Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tinycdb-0.78/cdb_seq.c
Examining data/tinycdb-0.78/cdb_make_put.c
Examining data/tinycdb-0.78/nss_cdb-passwd.c
Examining data/tinycdb-0.78/nss_cdb.c
Examining data/tinycdb-0.78/cdb.c
Examining data/tinycdb-0.78/cdb_init.c
Examining data/tinycdb-0.78/nss_cdb-spwd.c
Examining data/tinycdb-0.78/cdb_make_add.c
Examining data/tinycdb-0.78/cdb_int.h
Examining data/tinycdb-0.78/cdb_unpack.c
Examining data/tinycdb-0.78/nss_cdb-group.c
Examining data/tinycdb-0.78/cdb.h
Examining data/tinycdb-0.78/cdb_make.c
Examining data/tinycdb-0.78/cdb_findnext.c
Examining data/tinycdb-0.78/nss_cdb.h
Examining data/tinycdb-0.78/cdb_seek.c
Examining data/tinycdb-0.78/cdb_hash.c
Examining data/tinycdb-0.78/cdb_find.c
FINAL RESULTS:
data/tinycdb-0.78/cdb.c:79:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((noreturn,format(printf,2,3)))
data/tinycdb-0.78/cdb.c:87:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/tinycdb-0.78/cdb.c:189:11: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (printf(mode == 'd' ? "+%u,%u:" : "+%u:", klen, vlen) < 0) return -1;
data/tinycdb-0.78/cdb.c:404:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(tmpname, dbname), ".tmp");
data/tinycdb-0.78/cdb.c:466:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "qdlcsht:n:mwruep:0")) != EOF)
data/tinycdb-0.78/cdb.c:116:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
r = open(dbname, O_RDONLY);
data/tinycdb-0.78/cdb.c:179:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((f = fopen(dbname, "r" FBINMODE)) == NULL)
data/tinycdb-0.78/cdb.c:216:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char toc[2048];
data/tinycdb-0.78/cdb.c:221:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((f = fopen(dbname, "r" FBINMODE)) == NULL)
data/tinycdb-0.78/cdb.c:404:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcpy(tmpname, dbname), ".tmp");
data/tinycdb-0.78/cdb.c:411:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_NOFOLLOW,
data/tinycdb-0.78/cdb.c:423:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(argv[i], "r");
data/tinycdb-0.78/cdb.h:18:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned cdb_unpack(const unsigned char buf[4]);
data/tinycdb-0.78/cdb.h:19:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void cdb_pack(unsigned num, unsigned char buf[4]);
data/tinycdb-0.78/cdb.h:85:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cdb_buf[4096]; /* write buffer */
data/tinycdb-0.78/cdb_init.c:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, len);
data/tinycdb-0.78/cdb_make.c:13:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cdb_pack(unsigned num, unsigned char buf[4])
data/tinycdb-0.78/cdb_make.c:63:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdbmp->cdb_bpos, ptr, l);
data/tinycdb-0.78/cdb_make.c:77:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdbmp->cdb_bpos, ptr, len);
data/tinycdb-0.78/cdb_make_add.c:15:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rlen[8];
data/tinycdb-0.78/cdb_seek.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rbuf[64]; /* read buffer */
data/tinycdb-0.78/cdb_unpack.c:10:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cdb_unpack(const unsigned char buf[4])
data/tinycdb-0.78/nss_cdb-group.c:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[36];
data/tinycdb-0.78/nss_cdb-group.c:86:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r = _nss_cdb_getgrgid_r(atoi(*argv), &gr, buf, sizeof(buf), &err);
data/tinycdb-0.78/nss_cdb-group.c:91:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g = getgrgid(atoi(*argv));
data/tinycdb-0.78/nss_cdb-passwd.c:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/tinycdb-0.78/nss_cdb-passwd.c:45:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r = _nss_cdb_getpwuid_r(atoi(*argv), &pw, buf, sizeof(buf), &err);
data/tinycdb-0.78/nss_cdb-passwd.c:50:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p = getpwuid(atoi(*argv));
data/tinycdb-0.78/nss_cdb.c:50:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(dbp->dbname, O_RDONLY);
data/tinycdb-0.78/nss_cdb.c:138:37: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if ((r = cdb_find(&dbp->cdb, buf, sprintf(buf, ":%lu", id))) < 0)
data/tinycdb-0.78/cdb.c:64:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen((const char*)s);
data/tinycdb-0.78/cdb.c:70:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define ustrlen strlen
data/tinycdb-0.78/cdb.c:120:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = cdb_findinit(&cf, &c, key, strlen(key));
data/tinycdb-0.78/cdb.c:297:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(f);
data/tinycdb-0.78/cdb.c:300:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = getc(f)) >= '0' && c <= '9') {
data/tinycdb-0.78/cdb.c:332:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = getc(f)) == '+') {
data/tinycdb-0.78/cdb.c:339:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(f) != '-' || getc(f) != '>') badinput(fn);
data/tinycdb-0.78/cdb.c:339:27: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(f) != '-' || getc(f) != '>') badinput(fn);
data/tinycdb-0.78/cdb.c:341:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(f) != '\n') badinput(fn);
data/tinycdb-0.78/cdb.c:394:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpname = (char*)malloc(strlen(dbname) + 5);
data/tinycdb-0.78/cdb.c:409:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/tinycdb-0.78/cdb_make_put.c:40:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(r = read(fd, cdbmp->cdb_buf, r)) <= 0)
data/tinycdb-0.78/cdb_make_put.c:81:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(cdbmp->cdb_fd, cdbmp->cdb_buf, 8) != 8)
data/tinycdb-0.78/cdb_make_put.c:94:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(cdbmp->cdb_fd, cdbmp->cdb_buf, len);
data/tinycdb-0.78/cdb_seek.c:21:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
do l = read(fd, buf, len);
data/tinycdb-0.78/nss_cdb-group.c:43:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufend = buf + strlen(buf) + 1;
data/tinycdb-0.78/nss_cdb.c:123:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = __nss_cdb_dobyname(dbp, name, strlen(name), result, buf, bufl, errnop);
ANALYSIS SUMMARY:
Hits = 47
Lines analyzed = 2070 in approximately 0.41 seconds (5012 lines/second)
Physical Source Lines of Code (SLOC) = 1701
Hits@level = [0] 23 [1] 17 [2] 25 [3] 1 [4] 4 [5] 0
Hits@level+ = [0+] 70 [1+] 47 [2+] 30 [3+] 5 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 41.1523 [1+] 27.6308 [2+] 17.6367 [3+] 2.93945 [4+] 2.35156 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.