Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/serialdv-1.1.4/datacontroller.cpp
Examining data/serialdv-1.1.4/datacontroller.h
Examining data/serialdv-1.1.4/dummydatacontroller.cpp
Examining data/serialdv-1.1.4/dummydatacontroller.h
Examining data/serialdv-1.1.4/dvcontroller.cpp
Examining data/serialdv-1.1.4/dvcontroller.h
Examining data/serialdv-1.1.4/dvtest.cpp
Examining data/serialdv-1.1.4/serialdatacontroller.cpp
Examining data/serialdv-1.1.4/serialdatacontroller.h
Examining data/serialdv-1.1.4/serialdv_export.h
Examining data/serialdv-1.1.4/udpdatacontroller.cpp
Examining data/serialdv-1.1.4/udpdatacontroller.h
FINAL RESULTS:
data/serialdv-1.1.4/dvtest.cpp:91:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv,
data/serialdv-1.1.4/datacontroller.h:49:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open(const std::string& device, SERIAL_SPEED speed) = 0;
data/serialdv-1.1.4/dummydatacontroller.cpp:30:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DummyDataController::open(const std::string& device, SERIAL_SPEED speed)
data/serialdv-1.1.4/dummydatacontroller.h:30:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open(const std::string& device, SERIAL_SPEED speed);
data/serialdv-1.1.4/dvcontroller.cpp:54:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DVController::open(const std::string& device, bool halfSpeed)
data/serialdv-1.1.4/dvcontroller.cpp:68:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool res = m_serial->open(device, halfSpeed ? SERIAL_230400 : SERIAL_460800);
data/serialdv-1.1.4/dvcontroller.cpp:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DataController::BUFFER_LENGTH];
data/serialdv-1.1.4/dvcontroller.cpp:221:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DV3000_REQ_GAIN_LEN + 2];
data/serialdv-1.1.4/dvcontroller.cpp:222:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(buffer, DV3000_REQ_GAIN, DV3000_REQ_GAIN_LEN);
data/serialdv-1.1.4/dvcontroller.cpp:254:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DV3000_AUDIO_HEADER_LEN + MBE_AUDIO_BLOCK_BYTES_INTERNAL];
data/serialdv-1.1.4/dvcontroller.cpp:256:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(buffer, DV3000_AUDIO_HEADER, DV3000_AUDIO_HEADER_LEN);
data/serialdv-1.1.4/dvcontroller.cpp:274:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DataController::BUFFER_LENGTH];
data/serialdv-1.1.4/dvcontroller.cpp:283:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(ambe, buffer + DV3000_AMBE_HEADER_LEN, length);
data/serialdv-1.1.4/dvcontroller.cpp:295:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DV3000_AMBE_HEADER_LEN + MBE_FRAME_MAX_LENGTH_BYTES_INTERNAL];
data/serialdv-1.1.4/dvcontroller.cpp:296:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(buffer, DV3000_AMBE_HEADER, DV3000_AMBE_HEADER_LEN);
data/serialdv-1.1.4/dvcontroller.cpp:297:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(buffer + DV3000_AMBE_HEADER_LEN, ambe, nbBytes);
data/serialdv-1.1.4/dvcontroller.cpp:301:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&buffer[1], &lengthPtr[1], 1); // set header length field with little endian byte order
data/serialdv-1.1.4/dvcontroller.cpp:302:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&buffer[2], &lengthPtr[0], 1); // set header length field with little endian byte order
data/serialdv-1.1.4/dvcontroller.cpp:306:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&buffer[1], &lengthPtr[0], 1); // set header length field with big endian byte order
data/serialdv-1.1.4/dvcontroller.cpp:307:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&buffer[2], &lengthPtr[1], 1); // set header length field with big endian byte order
data/serialdv-1.1.4/dvcontroller.cpp:310:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&buffer[5], &nbBits, 1); // set CHAND number of bits
data/serialdv-1.1.4/dvcontroller.cpp:321:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DataController::BUFFER_LENGTH];
data/serialdv-1.1.4/dvcontroller.cpp:388:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DataController::BUFFER_LENGTH];
data/serialdv-1.1.4/dvcontroller.h:87:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const std::string& device, bool halfSpeed=false);
data/serialdv-1.1.4/dvtest.cpp:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_file[1024];
data/serialdv-1.1.4/dvtest.cpp:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_file[1024];
data/serialdv-1.1.4/dvtest.cpp:138:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in_file_fd = open(in_file, O_RDONLY);
data/serialdv-1.1.4/dvtest.cpp:157:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out_file_fd = open(out_file, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH);
data/serialdv-1.1.4/dvtest.cpp:172:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dvMbeSamples[SerialDV::MBE_FRAME_MAX_LENGTH_BYTES];
data/serialdv-1.1.4/dvtest.cpp:176:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (dvController.open(dvSerialDevice))
data/serialdv-1.1.4/serialdatacontroller.cpp:63:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SerialDataController::open(const std::string& device, SERIAL_SPEED speed)
data/serialdv-1.1.4/serialdatacontroller.cpp:214:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(buffer, m_readBuffer, bytes);
data/serialdv-1.1.4/serialdatacontroller.cpp:240:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(buffer, m_readBuffer, bytes);
data/serialdv-1.1.4/serialdatacontroller.cpp:306:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool SerialDataController::open(const std::string& device, SERIAL_SPEED speed)
data/serialdv-1.1.4/serialdatacontroller.cpp:314:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_fd = ::open(m_device.c_str(), O_RDWR | O_NOCTTY | O_NDELAY, 0);
data/serialdv-1.1.4/serialdatacontroller.h:33:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open(const std::string& device, SERIAL_SPEED speed);
data/serialdv-1.1.4/udpdatacontroller.cpp:61:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool UDPDataController::open(const std::string& ipAndPort, SERIAL_SPEED speed)
data/serialdv-1.1.4/udpdatacontroller.cpp:72:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m_port = atoi(m_port_str.c_str());
data/serialdv-1.1.4/udpdatacontroller.h:33:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual bool open(const std::string& ipAndPort, SERIAL_SPEED speed);
data/serialdv-1.1.4/udpdatacontroller.h:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_responseBuffer[2000];
data/serialdv-1.1.4/datacontroller.h:52:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(unsigned char* buffer, unsigned int lengthInBytes) = 0;
data/serialdv-1.1.4/dummydatacontroller.cpp:37:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int DummyDataController::read(unsigned char* buffer, unsigned int lengthInBytes)
data/serialdv-1.1.4/dummydatacontroller.h:33:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(unsigned char* buffer, unsigned int lengthInBytes);
data/serialdv-1.1.4/dvcontroller.cpp:427:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len1 = m_serial->read(buffer, 1U);
data/serialdv-1.1.4/dvcontroller.cpp:455:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len1 = m_serial->read(&buffer[1 + offset], packetLength - offset);
data/serialdv-1.1.4/dvcontroller.cpp:488:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len1 = m_serial->read(&buffer[4 + offset], packetLength - offset);
data/serialdv-1.1.4/dvtest.cpp:101:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(in_file, (const char *) optarg, 1023);
data/serialdv-1.1.4/dvtest.cpp:105:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out_file, (const char *) optarg, 1023);
data/serialdv-1.1.4/dvtest.cpp:201:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int result = read(in_file_fd, (void *) dvAudioSamples, SerialDV::MBE_AUDIO_BLOCK_BYTES);
data/serialdv-1.1.4/serialdatacontroller.cpp:161:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int SerialDataController::read(unsigned char* buffer, unsigned int length)
data/serialdv-1.1.4/serialdatacontroller.cpp:427:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int SerialDataController::read(unsigned char* buffer, unsigned int lengthInBytes)
data/serialdv-1.1.4/serialdatacontroller.cpp:471:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t len = ::read(m_fd, buffer + offset, lengthInBytes - offset);
data/serialdv-1.1.4/serialdatacontroller.h:36:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(unsigned char* buffer, unsigned int lengthInBytes);
data/serialdv-1.1.4/udpdatacontroller.cpp:107:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int UDPDataController::read(unsigned char* buffer, unsigned int lengthInBytes)
data/serialdv-1.1.4/udpdatacontroller.h:36:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(unsigned char* buffer, unsigned int lengthInBytes);
ANALYSIS SUMMARY:
Hits = 55
Lines analyzed = 2121 in approximately 0.06 seconds (34233 lines/second)
Physical Source Lines of Code (SLOC) = 1553
Hits@level = [0] 82 [1] 15 [2] 39 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 137 [1+] 55 [2+] 40 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 88.2164 [1+] 35.4153 [2+] 25.7566 [3+] 0.643915 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.