Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/pycparser-2.20/utils/fake_libc_include/getopt.h Examining data/pycparser-2.20/utils/fake_libc_include/reent.h Examining data/pycparser-2.20/utils/fake_libc_include/envz.h Examining data/pycparser-2.20/utils/fake_libc_include/tgmath.h Examining data/pycparser-2.20/utils/fake_libc_include/semaphore.h Examining data/pycparser-2.20/utils/fake_libc_include/_syslist.h Examining data/pycparser-2.20/utils/fake_libc_include/libgen.h Examining data/pycparser-2.20/utils/fake_libc_include/dirent.h Examining data/pycparser-2.20/utils/fake_libc_include/pwd.h Examining data/pycparser-2.20/utils/fake_libc_include/limits.h Examining data/pycparser-2.20/utils/fake_libc_include/utime.h Examining data/pycparser-2.20/utils/fake_libc_include/stddef.h Examining data/pycparser-2.20/utils/fake_libc_include/smmintrin.h Examining data/pycparser-2.20/utils/fake_libc_include/dlfcn.h Examining data/pycparser-2.20/utils/fake_libc_include/netinet/in.h Examining data/pycparser-2.20/utils/fake_libc_include/netinet/tcp.h Examining data/pycparser-2.20/utils/fake_libc_include/stdio.h Examining data/pycparser-2.20/utils/fake_libc_include/xcb/xcb.h Examining data/pycparser-2.20/utils/fake_libc_include/unctrl.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/stat.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/times.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/ioctl.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/msg.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/select.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/wait.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/utsname.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/types.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/poll.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/sem.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/time.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/socket.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/shm.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/un.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/resource.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/mman.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/statvfs.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/sysctl.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/uio.h Examining data/pycparser-2.20/utils/fake_libc_include/sys/ipc.h Examining data/pycparser-2.20/utils/fake_libc_include/regex.h Examining data/pycparser-2.20/utils/fake_libc_include/fastmath.h Examining data/pycparser-2.20/utils/fake_libc_include/netdb.h Examining data/pycparser-2.20/utils/fake_libc_include/strings.h Examining data/pycparser-2.20/utils/fake_libc_include/zlib.h Examining data/pycparser-2.20/utils/fake_libc_include/alloca.h Examining data/pycparser-2.20/utils/fake_libc_include/monetary.h Examining data/pycparser-2.20/utils/fake_libc_include/ulimit.h Examining data/pycparser-2.20/utils/fake_libc_include/string.h Examining data/pycparser-2.20/utils/fake_libc_include/math.h Examining data/pycparser-2.20/utils/fake_libc_include/fmtmsg.h Examining data/pycparser-2.20/utils/fake_libc_include/malloc.h Examining data/pycparser-2.20/utils/fake_libc_include/cpio.h Examining data/pycparser-2.20/utils/fake_libc_include/paths.h Examining data/pycparser-2.20/utils/fake_libc_include/utmp.h Examining data/pycparser-2.20/utils/fake_libc_include/_ansi.h Examining data/pycparser-2.20/utils/fake_libc_include/tar.h Examining data/pycparser-2.20/utils/fake_libc_include/_fake_defines.h Examining data/pycparser-2.20/utils/fake_libc_include/newlib.h Examining data/pycparser-2.20/utils/fake_libc_include/unistd.h Examining data/pycparser-2.20/utils/fake_libc_include/poll.h Examining data/pycparser-2.20/utils/fake_libc_include/grp.h Examining data/pycparser-2.20/utils/fake_libc_include/float.h Examining data/pycparser-2.20/utils/fake_libc_include/regdef.h Examining data/pycparser-2.20/utils/fake_libc_include/ar.h Examining data/pycparser-2.20/utils/fake_libc_include/assert.h Examining data/pycparser-2.20/utils/fake_libc_include/stropts.h Examining data/pycparser-2.20/utils/fake_libc_include/trace.h Examining data/pycparser-2.20/utils/fake_libc_include/complex.h Examining data/pycparser-2.20/utils/fake_libc_include/sched.h Examining data/pycparser-2.20/utils/fake_libc_include/pthread.h Examining data/pycparser-2.20/utils/fake_libc_include/stdarg.h Examining data/pycparser-2.20/utils/fake_libc_include/time.h Examining data/pycparser-2.20/utils/fake_libc_include/linux/socket.h Examining data/pycparser-2.20/utils/fake_libc_include/linux/version.h Examining data/pycparser-2.20/utils/fake_libc_include/emmintrin.h Examining data/pycparser-2.20/utils/fake_libc_include/fnmatch.h Examining data/pycparser-2.20/utils/fake_libc_include/spawn.h Examining data/pycparser-2.20/utils/fake_libc_include/iconv.h Examining data/pycparser-2.20/utils/fake_libc_include/argz.h Examining data/pycparser-2.20/utils/fake_libc_include/openssl/evp.h Examining data/pycparser-2.20/utils/fake_libc_include/openssl/x509v3.h Examining data/pycparser-2.20/utils/fake_libc_include/openssl/err.h Examining data/pycparser-2.20/utils/fake_libc_include/openssl/ssl.h Examining data/pycparser-2.20/utils/fake_libc_include/openssl/hmac.h Examining data/pycparser-2.20/utils/fake_libc_include/wchar.h Examining data/pycparser-2.20/utils/fake_libc_include/inttypes.h Examining data/pycparser-2.20/utils/fake_libc_include/process.h Examining data/pycparser-2.20/utils/fake_libc_include/aio.h Examining data/pycparser-2.20/utils/fake_libc_include/ftw.h Examining data/pycparser-2.20/utils/fake_libc_include/wordexp.h Examining data/pycparser-2.20/utils/fake_libc_include/termios.h Examining data/pycparser-2.20/utils/fake_libc_include/endian.h Examining data/pycparser-2.20/utils/fake_libc_include/locale.h Examining data/pycparser-2.20/utils/fake_libc_include/mir_toolkit/client_types.h Examining data/pycparser-2.20/utils/fake_libc_include/ctype.h Examining data/pycparser-2.20/utils/fake_libc_include/net/if.h Examining data/pycparser-2.20/utils/fake_libc_include/_fake_typedefs.h Examining data/pycparser-2.20/utils/fake_libc_include/wctype.h Examining data/pycparser-2.20/utils/fake_libc_include/stdlib.h Examining data/pycparser-2.20/utils/fake_libc_include/arpa/inet.h Examining data/pycparser-2.20/utils/fake_libc_include/search.h Examining data/pycparser-2.20/utils/fake_libc_include/fenv.h Examining data/pycparser-2.20/utils/fake_libc_include/utmpx.h Examining data/pycparser-2.20/utils/fake_libc_include/stdbool.h Examining data/pycparser-2.20/utils/fake_libc_include/langinfo.h Examining data/pycparser-2.20/utils/fake_libc_include/errno.h Examining data/pycparser-2.20/utils/fake_libc_include/fcntl.h Examining data/pycparser-2.20/utils/fake_libc_include/X11/Xlib.h Examining data/pycparser-2.20/utils/fake_libc_include/X11/_X11_fake_defines.h Examining data/pycparser-2.20/utils/fake_libc_include/X11/_X11_fake_typedefs.h Examining data/pycparser-2.20/utils/fake_libc_include/X11/Intrinsic.h Examining data/pycparser-2.20/utils/fake_libc_include/signal.h Examining data/pycparser-2.20/utils/fake_libc_include/nl_types.h Examining data/pycparser-2.20/utils/fake_libc_include/ndbm.h Examining data/pycparser-2.20/utils/fake_libc_include/setjmp.h Examining data/pycparser-2.20/utils/fake_libc_include/iso646.h Examining data/pycparser-2.20/utils/fake_libc_include/asm-generic/int-ll64.h Examining data/pycparser-2.20/utils/fake_libc_include/stdint.h Examining data/pycparser-2.20/utils/fake_libc_include/features.h Examining data/pycparser-2.20/utils/fake_libc_include/mqueue.h Examining data/pycparser-2.20/utils/fake_libc_include/ieeefp.h Examining data/pycparser-2.20/utils/fake_libc_include/syslog.h Examining data/pycparser-2.20/utils/fake_libc_include/glob.h Examining data/pycparser-2.20/utils/fake_libc_include/libintl.h Examining data/pycparser-2.20/utils/fake_libc_include/immintrin.h Examining data/pycparser-2.20/examples/c_files/memmgr.c Examining data/pycparser-2.20/examples/c_files/hash.c Examining data/pycparser-2.20/examples/c_files/year.c Examining data/pycparser-2.20/examples/c_files/memmgr.h Examining data/pycparser-2.20/examples/c_files/funky.c Examining data/pycparser-2.20/tests/c_files/memmgr.c Examining data/pycparser-2.20/tests/c_files/memmgr_with_h.c Examining data/pycparser-2.20/tests/c_files/simplemain.c Examining data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c Examining data/pycparser-2.20/tests/c_files/example_c_file.c Examining data/pycparser-2.20/tests/c_files/year.c Examining data/pycparser-2.20/tests/c_files/memmgr.h Examining data/pycparser-2.20/tests/c_files/empty.h Examining data/pycparser-2.20/tests/c_files/hdir/9/inc.h FINAL RESULTS: data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4586:8: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. char * gets(); data/pycparser-2.20/examples/c_files/hash.c:90:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hash->heads[index]->entry->key, entry->key); data/pycparser-2.20/examples/c_files/hash.c:91:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(hash->heads[index]->entry->value, entry->value); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4564:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int fprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4566:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int fscanf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4568:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int printf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4570:5: [4] (buffer) scanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int scanf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4572:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int sscanf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4574:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vfprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4576:5: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int vprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4578:5: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. int vsprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4612:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. int sprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4651:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int snprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4670:5: [4] (buffer) vfscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int vfscanf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4676:5: [4] (buffer) vscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int vscanf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4684:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int vsnprintf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4686:5: [4] (buffer) vsscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. int vsscanf(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4701:8: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE * popen(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4558:8: [3] (tmpfile) tmpnam: Temporary file race condition (CWE-377). char * tmpnam(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4655:8: [3] (tmpfile) tempnam: Temporary file race condition (CWE-377). char * tempnam(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2141:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char __wchb[4]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2297:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char _ubuf[3]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2298:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char _nbuf[1]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2572:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _emergency[25]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2597:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _asctime_buf[26]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2605:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _l64a_buf[8]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2606:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _signal_buf[24]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:2619:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char * _nextf[30]; data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4557:8: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE * tmpfile(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4611:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * fopen(); data/pycparser-2.20/examples/c_files/hash.c:88:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash->heads[index]->entry->key = malloc(strlen(entry->key)+1); data/pycparser-2.20/examples/c_files/hash.c:89:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hash->heads[index]->entry->value = malloc(strlen(entry->value)+1); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4580:5: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int fgetc(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4584:5: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int getc(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4585:5: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int getchar(); data/pycparser-2.20/tests/c_files/cppd_with_stdio_h.c:4914:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cookie_read_function_t *read; ANALYSIS SUMMARY: Hits = 36 Lines analyzed = 7044 in approximately 0.13 seconds (56215 lines/second) Physical Source Lines of Code (SLOC) = 2046 Hits@level = [0] 26 [1] 6 [2] 10 [3] 2 [4] 17 [5] 1 Hits@level+ = [0+] 62 [1+] 36 [2+] 30 [3+] 20 [4+] 18 [5+] 1 Hits/KSLOC@level+ = [0+] 30.303 [1+] 17.5953 [2+] 14.6628 [3+] 9.77517 [4+] 8.79765 [5+] 0.488759 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.