Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pycparser-2.20/utils/fake_libc_include/getopt.h
Examining data/pycparser-2.20/utils/fake_libc_include/reent.h
Examining data/pycparser-2.20/utils/fake_libc_include/envz.h
Examining data/pycparser-2.20/utils/fake_libc_include/tgmath.h
Examining data/pycparser-2.20/utils/fake_libc_include/semaphore.h
Examining data/pycparser-2.20/utils/fake_libc_include/_syslist.h
Examining data/pycparser-2.20/utils/fake_libc_include/libgen.h
Examining data/pycparser-2.20/utils/fake_libc_include/dirent.h
Examining data/pycparser-2.20/utils/fake_libc_include/pwd.h
Examining data/pycparser-2.20/utils/fake_libc_include/limits.h
Examining data/pycparser-2.20/utils/fake_libc_include/utime.h
Examining data/pycparser-2.20/utils/fake_libc_include/stddef.h
Examining data/pycparser-2.20/utils/fake_libc_include/smmintrin.h
Examining data/pycparser-2.20/utils/fake_libc_include/dlfcn.h
Examining data/pycparser-2.20/utils/fake_libc_include/netinet/in.h
Examining data/pycparser-2.20/utils/fake_libc_include/netinet/tcp.h
Examining data/pycparser-2.20/utils/fake_libc_include/stdio.h
Examining data/pycparser-2.20/utils/fake_libc_include/xcb/xcb.h
Examining data/pycparser-2.20/utils/fake_libc_include/unctrl.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/stat.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/times.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/ioctl.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/msg.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/select.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/wait.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/utsname.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/types.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/poll.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/sem.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/time.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/socket.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/shm.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/un.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/resource.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/mman.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/statvfs.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/sysctl.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/uio.h
Examining data/pycparser-2.20/utils/fake_libc_include/sys/ipc.h
Examining data/pycparser-2.20/utils/fake_libc_include/regex.h
Examining data/pycparser-2.20/utils/fake_libc_include/fastmath.h
Examining data/pycparser-2.20/utils/fake_libc_include/netdb.h
Examining data/pycparser-2.20/utils/fake_libc_include/strings.h
Examining data/pycparser-2.20/utils/fake_libc_include/zlib.h
Examining data/pycparser-2.20/utils/fake_libc_include/alloca.h
Examining data/pycparser-2.20/utils/fake_libc_include/monetary.h
Examining data/pycparser-2.20/utils/fake_libc_include/ulimit.h
Examining data/pycparser-2.20/utils/fake_libc_include/string.h
Examining data/pycparser-2.20/utils/fake_libc_include/math.h
Examining data/pycparser-2.20/utils/fake_libc_include/fmtmsg.h
Examining data/pycparser-2.20/utils/fake_libc_include/malloc.h
Examining data/pycparser-2.20/utils/fake_libc_include/cpio.h
Examining data/pycparser-2.20/utils/fake_libc_include/paths.h
Examining data/pycparser-2.20/utils/fake_libc_include/utmp.h
Examining data/pycparser-2.20/utils/fake_libc_include/_ansi.h
Examining data/pycparser-2.20/utils/fake_libc_include/tar.h
Examining data/pycparser-2.20/utils/fake_libc_include/_fake_defines.h
Examining data/pycparser-2.20/utils/fake_libc_include/newlib.h
Examining data/pycparser-2.20/utils/fake_libc_include/unistd.h
Examining data/pycparser-2.20/utils/fake_libc_include/poll.h
Examining data/pycparser-2.20/utils/fake_libc_include/grp.h
Examining data/pycparser-2.20/utils/fake_libc_include/float.h
Examining data/pycparser-2.20/utils/fake_libc_include/regdef.h
Examining data/pycparser-2.20/utils/fake_libc_include/ar.h
Examining data/pycparser-2.20/utils/fake_libc_include/assert.h
Examining data/pycparser-2.20/utils/fake_libc_include/stropts.h
Examining data/pycparser-2.20/utils/fake_libc_include/trace.h
Examining data/pycparser-2.20/utils/fake_libc_include/complex.h
Examining data/pycparser-2.20/utils/fake_libc_include/sched.h
Examining data/pycparser-2.20/utils/fake_libc_include/pthread.h
Examining data/pycparser-2.20/utils/fake_libc_include/stdarg.h
Examining data/pycparser-2.20/utils/fake_libc_include/time.h
Examining data/pycparser-2.20/utils/fake_libc_include/linux/socket.h
Examining data/pycparser-2.20/utils/fake_libc_include/linux/version.h
Examining data/pycparser-2.20/utils/fake_libc_include/emmintrin.h
Examining data/pycparser-2.20/utils/fake_libc_include/fnmatch.h
Examining data/pycparser-2.20/utils/fake_libc_include/spawn.h
Examining data/pycparser-2.20/utils/fake_libc_include/iconv.h
Examining data/pycparser-2.20/utils/fake_libc_include/argz.h
Examining data/pycparser-2.20/utils/fake_libc_include/openssl/evp.h
Examining data/pycparser-2.20/utils/fake_libc_include/openssl/x509v3.h
Examining data/pycparser-2.20/utils/fake_libc_include/openssl/err.h
Examining data/pycparser-2.20/utils/fake_libc_include/openssl/ssl.h
Examining data/pycparser-2.20/utils/fake_libc_include/openssl/hmac.h
Examining data/pycparser-2.20/utils/fake_libc_include/wchar.h
Examining data/pycparser-2.20/utils/fake_libc_include/inttypes.h
Examining data/pycparser-2.20/utils/fake_libc_include/process.h
Examining data/pycparser-2.20/utils/fake_libc_include/aio.h
Examining data/pycparser-2.20/utils/fake_libc_include/ftw.h
Examining data/pycparser-2.20/utils/fake_libc_include/wordexp.h
Examining data/pycparser-2.20/utils/fake_libc_include/termios.h
Examining data/pycparser-2.20/utils/fake_libc_include/endian.h
Examining data/pycparser-2.20/utils/fake_libc_include/locale.h
Examining data/pycparser-2.20/utils/fake_libc_include/mir_toolkit/client_types.h
Examining data/pycparser-2.20/utils/fake_libc_include/ctype.h
Examining data/pycparser-2.20/utils/fake_libc_include/net/if.h
Examining data/pycparser-2.20/utils/fake_libc_include/_fake_typedefs.h
Examining data/pycparser-2.20/utils/fake_libc_include/wctype.h
Examining data/pycparser-2.20/utils/fake_libc_include/stdlib.h
Examining data/pycparser-2.20/utils/fake_libc_include/arpa/inet.h
Examining data/pycparser-2.20/utils/fake_libc_include/search.h
Examining data/pycparser-2.20/utils/fake_libc_include/fenv.h
Examining data/pycparser-2.20/utils/fake_libc_include/utmpx.h
Examining data/pycparser-2.20/utils/fake_libc_include/stdbool.h
Examining data/pycparser-2.20/utils/fake_libc_include/langinfo.h
Examining data/pycparser-2.20/utils/fake_libc_include/errno.h
Examining data/pycparser-2.20/utils/fake_libc_include/fcntl.h
Examining data/pycparser-2.20/utils/fake_libc_include/X11/Xlib.h
Examining data/pycparser-2.20/utils/fake_libc_include/X11/_X11_fake_defines.h
Examining data/pycparser-2.20/utils/fake_libc_include/X11/_X11_fake_typedefs.h
Examining data/pycparser-2.20/utils/fake_libc_include/X11/Intrinsic.h
Examining data/pycparser-2.20/utils/fake_libc_include/signal.h
Examining data/pycparser-2.20/utils/fake_libc_include/nl_types.h
Examining data/pycparser-2.20/utils/fake_libc_include/ndbm.h
Examining data/pycparser-2.20/utils/fake_libc_include/setjmp.h
Examining data/pycparser-2.20/utils/fake_libc_include/iso646.h
Examining data/pycparser-2.20/utils/fake_libc_include/asm-generic/int-ll64.h
Examining data/pycparser-2.20/utils/fake_libc_include/stdint.h
Examining data/pycparser-2.20/utils/fake_libc_include/features.h
Examining data/pycparser-2.20/utils/fake_libc_include/mqueue.h
Examining data/pycparser-2.20/utils/fake_libc_include/ieeefp.h
Examining data/pycparser-2.20/utils/fake_libc_include/syslog.h
Examining data/pycparser-2.20/utils/fake_libc_include/glob.h
Examining data/pycparser-2.20/utils/fake_libc_include/libintl.h
Examining data/pycparser-2.20/utils/fake_libc_include/immintrin.h
Examining data/pycparser-2.20/examples/c_files/memmgr.c
Examining data/pycparser-2.20/examples/c_files/hash.c
Examining data/pycparser-2.20/examples/c_files/year.c
Examining data/pycparser-2.20/examples/c_files/memmgr.h
Examining data/pycparser-2.20/examples/c_files/funky.c
Examining data/pycparser-2.20/tests/c_files/memmgr.c
Examining data/pycparser-2.20/tests/c_files/memmgr_with_h.c
Examining data/pycparser-2.20/tests/c_files/simplemain.c
Examining data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c
Examining data/pycparser-2.20/tests/c_files/example_c_file.c
Examining data/pycparser-2.20/tests/c_files/year.c
Examining data/pycparser-2.20/tests/c_files/memmgr.h
Examining data/pycparser-2.20/tests/c_files/empty.h
Examining data/pycparser-2.20/tests/c_files/hdir/9/inc.h
FINAL RESULTS:
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4586:8: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
char * gets();
data/pycparser-2.20/examples/c_files/hash.c:90:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hash->heads[index]->entry->key, entry->key);
data/pycparser-2.20/examples/c_files/hash.c:91:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hash->heads[index]->entry->value, entry->value);
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4564:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int fprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4566:5: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int fscanf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4568:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int printf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4570:5: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int scanf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4572:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int sscanf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4574:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int vfprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4576:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int vprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4578:5: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
int vsprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4612:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
int sprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4651:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4670:5: [4] (buffer) vfscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int vfscanf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4676:5: [4] (buffer) vscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int vscanf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4684:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4686:5: [4] (buffer) vsscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int vsscanf();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4701:8: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FILE * popen();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4558:8: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
char * tmpnam();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4655:8: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
char * tempnam();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2141:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __wchb[4];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2297:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char _ubuf[3];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2298:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char _nbuf[1];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2572:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _emergency[25];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2597:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _asctime_buf[26];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2605:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _l64a_buf[8];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2606:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _signal_buf[24];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2619:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * _nextf[30];
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4557:8: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE * tmpfile();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4611:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fopen();
data/pycparser-2.20/examples/c_files/hash.c:88:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash->heads[index]->entry->key = malloc(strlen(entry->key)+1);
data/pycparser-2.20/examples/c_files/hash.c:89:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash->heads[index]->entry->value = malloc(strlen(entry->value)+1);
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4580:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fgetc();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4584:5: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int getc();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4585:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int getchar();
data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4914:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cookie_read_function_t *read;
ANALYSIS SUMMARY:
Hits = 36
Lines analyzed = 7044 in approximately 0.13 seconds (56215 lines/second)
Physical Source Lines of Code (SLOC) = 2046
Hits@level = [0] 26 [1] 6 [2] 10 [3] 2 [4] 17 [5] 1
Hits@level+ = [0+] 62 [1+] 36 [2+] 30 [3+] 20 [4+] 18 [5+] 1
Hits/KSLOC@level+ = [0+] 30.303 [1+] 17.5953 [2+] 14.6628 [3+] 9.77517 [4+] 8.79765 [5+] 0.488759
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.