Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/protobuf-c-1.3.3/t/generated-code/test-generated-code.c
Examining data/protobuf-c-1.3.3/t/issue220/issue220.c
Examining data/protobuf-c-1.3.3/t/issue330/issue330.c
Examining data/protobuf-c-1.3.3/t/version/version.c
Examining data/protobuf-c-1.3.3/t/issue375/issue375.c
Examining data/protobuf-c-1.3.3/t/issue251/issue251.c
Examining data/protobuf-c-1.3.3/t/generated-code2/common-test-arrays.h
Examining data/protobuf-c-1.3.3/t/generated-code2/test-generated-code2.c
Examining data/protobuf-c-1.3.3/t/generated-code2/cxx-generate-packed-data.cc
Examining data/protobuf-c-1.3.3/protobuf-c/protobuf-c.h
Examining data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c
Examining data/protobuf-c-1.3.3/protoc-c/c_primitive_field.h
Examining data/protobuf-c-1.3.3/protoc-c/c_file.h
Examining data/protobuf-c-1.3.3/protoc-c/c_primitive_field.cc
Examining data/protobuf-c-1.3.3/protoc-c/main.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_enum.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_string_field.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_extension.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_service.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_service.h
Examining data/protobuf-c-1.3.3/protoc-c/c_bytes_field.h
Examining data/protobuf-c-1.3.3/protoc-c/c_message.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_helpers.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_helpers.h
Examining data/protobuf-c-1.3.3/protoc-c/c_enum.h
Examining data/protobuf-c-1.3.3/protoc-c/c_message.h
Examining data/protobuf-c-1.3.3/protoc-c/c_field.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_message_field.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_file.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_generator.h
Examining data/protobuf-c-1.3.3/protoc-c/c_extension.h
Examining data/protobuf-c-1.3.3/protoc-c/c_message_field.h
Examining data/protobuf-c-1.3.3/protoc-c/c_enum_field.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_enum_field.h
Examining data/protobuf-c-1.3.3/protoc-c/c_field.h
Examining data/protobuf-c-1.3.3/protoc-c/c_string_field.h
Examining data/protobuf-c-1.3.3/protoc-c/c_bytes_field.cc
Examining data/protobuf-c-1.3.3/protoc-c/c_generator.cc
FINAL RESULTS:
data/protobuf-c-1.3.3/protoc-c/c_helpers.cc:85:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/protobuf-c-1.3.3/protoc-c/c_helpers.cc:85:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/protobuf-c-1.3.3/protoc-c/c_helpers.cc:544:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(dest + used, (use_hex ? "\\x%02x" : "\\%03o"),
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_data, simp->data, simp->len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:213:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(simp->data + simp->len, data, len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:661:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
size_t len = strlen(((char **) array)[i]);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:917:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, &value, 4);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:948:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, &value, 8);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:1000:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out + rv, str, len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:1021:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out + rv, bd->data, len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:1278:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, n * 4);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:1301:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, n * 8);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:1462:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out + rv, field->data, field->len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2206:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_field, *p_earlier,
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2208:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_field +
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2323:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(latter_elem, earlier_elem, el_size);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2433:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t, data, 4);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2475:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t, data, 8);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2563:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*pstr, data + pref_len, len - pref_len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2586:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bd->data, data + pref_len, len - pref_len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2860:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(array, at, count * siz);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2893:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ufield->data, scanned_member->data, ufield->len);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2959:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, dv, 4);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2967:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, dv, 8);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2970:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, dv, sizeof(protobuf_c_boolean));
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:2973:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(field, dv, sizeof(ProtobufCBinaryData));
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:3045:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char required_fields_bitmap_stack[16];
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:3349:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
do_free(allocator, ((char **) arr)[i]);
data/protobuf-c-1.3.3/protoc-c/c_helpers.cc:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/protobuf-c-1.3.3/protoc-c/c_helpers.cc:105:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/protobuf-c-1.3.3/protoc-c/c_helpers.cc:345:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/protobuf-c-1.3.3/t/generated-code/test-generated-code.c:17:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char simple_pad[8];
data/protobuf-c-1.3.3/t/generated-code2/test-generated-code2.c:65:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scratch[16];
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:444:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = str ? strlen(str) : 0;
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:661:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(((char **) array)[i]);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:998:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/protobuf-c-1.3.3/protobuf-c/protobuf-c.c:1600:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sublen = str ? strlen(str) : 0;
ANALYSIS SUMMARY:
Hits = 37
Lines analyzed = 13453 in approximately 0.30 seconds (44662 lines/second)
Physical Source Lines of Code (SLOC) = 8764
Hits@level = [0] 21 [1] 4 [2] 30 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 58 [1+] 37 [2+] 33 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 6.61798 [1+] 4.22182 [2+] 3.7654 [3+] 0.342309 [4+] 0.342309 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.