Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/safecopy-1.7/src/voidlist.c Examining data/safecopy-1.7/src/arglist.c Examining data/safecopy-1.7/src/textlist.h Examining data/safecopy-1.7/src/voidlist.h Examining data/safecopy-1.7/src/lowlevel.h Examining data/safecopy-1.7/src/lowlevel.c Examining data/safecopy-1.7/src/textlist.c Examining data/safecopy-1.7/src/safecopy.c Examining data/safecopy-1.7/src/arglist.h Examining data/safecopy-1.7/simulator/src/simulatorlb.c FINAL RESULTS: data/safecopy-1.7/simulator/src/simulatorlb.c:260:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(number,"%s",filename); data/safecopy-1.7/src/safecopy.c:162:9: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vfprintf(stderr, format, ap); data/safecopy-1.7/src/safecopy.c:466:3: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(script, script, firstarg, secondarg, thirdarg, NULL); data/safecopy-1.7/simulator/src/simulatorlb.c:37:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int open(const char*,int,...); data/safecopy-1.7/simulator/src/simulatorlb.c:79:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char filename[256]="/dev/urandom"; data/safecopy-1.7/simulator/src/simulatorlb.c:215:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/safecopy-1.7/simulator/src/simulatorlb.c:224:5: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd=fopen(CONFIGFILE,"r"); data/safecopy-1.7/simulator/src/simulatorlb.c:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[17]; data/safecopy-1.7/simulator/src/simulatorlb.c:328:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[33]; data/safecopy-1.7/simulator/src/simulatorlb.c:355:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int open(const char *pathname, int flags, ...) { data/safecopy-1.7/src/lowlevel.c:177:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char blockbuffer[CD_FRAMESIZE_RAWER]; data/safecopy-1.7/src/lowlevel.c:203:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,(blockbuffer+extra+cdromsectoroffset),xlength); data/safecopy-1.7/src/lowlevel.c:228:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fd=open(filename,O_RDONLY | O_NONBLOCK | syncmode ); data/safecopy-1.7/src/lowlevel.c:244:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fd=open(filename,O_RDONLY | O_NONBLOCK | syncmode ); data/safecopy-1.7/src/lowlevel.c:256:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fd=open(filename,O_RDONLY | O_NONBLOCK | syncmode ); data/safecopy-1.7/src/lowlevel.c:266:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). *fd=open(filename,O_RDONLY | O_NONBLOCK | syncmode ); data/safecopy-1.7/src/lowlevel.c:282:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int inf=open(filename, O_RDONLY); data/safecopy-1.7/src/lowlevel.c:295:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int inf=open(filename, O_RDONLY); data/safecopy-1.7/src/safecopy.c:133:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char textbuffer[256]; data/safecopy-1.7/src/safecopy.c:381:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char percentage[16]="100%"; data/safecopy-1.7/src/safecopy.c:385:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(percentage, " %i%%", percent ); data/safecopy-1.7/src/safecopy.c:441:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char firstarg[128]; data/safecopy-1.7/src/safecopy.c:442:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char secondarg[128]; data/safecopy-1.7/src/safecopy.c:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thirdarg[128]; data/safecopy-1.7/src/safecopy.c:461:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(firstarg, "%llu", (long long)(delta/ blocksize )); data/safecopy-1.7/src/safecopy.c:462:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(secondarg, "%llu", (long long)blocksize ); data/safecopy-1.7/src/safecopy.c:463:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(thirdarg, "%llu", (long long)old); data/safecopy-1.7/src/safecopy.c:481:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nullmarker[8]={0}; data/safecopy-1.7/src/safecopy.c:495:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( databuffer +writeoffset, marker, writeremain ); data/safecopy-1.7/src/safecopy.c:497:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( databuffer +writeoffset, nullmarker, writeremain ); data/safecopy-1.7/src/safecopy.c:501:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( databuffer + writeoffset, marker, blocksize -writeoffset); data/safecopy-1.7/src/safecopy.c:545:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( textbuffer , "%llu\n", (long long)* lastbadblock ); data/safecopy-1.7/src/safecopy.c:579:29: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->xblocksin = fopen(configvars->xblocksinfile, "r"); data/safecopy-1.7/src/safecopy.c:903:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_RSYNC); data/safecopy-1.7/src/safecopy.c:1066:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | statusvars->syncmode ); data/safecopy-1.7/src/safecopy.c:1075:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->xblocksin = fopen(configvars->xblocksinfile, "r"); data/safecopy-1.7/src/safecopy.c:1085:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->bblocksin = fopen(configvars->bblocksinfile, "r"); data/safecopy-1.7/src/safecopy.c:1094:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->destination = open(configvars->destfile, O_WRONLY, 0666 ); data/safecopy-1.7/src/safecopy.c:1122:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->destination = open(configvars->destfile, O_WRONLY | O_TRUNC | O_CREAT, 0666 ); data/safecopy-1.7/src/safecopy.c:1136:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->bblocksout = open(configvars->bblocksoutfile, O_WRONLY | O_APPEND | O_CREAT, 0666); data/safecopy-1.7/src/safecopy.c:1138:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->bblocksout = open(configvars->bblocksoutfile, O_WRONLY | O_TRUNC | O_CREAT, 0666); data/safecopy-1.7/src/safecopy.c:1154:28: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->timingfile = fopen(configvars->timingfilestring, "a"); data/safecopy-1.7/src/safecopy.c:1218:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | statusvars->syncmode ); data/safecopy-1.7/src/safecopy.c:1306:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->xblocksin = fopen(configvars->xblocksinfile, "r"); data/safecopy-1.7/src/safecopy.c:1422:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | statusvars->syncmode ); data/safecopy-1.7/src/safecopy.c:1511:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( statusvars->textbuffer , " [%lli] \n", (long long)tmp_pos); data/safecopy-1.7/src/safecopy.c:1549:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( statusvars->textbuffer , "}[%llu](+%llu)", (long long)tmp_pos, (long long)tmp_bytes); data/safecopy-1.7/src/safecopy.c:1651:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( statusvars->textbuffer , "[%llu](+%llu){", (long long)tmp_pos, (long long)tmp_bytes); data/safecopy-1.7/src/safecopy.c:1694:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | O_RSYNC ); data/safecopy-1.7/src/safecopy.c:1702:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | O_RSYNC ); data/safecopy-1.7/src/safecopy.c:1712:25: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | statusvars->syncmode ); data/safecopy-1.7/src/safecopy.c:1715:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). statusvars->source = open(configvars->sourcefile, O_RDONLY | O_NONBLOCK | statusvars->syncmode ); data/safecopy-1.7/src/safecopy.c:1740:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( statusvars->textbuffer , "}[%llu](+%llu)", (long long)tmp_pos, (long long)tmp_bytes); data/safecopy-1.7/simulator/src/simulatorlb.c:41:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t read(int,void*,size_t); data/safecopy-1.7/simulator/src/simulatorlb.c:443:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ssize_t read(int fd,void *buf,size_t count) { data/safecopy-1.7/src/arglist.c:200:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len=strlen(temp); data/safecopy-1.7/src/arglist.c:210:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len=strlen(temp); data/safecopy-1.7/src/arglist.c:408:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len=strlen(text); data/safecopy-1.7/src/arglist.c:444:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len=strlen(text); data/safecopy-1.7/src/lowlevel.c:16:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). retval=read(*fd,buffer,length); data/safecopy-1.7/src/lowlevel.c:186:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return(read(fd,buffer,length)); data/safecopy-1.7/src/lowlevel.c:232:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). retval=read(*fd,buffer,length); data/safecopy-1.7/src/lowlevel.c:260:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). retval=read(*fd,buffer,length); data/safecopy-1.7/src/lowlevel.c:271:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). retval=read(*fd,buffer,length); data/safecopy-1.7/src/lowlevel.c:276:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). retval=read(*fd,buffer,length); data/safecopy-1.7/src/safecopy.c:346:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(option); data/safecopy-1.7/src/safecopy.c:386:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(2, percentage, strlen(percentage)); data/safecopy-1.7/src/safecopy.c:427:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(2, icon, strlen(icon)); data/safecopy-1.7/src/safecopy.c:491:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). writeremain = strlen(marker); data/safecopy-1.7/src/safecopy.c:547:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(bblocksout, textbuffer , strlen( textbuffer )); data/safecopy-1.7/src/safecopy.c:1465:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). statusvars->block = read(statusvars->source, statusvars->databuffer , statusvars->maxremain ); data/safecopy-1.7/src/safecopy.c:1512:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(2, statusvars->textbuffer , strlen( statusvars->textbuffer )); data/safecopy-1.7/src/safecopy.c:1550:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(1, statusvars->textbuffer , strlen( statusvars->textbuffer )); data/safecopy-1.7/src/safecopy.c:1652:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(1, statusvars->textbuffer , strlen( statusvars->textbuffer )); data/safecopy-1.7/src/safecopy.c:1654:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). statusvars->linewidth += strlen( statusvars->textbuffer ); data/safecopy-1.7/src/safecopy.c:1699:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(statusvars->source, statusvars->databuffer , statusvars->blocksize ); data/safecopy-1.7/src/safecopy.c:1707:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(statusvars->source, statusvars->databuffer , statusvars->blocksize ); data/safecopy-1.7/src/safecopy.c:1741:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(1, statusvars->textbuffer , strlen( statusvars->textbuffer )); ANALYSIS SUMMARY: Hits = 78 Lines analyzed = 3734 in approximately 0.16 seconds (23020 lines/second) Physical Source Lines of Code (SLOC) = 2751 Hits@level = [0] 256 [1] 25 [2] 50 [3] 0 [4] 3 [5] 0 Hits@level+ = [0+] 334 [1+] 78 [2+] 53 [3+] 3 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 121.41 [1+] 28.3533 [2+] 19.2657 [3+] 1.09051 [4+] 1.09051 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.