Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tcpick-0.2.1/src/datalink.c
Examining data/tcpick-0.2.1/src/verify.c
Examining data/tcpick-0.2.1/src/colors.c
Examining data/tcpick-0.2.1/src/timer.c
Examining data/tcpick-0.2.1/src/timer.h
Examining data/tcpick-0.2.1/src/tcp.h
Examining data/tcpick-0.2.1/src/udp.h
Examining data/tcpick-0.2.1/src/flags.h
Examining data/tcpick-0.2.1/src/fragment.h
Examining data/tcpick-0.2.1/src/colors.h
Examining data/tcpick-0.2.1/src/def.h
Examining data/tcpick-0.2.1/src/lookup.h
Examining data/tcpick-0.2.1/src/quit.c
Examining data/tcpick-0.2.1/src/msg.c
Examining data/tcpick-0.2.1/src/fragments.c
Examining data/tcpick-0.2.1/src/ip.h
Examining data/tcpick-0.2.1/src/lookup_query.c
Examining data/tcpick-0.2.1/src/lookup_tree.c
Examining data/tcpick-0.2.1/src/text.h
Examining data/tcpick-0.2.1/src/write.c
Examining data/tcpick-0.2.1/src/tracker.c
Examining data/tcpick-0.2.1/src/args.c
Examining data/tcpick-0.2.1/src/tcpick.h
Examining data/tcpick-0.2.1/src/display.c
Examining data/tcpick-0.2.1/src/tcpick.c
Examining data/tcpick-0.2.1/src/debug.c
Examining data/tcpick-0.2.1/src/extern.h
Examining data/tcpick-0.2.1/src/loop.c
Examining data/tcpick-0.2.1/src/time.c
Examining data/tcpick-0.2.1/src/conn.h
Examining data/tcpick-0.2.1/src/globals.h
FINAL RESULTS:
data/tcpick-0.2.1/src/colors.c:42:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf ( out, fmt, list );
data/tcpick-0.2.1/src/display.c:248:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(out, pos % 2 ? "%2.2x " : "%2.2x", *( buf + pos ) );
data/tcpick-0.2.1/src/display.c:258:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(out, pos % 2 ? " " : " ");
data/tcpick-0.2.1/src/display.c:295:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(out, pos % 2 ? "%2.2x " : "%2.2x", *( buf + pos ) );
data/tcpick-0.2.1/src/display.c:300:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(out, pos % 2 ? " " : " ");
data/tcpick-0.2.1/src/msg.c:40:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (fmt, list);
data/tcpick-0.2.1/src/msg.c:54:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf( stderr, fmt, list );
data/tcpick-0.2.1/src/msg.c:71:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf ( stdout, fmt, list );
data/tcpick-0.2.1/src/msg.c:94:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "[%s] %s", func, desc );
data/tcpick-0.2.1/src/quit.c:44:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "[%s] %s", func, desc );
data/tcpick-0.2.1/src/quit.c:63:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, fmt, list);
data/tcpick-0.2.1/src/write.c:77:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(client_server,"%s", clientname);
data/tcpick-0.2.1/src/write.c:80:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(client_server,"%s_%s_%s",
data/tcpick-0.2.1/src/write.c:90:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_name, "%s/tcpick_%s.both", dir_name, client_server);
data/tcpick-0.2.1/src/write.c:93:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_name, "%s/tcpick_%06u_%s.both", dir_name, conn_ptr->num, client_server);
data/tcpick-0.2.1/src/write.c:106:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_name, "%s/tcpick_%s.clnt", dir_name, client_server);
data/tcpick-0.2.1/src/write.c:111:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_name,"%s/tcpick_%s.serv", dir_name, client_server);
data/tcpick-0.2.1/src/write.c:120:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_name, "%s/tcpick_%06u_%s.clnt", dir_name, conn_ptr->num, client_server);
data/tcpick-0.2.1/src/write.c:125:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_name,"%s/tcpick_%06u_%s.serv", dir_name, conn_ptr->num, client_server);
data/tcpick-0.2.1/src/write.c:132:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( test_name, "%s.%s", base_name, ext );
data/tcpick-0.2.1/src/write.c:135:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( test_name, "%s.%x.%s", base_name, num, ext );
data/tcpick-0.2.1/src/write.c:220:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(desc->file,
data/tcpick-0.2.1/src/args.c:193:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (( opt = getopt_long(argc,argv,
data/tcpick-0.2.1/src/args.c:200:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ( ( opt = getopt( argc, argv, NONGNU_OPTIONS ) ) !=-1 )
data/tcpick-0.2.1/src/args.c:215:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (( flags.maxconns = atoi(optarg)) == 0)
data/tcpick-0.2.1/src/args.c:225:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags.dirs = atoi(optarg);
data/tcpick-0.2.1/src/args.c:235:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags.exitpackets = atoi(optarg);
data/tcpick-0.2.1/src/args.c:259:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (! ( flags.exitclosed = atoi(optarg) ) )
data/tcpick-0.2.1/src/args.c:267:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags.filenaming = atoi(optarg);
data/tcpick-0.2.1/src/args.c:349:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (! ( flags.trackonly = atoi(optarg) ) ) {
data/tcpick-0.2.1/src/args.c:377:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags.timeout = atoi(optarg);
data/tcpick-0.2.1/src/colors.c:18:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[13];
data/tcpick-0.2.1/src/colors.c:20:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(command, "%c[%d;%dm", 0x1B, attr, fg + 30);
data/tcpick-0.2.1/src/datalink.c:46:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_NULL");
data/tcpick-0.2.1/src/datalink.c:51:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_EN10MB");
data/tcpick-0.2.1/src/datalink.c:56:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_IEEE802");
data/tcpick-0.2.1/src/datalink.c:61:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_ARCNET");
data/tcpick-0.2.1/src/datalink.c:66:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_FDDI");
data/tcpick-0.2.1/src/datalink.c:71:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_ATM_RFC1483");
data/tcpick-0.2.1/src/datalink.c:76:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_RAW");
data/tcpick-0.2.1/src/datalink.c:81:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_PPP_SERIAL");
data/tcpick-0.2.1/src/datalink.c:86:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_PPP_ETHER");
data/tcpick-0.2.1/src/datalink.c:91:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_C_HDLC");
data/tcpick-0.2.1/src/datalink.c:96:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_IEEE802_11");
data/tcpick-0.2.1/src/datalink.c:101:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_LOOP");
data/tcpick-0.2.1/src/datalink.c:106:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_LINUX_SLL");
data/tcpick-0.2.1/src/datalink.c:111:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_LTALK");
data/tcpick-0.2.1/src/datalink.c:116:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_PFLOG");
data/tcpick-0.2.1/src/datalink.c:121:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_PPP");
data/tcpick-0.2.1/src/datalink.c:126:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_SLIP");
data/tcpick-0.2.1/src/datalink.c:131:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_SLIP_BSDOS");
data/tcpick-0.2.1/src/datalink.c:136:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "DLT_PPP_BSDOS");
data/tcpick-0.2.1/src/datalink.c:141:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "UNKNOWN(0x%x)(%d)" , dl_id , dl_id);
data/tcpick-0.2.1/src/display.c:40:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "SYN-SENT" );
data/tcpick-0.2.1/src/display.c:43:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "SYN-RECEIVED" );
data/tcpick-0.2.1/src/display.c:46:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "ESTABLISHED" );
data/tcpick-0.2.1/src/display.c:49:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "FIN-WAIT-1" );
data/tcpick-0.2.1/src/display.c:52:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "FIN-WAIT-2" );
data/tcpick-0.2.1/src/display.c:56:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "TIME-WAIT" );
data/tcpick-0.2.1/src/display.c:60:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "CLOSED" );
data/tcpick-0.2.1/src/display.c:64:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "RESET" );
data/tcpick-0.2.1/src/display.c:67:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "EXPIRED" );
data/tcpick-0.2.1/src/display.c:70:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( str, "ERROR" );
data/tcpick-0.2.1/src/display.c:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[16] = "................" ;
data/tcpick-0.2.1/src/fragments.c:111:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( new->payload, payload, payload_len );
data/tcpick-0.2.1/src/lookup_query.c:93:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s_port,"%d",ntohs(port));
data/tcpick-0.2.1/src/lookup_tree.c:79:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(new->ip), &ip, sizeof(struct in_addr));
data/tcpick-0.2.1/src/tcpick.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE];
data/tcpick-0.2.1/src/tcpick.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[128];
data/tcpick-0.2.1/src/time.c:51:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ret,"%2.2d:%2.2d:%2.2d.%6.6d",
data/tcpick-0.2.1/src/time.c:60:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ret,
data/tcpick-0.2.1/src/write.c:59:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dir_name,"%06u", conn_ptr->num / flags.dirs);
data/tcpick-0.2.1/src/write.c:168:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
desc->file = fopen( s , "a" );
data/tcpick-0.2.1/src/write.c:175:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lockfile = fopen( s , "a" );
data/tcpick-0.2.1/src/args.c:86:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen( s ) ; i++) {
data/tcpick-0.2.1/src/args.c:125:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen( s ) ; i++) {
data/tcpick-0.2.1/src/args.c:251:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(optarg) == 1 )
data/tcpick-0.2.1/src/args.c:341:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(optarg) == 1 )
data/tcpick-0.2.1/src/msg.c:92:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(func) + strlen(desc) + 16;
data/tcpick-0.2.1/src/msg.c:92:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(func) + strlen(desc) + 16;
data/tcpick-0.2.1/src/quit.c:42:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(func) + strlen(desc) + 16;
data/tcpick-0.2.1/src/quit.c:42:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(func) + strlen(desc) + 16;
data/tcpick-0.2.1/src/write.c:73:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(dir_name,".");
ANALYSIS SUMMARY:
Hits = 83
Lines analyzed = 4269 in approximately 0.12 seconds (35902 lines/second)
Physical Source Lines of Code (SLOC) = 2557
Hits@level = [0] 24 [1] 9 [2] 50 [3] 2 [4] 22 [5] 0
Hits@level+ = [0+] 107 [1+] 83 [2+] 74 [3+] 24 [4+] 22 [5+] 0
Hits/KSLOC@level+ = [0+] 41.8459 [1+] 32.4599 [2+] 28.9402 [3+] 9.386 [4+] 8.60383 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.