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
g_strfreev (conf->system.mapprefix);
data/preload-0.6.4/src/conf.c:94:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
g_strfreev (conf->system.exeprefix);
data/preload-0.6.4/src/conf.h:51:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
} system;
data/preload-0.6.4/src/confkeys.h:7:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, boolean, doscan, true, -)
data/preload-0.6.4/src/confkeys.h:8:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, boolean, dopredict, true, -)
data/preload-0.6.4/src/confkeys.h:9:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, integer, autosave, 3600, seconds)
data/preload-0.6.4/src/confkeys.h:10:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, string_list, mapprefix, NULL, -)
data/preload-0.6.4/src/confkeys.h:11:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, string_list, exeprefix, NULL, -)
data/preload-0.6.4/src/confkeys.h:12:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, integer, maxprocs, 30, processes)
data/preload-0.6.4/src/confkeys.h:13:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
confkey(system, enum, sortstrategy, 3, -)
data/preload-0.6.4/src/preload.c:70:11: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl ("/sbin/init", "init", NULL);
data/preload-0.6.4/src/preload.c:71:11: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl ("/bin/init", "init", NULL);
data/preload-0.6.4/src/proc.c:117:76: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (count != 4 || !sanitize_file (file) || !accept_file (file, conf->system.mapprefix))
data/preload-0.6.4/src/proc.c:195:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!sanitize_file (exe_buffer) || !accept_file (exe_buffer, conf->system.exeprefix))
data/preload-0.6.4/src/proc.c:222:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (b) sscanf(b, tag" %d", &(v)); \
data/preload-0.6.4/src/proc.c:228:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (b) sscanf(b, tag" %d %d", &(v1), &(v2)); \
data/preload-0.6.4/src/readahead.c:121:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int maxprocs = conf->system.maxprocs;
data/preload-0.6.4/src/readahead.c:188:31: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
set_block (files[i], conf->system.sortstrategy == SORT_INODE);
data/preload-0.6.4/src/readahead.c:198:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
switch (conf->system.sortstrategy) {
data/preload-0.6.4/src/readahead.c:213:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
conf->system.sortstrategy);
data/preload-0.6.4/src/readahead.c:215:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
conf->system.sortstrategy = SORT_BLOCK;
data/preload-0.6.4/src/state.c:1165:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (conf->system.doscan) {
data/preload-0.6.4/src/state.c:1173:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (conf->system.dopredict) {
data/preload-0.6.4/src/state.c:1195:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
g_timeout_add_seconds (conf->system.autosave, (GSourceFunc)preload_state_autosave, NULL);
data/preload-0.6.4/src/state.c:1206:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
g_timeout_add_seconds (conf->system.autosave, (GSourceFunc)preload_state_autosave, NULL);
data/preload-0.6.4/src/cmdline.c:83:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
i = getopt_long (*argc, *argv, "hHvc:s:l:fn:V:d", opts, NULL);
data/preload-0.6.4/src/log.c:74:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (0 > (nullfd = open ("/dev/null", O_RDONLY)))
data/preload-0.6.4/src/log.c:77:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (0 > (logfd = open (logfile, O_WRONLY | O_CREAT | O_APPEND, 0600)))
data/preload-0.6.4/src/log.c:107:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (0 > (logfd = open (logfile, O_WRONLY | O_CREAT | O_APPEND, 0600))) {
data/preload-0.6.4/src/proc.c:91:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/preload-0.6.4/src/proc.c:94:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/preload-0.6.4/src/proc.c:100:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen (name, "r");
data/preload-0.6.4/src/proc.c:110:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[FILELEN];
data/preload-0.6.4/src/proc.c:177:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/preload-0.6.4/src/proc.c:178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exe_buffer[FILELEN];
data/preload-0.6.4/src/proc.c:181:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = atoi (entry->d_name);
data/preload-0.6.4/src/proc.c:211:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, O_RDONLY)) != -1) { \
data/preload-0.6.4/src/proc.c:235:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/preload-0.6.4/src/prophet.c:203:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(state->memstat), &memstat, sizeof (memstat));
data/preload-0.6.4/src/readahead.c:44:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file->path, O_RDONLY);
data/preload-0.6.4/src/readahead.c:146:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path,
data/preload-0.6.4/src/state.c:516:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebuf[FILELEN];
data/preload-0.6.4/src/state.c:740:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[32] = "";
data/preload-0.6.4/src/state.c:1053:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
char *tmpfile;
data/preload-0.6.4/src/state.c:1058:52: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_debug ("to be honest, saving state to %s", tmpfile);
data/preload-0.6.4/src/state.c:1060:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (tmpfile, O_WRONLY | O_CREAT, 0660);
data/preload-0.6.4/src/state.c:1060:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fd = open (tmpfile, O_WRONLY | O_CREAT, 0660);
data/preload-0.6.4/src/state.c:1062:58: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_critical ("cannot open %s for writing, ignoring: %s", tmpfile, strerror (errno));
data/preload-0.6.4/src/state.c:1071:60: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_critical ("failed writing state to %s, ignoring: %s", tmpfile, errmsg);
data/preload-0.6.4/src/state.c:1073:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_unlink (tmpfile);
data/preload-0.6.4/src/state.c:1075:22: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if (0 > g_rename (tmpfile, statefile)) {
data/preload-0.6.4/src/state.c:1076:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_critical ("failed to rename %s to %s", tmpfile, statefile);
data/preload-0.6.4/src/state.c:1078:48: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_debug ("successfully renamed %s to %s", tmpfile, statefile);
data/preload-0.6.4/src/state.c:1084:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
g_free (tmpfile);
data/preload-0.6.4/src/cmdline.c:157:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen (opt->name);
data/preload-0.6.4/src/log.c:43:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
timestr[strlen (timestr) - 1] = '\0';
data/preload-0.6.4/src/preload.c:78:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask (0007);
data/preload-0.6.4/src/proc.c:80:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp (file, p, strlen (p)))
data/preload-0.6.4/src/proc.c:212:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd, buf, sizeof (buf) - 1)) < 0) \
data/preload-0.6.4/src/state.c:764:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (1 > sscanf (rc.line,
data/preload-0.6.4/src/state.c:770:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc.line += strlen (tag);
ANALYSIS SUMMARY:
Hits = 62
Lines analyzed = 3155 in approximately 0.13 seconds (24884 lines/second)
Physical Source Lines of Code (SLOC) = 2100
Hits@level = [0] 37 [1] 7 [2] 28 [3] 1 [4] 25 [5] 1
Hits@level+ = [0+] 99 [1+] 62 [2+] 55 [3+] 27 [4+] 26 [5+] 1
Hits/KSLOC@level+ = [0+] 47.1429 [1+] 29.5238 [2+] 26.1905 [3+] 12.8571 [4+] 12.381 [5+] 0.47619
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.