Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/st-1.9/examples/lookupdns.c Examining data/st-1.9/examples/error.c Examining data/st-1.9/examples/proxy.c Examining data/st-1.9/examples/res.c Examining data/st-1.9/examples/server.c Examining data/st-1.9/extensions/dnscache.c Examining data/st-1.9/extensions/common.h Examining data/st-1.9/extensions/lrucache.c Examining data/st-1.9/extensions/dnsres.c Examining data/st-1.9/extensions/stx.h Examining data/st-1.9/extensions/stx_fileio.c Examining data/st-1.9/extensions/stx_fileio.h Examining data/st-1.9/extensions/testdns.c Examining data/st-1.9/event.c Examining data/st-1.9/io.c Examining data/st-1.9/key.c Examining data/st-1.9/public.h Examining data/st-1.9/common.h Examining data/st-1.9/sched.c Examining data/st-1.9/stk.c Examining data/st-1.9/sync.c Examining data/st-1.9/md.h FINAL RESULTS: data/st-1.9/examples/error.c:140:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "[%02d/%s/%d:%02d:%02d:%02d] ", tmp->tm_mday, data/st-1.9/examples/error.c:159:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, err_tstamp()); /* prepend a message with time stamp */ data/st-1.9/examples/error.c:160:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf + strlen(buf), fmt, ap); data/st-1.9/examples/error.c:162:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf + strlen(buf), ": %s\n", strerror(errno_save)); data/st-1.9/examples/proxy.c:233:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(host, str); data/st-1.9/examples/server.c:907:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. len += sprintf(buf + len, "\nListening Socket #%d:\n" data/st-1.9/extensions/testdns.c:86:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(line, "%s", str) != 1) data/st-1.9/examples/proxy.c:91:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((opt = getopt(argc, argv, "l:r:p:Saht:X")) != EOF) { data/st-1.9/examples/server.c:298:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "b:p:l:t:u:q:aiSh")) != EOF) { data/st-1.9/stk.c:97:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. long offset = (random() % extra) & ~0xf; data/st-1.9/stk.c:170:5: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom((unsigned int) st_utime()); data/st-1.9/event.c:521:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pollfds, pq->pds, sizeof(struct pollfd) * pq->npds); data/st-1.9/event.c:548:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pq->pds, pollfds, sizeof(struct pollfd) * pq->npds); data/st-1.9/event.c:723:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_st_kq_data->addlist + _st_kq_data->addlist_cnt, kev, data/st-1.9/event.c:747:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_st_kq_data->dellist + _st_kq_data->dellist_cnt, kev, data/st-1.9/examples/error.c:131:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[32]; data/st-1.9/examples/error.c:156:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXLINE]; data/st-1.9/examples/proxy.c:109:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_procs = atoi(optarg); data/st-1.9/examples/proxy.c:229:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[128], *p; data/st-1.9/examples/proxy.c:239:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = (unsigned short) atoi(p); data/st-1.9/examples/proxy.c:259:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin->sin_addr, hp->h_addr, hp->h_length); data/st-1.9/examples/proxy.c:288:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUFSIZE]; data/st-1.9/examples/proxy.c:389:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUFSIZE]; data/st-1.9/examples/res.c:97:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPACKET]; data/st-1.9/examples/res.c:123:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, cp, n); data/st-1.9/examples/res.c:215:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAXDNAME], **domain; data/st-1.9/examples/server.c:309:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vp_count = atoi(optarg); data/st-1.9/examples/server.c:319:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). max_threads = atoi(c); data/st-1.9/examples/server.c:327:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). listenq_size = atoi(optarg); data/st-1.9/examples/server.c:455:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = (unsigned short) atoi(c); data/st-1.9/examples/server.c:477:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&serv_addr.sin_addr, hp->h_addr, hp->h_length); data/st-1.9/examples/server.c:525:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]; data/st-1.9/examples/server.c:535:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(PID_FILE, O_CREAT | O_WRONLY | O_TRUNC, 0644)) < 0) data/st-1.9/examples/server.c:537:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%d\n", (int)getpid()); data/st-1.9/examples/server.c:543:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(ERRORS_FILE, O_CREAT | O_WRONLY | O_APPEND, 0644)) < 0) data/st-1.9/examples/server.c:669:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((errfd = open(ERRORS_FILE, O_CREAT | O_WRONLY | O_APPEND, 0644)) < 0) data/st-1.9/examples/server.c:766:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((errfd = open(ERRORS_FILE, O_CREAT | O_WRONLY | O_APPEND, 0644)) < 0) data/st-1.9/examples/server.c:905:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. len = sprintf(buf, "\n\nProcess #%d (pid %d):\n", my_index, (int)my_pid); data/st-1.9/examples/server.c:935:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/st-1.9/extensions/dnscache.c:72:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addrs, data->addrs, n * sizeof(*addrs)); data/st-1.9/extensions/dnscache.c:104:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->addrs, addrs, n); data/st-1.9/extensions/dnscache.c:131:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[128]; data/st-1.9/extensions/dnscache.c:149:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addrs, addr_list, n * sizeof(*addrs)); data/st-1.9/extensions/dnsres.c:87:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAXPACKET]; data/st-1.9/extensions/dnsres.c:120:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&addrs[i++], cp, n); data/st-1.9/extensions/dnsres.c:215:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[MAXDNAME], **domain; data/st-1.9/extensions/stx_fileio.c:90:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[FILEREADER_MAX_READ]; data/st-1.9/extensions/testdns.c:22:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. printf("%-40s %s\n", (char *)host, inet_ntoa(addrs[0])); data/st-1.9/extensions/testdns.c:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/st-1.9/extensions/testdns.c:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[sizeof(line)]; data/st-1.9/io.c:613:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. tmp_iov[0].iov_base = &(((char *)iov[index].iov_base)[n]); data/st-1.9/io.c:764:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). while ((osfd = open(path, oflags | O_NONBLOCK, mode)) < 0) { data/st-1.9/md.h:212:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)(_sp) - MD_STACK_PAD_SIZE, \ data/st-1.9/md.h:316:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)(_bsp) - MD_STACK_PAD_SIZE, \ data/st-1.9/sched.c:641:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thread->context, save_jb, sizeof(jmp_buf)); data/st-1.9/sched.c:648:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(thread->context, save_jb, sizeof(jmp_buf)); data/st-1.9/sched.c:668:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(save_jb, thread->context, sizeof(jmp_buf)); data/st-1.9/stk.c:132:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((zero_fd = open("/dev/zero", O_RDWR, 0)) < 0) data/st-1.9/examples/error.c:160:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsprintf(buf + strlen(buf), fmt, ap); data/st-1.9/examples/error.c:162:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(buf + strlen(buf), ": %s\n", strerror(errno_save)); data/st-1.9/examples/error.c:164:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf, "\n"); data/st-1.9/examples/error.c:165:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(fd, buf, strlen(buf)); data/st-1.9/examples/proxy.c:488:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/st-1.9/examples/res.c:283:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(name + n, *domain, maxlen - n); data/st-1.9/examples/server.c:394:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/st-1.9/examples/server.c:538:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(fd, str, strlen(str)) != strlen(str)) data/st-1.9/examples/server.c:538:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(fd, str, strlen(str)) != strlen(str)) data/st-1.9/extensions/dnscache.c:109:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). entry = stx_cache_entry_create(key, data, strlen(host) + 1 + data/st-1.9/extensions/dnsres.c:283:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(name + n, *domain, maxlen - n); data/st-1.9/extensions/stx_fileio.c:94:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (sizeof(cb) == read(control_pipe[0], &cb, sizeof(cb))) { data/st-1.9/extensions/stx_fileio.c:103:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nb = read(fd, buf, cb.nbytes); data/st-1.9/io.c:437:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((n = read(fd->osfd, buf, nbyte)) < 0) { data/st-1.9/io.c:492:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(fd->osfd, (*iov)->iov_base, (*iov)->iov_len); ANALYSIS SUMMARY: Hits = 73 Lines analyzed = 8359 in approximately 0.23 seconds (36558 lines/second) Physical Source Lines of Code (SLOC) = 5581 Hits@level = [0] 47 [1] 15 [2] 47 [3] 4 [4] 7 [5] 0 Hits@level+ = [0+] 120 [1+] 73 [2+] 58 [3+] 11 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 21.5015 [1+] 13.0801 [2+] 10.3924 [3+] 1.97097 [4+] 1.25426 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.