Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/quotatool-1.6.2/src/aix/quota.c
Examining data/quotatool-1.6.2/src/bsd/quota.c
Examining data/quotatool-1.6.2/src/darwin/quota.c
Examining data/quotatool-1.6.2/src/linux/dqblk_old.h
Examining data/quotatool-1.6.2/src/linux/dqblk_v0.h
Examining data/quotatool-1.6.2/src/linux/linux_quota.h
Examining data/quotatool-1.6.2/src/linux/xfs_quota.h
Examining data/quotatool-1.6.2/src/linux/quota.c
Examining data/quotatool-1.6.2/src/main.c
Parsing failed to find end of parameter list; semicolon terminated it in ("%d %s %" PRIu64 " %" PRIu64 " %" PRIu64 " %lu %" PRIu64 " %" PRIu64 " %" PRIu64 " %lu\n",
#else
printf("%d %s %llu %llu %llu %lu %llu %llu %llu %lu\n",
#endif
id,
argdata->qfile,
Examining data/quotatool-1.6.2/src/output.c
Examining data/quotatool-1.6.2/src/parse.h
Examining data/quotatool-1.6.2/src/quotatool.h
Examining data/quotatool-1.6.2/src/solaris/quota.c
Examining data/quotatool-1.6.2/src/system.c
Examining data/quotatool-1.6.2/src/system.h
Examining data/quotatool-1.6.2/src/output.h
Examining data/quotatool-1.6.2/src/parse.c
Examining data/quotatool-1.6.2/src/quota.h
FINAL RESULTS:
data/quotatool-1.6.2/src/aix/quota.c:53:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(qfile,fs->mount_pt);
data/quotatool-1.6.2/src/bsd/quota.c:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (qfile, fs->mount_pt);
data/quotatool-1.6.2/src/bsd/quota.c:70:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (qfile, q_filename);
data/quotatool-1.6.2/src/darwin/quota.c:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (qfile, fs->mount_pt);
data/quotatool-1.6.2/src/darwin/quota.c:70:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (qfile, q_filename);
data/quotatool-1.6.2/src/output.c:85:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, arglist);
data/quotatool-1.6.2/src/parse.c:73:11: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt(argc, argv, OPTSTRING);
data/quotatool-1.6.2/src/aix/quota.c:54:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(qfile,"/quota.user");
data/quotatool-1.6.2/src/aix/quota.c:149:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_quota, myquota, sizeof(quota_t));
data/quotatool-1.6.2/src/bsd/quota.c:169:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_quota, myquota, sizeof(quota_t));
data/quotatool-1.6.2/src/darwin/quota.c:167:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_quota, myquota, sizeof(quota_t));
data/quotatool-1.6.2/src/linux/quota.c:520:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen("/proc/fs/quota", "r"))) {
data/quotatool-1.6.2/src/linux/quota.c:570:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1024]; /* Just temporary buffer */
data/quotatool-1.6.2/src/linux/quota.c:609:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_quota, myquota, sizeof(quota_t));
data/quotatool-1.6.2/src/linux/xfs_quota.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_padding4[8]; /* yet more padding */
data/quotatool-1.6.2/src/solaris/quota.c:79:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
qfd = open (myquota->_qfile, O_RDWR);
data/quotatool-1.6.2/src/solaris/quota.c:143:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
qfd = open (myquota->_qfile, O_WRONLY);
data/quotatool-1.6.2/src/solaris/quota.c:170:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp_quota, myquota, sizeof(quota_t));
data/quotatool-1.6.2/src/system.c:30:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define setmntent(file,mode) fopen((file),(mode))
data/quotatool-1.6.2/src/system.h:26:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[PATH_MAX];
data/quotatool-1.6.2/src/system.h:27:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mount_pt[PATH_MAX];
data/quotatool-1.6.2/src/system.h:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnt_type[PATH_MAX]; /* xfs, reiserfs, ext2 etc */
data/quotatool-1.6.2/src/aix/quota.c:52:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qfile = malloc (strlen(fs->mount_pt)+13);
data/quotatool-1.6.2/src/bsd/quota.c:55:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qfile = malloc (strlen(fs->mount_pt) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/bsd/quota.c:55:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qfile = malloc (strlen(fs->mount_pt) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/bsd/quota.c:62:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(qfile, fs->mount_pt, strlen(fs->mount_pt) + 1);
data/quotatool-1.6.2/src/bsd/quota.c:68:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(qfile, q_filename, strlen(qfile) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/bsd/quota.c:68:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(qfile, q_filename, strlen(qfile) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/bsd/quota.c:74:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(qfile) > 1 && qfile[0] == '/' && qfile[1] == '/') qfile++;
data/quotatool-1.6.2/src/darwin/quota.c:55:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qfile = malloc (strlen(fs->mount_pt) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/darwin/quota.c:55:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qfile = malloc (strlen(fs->mount_pt) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/darwin/quota.c:62:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(qfile, fs->mount_pt, strlen(fs->mount_pt) + 1);
data/quotatool-1.6.2/src/darwin/quota.c:68:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(qfile, q_filename, strlen(qfile) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/darwin/quota.c:68:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(qfile, q_filename, strlen(qfile) + strlen(q_filename) + 1);
data/quotatool-1.6.2/src/darwin/quota.c:74:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(qfile) > 1 && qfile[0] == '/' && qfile[1] == '/') qfile++;
data/quotatool-1.6.2/src/main.c:50:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( strlen(argdata->id) > 1 && argdata->id[0] == ':' && isdigit(argdata->id[1]) ) {
data/quotatool-1.6.2/src/parse.c:296:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ! data->qfile || strlen(data->qfile) == 0) {
data/quotatool-1.6.2/src/parse.c:302:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(data->qfile) > 1) {
data/quotatool-1.6.2/src/parse.c:303:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (data->qfile[strlen(data->qfile) - 1] != '/') break;
data/quotatool-1.6.2/src/parse.c:304:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data->qfile[strlen(data->qfile) - 1] = '\0';
data/quotatool-1.6.2/src/solaris/quota.c:49:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fs->mount_pt) + strlen(QUOTAFILE) + 2;
data/quotatool-1.6.2/src/solaris/quota.c:49:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fs->mount_pt) + strlen(QUOTAFILE) + 2;
data/quotatool-1.6.2/src/system.c:175:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ent->mnt_type, current_fs->mnt_type, PATH_MAX-1);
data/quotatool-1.6.2/src/system.c:179:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
loopd_start += strlen(LOOP_PREFIX);
data/quotatool-1.6.2/src/system.c:186:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ent->device, loopd_start, loopd_end - loopd_start);
data/quotatool-1.6.2/src/system.c:201:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ent->device, current_fs->mnt_special, PATH_MAX-1);
data/quotatool-1.6.2/src/system.c:202:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ent->mount_pt, current_fs->mnt_mountp, PATH_MAX-1);
ANALYSIS SUMMARY:
Hits = 47
Lines analyzed = 3079 in approximately 0.08 seconds (36993 lines/second)
Physical Source Lines of Code (SLOC) = 2198
Hits@level = [0] 30 [1] 25 [2] 15 [3] 1 [4] 6 [5] 0
Hits@level+ = [0+] 77 [1+] 47 [2+] 22 [3+] 7 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 35.0318 [1+] 21.3831 [2+] 10.0091 [3+] 3.18471 [4+] 2.72975 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.