Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/uucpsend-1.1/log.c Examining data/uucpsend-1.1/log.h Examining data/uucpsend-1.1/paths.h Examining data/uucpsend-1.1/uucpsend.c FINAL RESULTS: data/uucpsend-1.1/log.c:63:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(logfile, format, argp); data/uucpsend-1.1/log.c:70:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, format, argp); data/uucpsend-1.1/uucpsend.c:65:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s", what); data/uucpsend-1.1/uucpsend.c:67:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/LOCK.%s", _PATH_LOCKS, what); data/uucpsend-1.1/uucpsend.c:93:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s", what); data/uucpsend-1.1/uucpsend.c:95:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s/LOCK.%s", _PATH_LOCKS, what); data/uucpsend-1.1/uucpsend.c:125:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(arg_sites, argv[optind++]); data/uucpsend-1.1/uucpsend.c:126:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(arg_sites, "%s%c", arg_sites, DELIMITER); data/uucpsend-1.1/uucpsend.c:190:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->name, field); data/uucpsend-1.1/uucpsend.c:224:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->header, field); data/uucpsend-1.1/uucpsend.c:238:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->compressor, field); data/uucpsend-1.1/uucpsend.c:246:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->uuxargs, cp); data/uucpsend-1.1/uucpsend.c:321:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->name, name); data/uucpsend-1.1/uucpsend.c:329:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->header, site->header); data/uucpsend-1.1/uucpsend.c:335:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->compressor, site->compressor); data/uucpsend-1.1/uucpsend.c:341:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpsite->uuxargs, site->uuxargs); data/uucpsend-1.1/uucpsend.c:373:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tempo2, "%s", cp2); data/uucpsend-1.1/uucpsend.c:378:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keep, "%s%c%s", tempo1, DELIMITER, tempo2); data/uucpsend-1.1/uucpsend.c:380:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keep, "%s", tempo1); data/uucpsend-1.1/uucpsend.c:384:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(keep, "%s", tempo2); data/uucpsend-1.1/uucpsend.c:459:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s -P %s ", PATH_DF, PATH_UUSPOOL); data/uucpsend-1.1/uucpsend.c:460:14: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. pcmd = popen(cmd, "r"); data/uucpsend-1.1/uucpsend.c:476:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(batchfile, "%s/%s.uucp", _PATH_BATCHDIR, site->name); data/uucpsend-1.1/uucpsend.c:477:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(batchtmp, "%s/%s.work", _PATH_BATCHDIR, site->name); data/uucpsend-1.1/uucpsend.c:479:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s %s >> %s; %s -f %s", PATH_CAT, batchtmp, batchfile, PATH_RM, batchtmp); data/uucpsend-1.1/uucpsend.c:480:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:482:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s -s -t30 flush %s", PATH_CTLINND, site->name); data/uucpsend-1.1/uucpsend.c:483:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ((ret = system (cmd))) { data/uucpsend-1.1/uucpsend.c:486:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s -f %s", PATH_RM, batchfile); data/uucpsend-1.1/uucpsend.c:487:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:493:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s %s/%s %s; %s -s -t30 flush %s", PATH_MV, _PATH_BATCHDIR, site->name, batchtmp, PATH_CTLINND, site->name); data/uucpsend-1.1/uucpsend.c:494:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:496:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s %s >> %s", PATH_CAT, batchfile, batchtmp); data/uucpsend-1.1/uucpsend.c:497:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:499:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s %s | %s > %s; %s -f %s", PATH_CAT, batchtmp, PATH_SORT, batchfile, PATH_RM, batchtmp); data/uucpsend-1.1/uucpsend.c:500:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:504:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s -f %s", PATH_RM, batchfile); data/uucpsend-1.1/uucpsend.c:505:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:529:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s -s %s/%s ", PATH_DU, PATH_UUSPOOL, site->name); data/uucpsend-1.1/uucpsend.c:530:14: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. pcmd = popen(cmd, "r"); data/uucpsend-1.1/uucpsend.c:547:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(uuxcmd, "( echo \\\"#! %s\\\" ; %s ) | %s %s %s %s!rnews", data/uucpsend-1.1/uucpsend.c:556:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s/batcher -B%d -b%d -p \"%s\" %s %s", data/uucpsend-1.1/uucpsend.c:558:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:561:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "%s -f %s;", PATH_RM, batchfile); data/uucpsend-1.1/uucpsend.c:562:15: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/uucpsend-1.1/uucpsend.c:590:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s, "%s/%s", _PATH_MOST_LOGS, "uucpsend.log"); data/uucpsend-1.1/uucpsend.c:603:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s, "%s-%s", arg_ctlfile, arg_ctlappendix); data/uucpsend-1.1/uucpsend.c:111:26: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while (EOF != (argch = getopt(argc, argv, "f:c:"))) { data/uucpsend-1.1/log.c:35:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile = fopen(name,"a"); data/uucpsend-1.1/uucpsend.c:51:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg_ctlfile[255] = PATH_UUCPCTL; data/uucpsend-1.1/uucpsend.c:52:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg_ctlappendix[255] = ""; data/uucpsend-1.1/uucpsend.c:53:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg_sites[1024] = ""; data/uucpsend-1.1/uucpsend.c:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[255]; data/uucpsend-1.1/uucpsend.c:74:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(lock = fopen(path, "w"))) { data/uucpsend-1.1/uucpsend.c:89:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[255]; data/uucpsend-1.1/uucpsend.c:142:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[LINELENGTH], field[LINELENGTH]; data/uucpsend-1.1/uucpsend.c:147:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ctlfile = fopen(fname, "r")) == NULL) { data/uucpsend-1.1/uucpsend.c:200:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmpsite->maxsize = atoi(field); data/uucpsend-1.1/uucpsend.c:210:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmpsite->queuesize = atoi(field); data/uucpsend-1.1/uucpsend.c:351:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempo1[1024], tempo2[1024]; data/uucpsend-1.1/uucpsend.c:400:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char site[20]; data/uucpsend-1.1/uucpsend.c:441:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char batchfile[255]; data/uucpsend-1.1/uucpsend.c:442:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char batchtmp[255]; data/uucpsend-1.1/uucpsend.c:443:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/uucpsend-1.1/uucpsend.c:444:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuxcmd[1024]; data/uucpsend-1.1/uucpsend.c:445:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/uucpsend-1.1/uucpsend.c:584:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[255]; data/uucpsend-1.1/uucpsend.c:116:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (arg_ctlfile, optarg, sizeof (arg_ctlfile)); data/uucpsend-1.1/uucpsend.c:119:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (arg_ctlappendix, optarg, sizeof (arg_ctlappendix)); data/uucpsend-1.1/uucpsend.c:128:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). arg_sites[strlen(arg_sites)-1] = '\0'; data/uucpsend-1.1/uucpsend.c:156:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (line[strlen(line)-1] == '\n') data/uucpsend-1.1/uucpsend.c:157:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). line[strlen(line)-1] = '\0'; data/uucpsend-1.1/uucpsend.c:164:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (cp2 = line + strlen(line)-1; cp2 >= line && (*cp2 == ' ' || *cp2 == '\t'); cp2--) data/uucpsend-1.1/uucpsend.c:169:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(line)) data/uucpsend-1.1/uucpsend.c:184:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(field, cp, (int)cp2 - (int)cp); data/uucpsend-1.1/uucpsend.c:186:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->name = (char *)malloc(strlen(field)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:191:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(field) +1; data/uucpsend-1.1/uucpsend.c:198:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(field, cp, (int)cp2 - (int)cp); data/uucpsend-1.1/uucpsend.c:201:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(field) +1; data/uucpsend-1.1/uucpsend.c:208:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(field, cp, (int)cp2 - (int)cp); data/uucpsend-1.1/uucpsend.c:211:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(field) +1; data/uucpsend-1.1/uucpsend.c:218:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(field, cp, (int)cp2 - (int)cp); data/uucpsend-1.1/uucpsend.c:220:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->header = (char *)malloc(strlen(field)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:225:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(field) +1; data/uucpsend-1.1/uucpsend.c:232:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(field, cp, (int)cp2 - (int)cp); data/uucpsend-1.1/uucpsend.c:234:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->compressor = (char *)malloc(strlen(field)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:239:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(field) +1; data/uucpsend-1.1/uucpsend.c:242:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->uuxargs = (char *)malloc(strlen(cp)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:317:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->name = (char *)malloc(strlen(name)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:325:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->header = (char *)malloc(strlen(site->header)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:331:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->compressor = (char *)malloc(strlen(site->compressor)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:337:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((tmpsite->uuxargs = (char *)malloc(strlen(site->uuxargs)+1)) == NULL) { data/uucpsend-1.1/uucpsend.c:363:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tempo1, keep, (int)cp2 - (int)cp1); data/uucpsend-1.1/uucpsend.c:368:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tempo1[strlen(tempo1)-1] == DELIMITER) tempo1[strlen(tempo1)-1] = '\0'; data/uucpsend-1.1/uucpsend.c:368:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tempo1[strlen(tempo1)-1] == DELIMITER) tempo1[strlen(tempo1)-1] = '\0'; data/uucpsend-1.1/uucpsend.c:371:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp2 += strlen(site); data/uucpsend-1.1/uucpsend.c:376:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tempo1) > 0) { data/uucpsend-1.1/uucpsend.c:377:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tempo2) > 0) data/uucpsend-1.1/uucpsend.c:383:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(tempo2) > 0) data/uucpsend-1.1/uucpsend.c:417:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(keep) > 0) { data/uucpsend-1.1/uucpsend.c:420:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(site, keep, (int)cp - (int)cp2); data/uucpsend-1.1/uucpsend.c:598:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(arg_ctlappendix) > 0) { data/uucpsend-1.1/uucpsend.c:599:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(arg_sites) == 0) { data/uucpsend-1.1/uucpsend.c:608:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(arg_sites) > 0) { ANALYSIS SUMMARY: Hits = 104 Lines analyzed = 784 in approximately 0.04 seconds (21350 lines/second) Physical Source Lines of Code (SLOC) = 521 Hits@level = [0] 23 [1] 37 [2] 19 [3] 1 [4] 47 [5] 0 Hits@level+ = [0+] 127 [1+] 104 [2+] 67 [3+] 48 [4+] 47 [5+] 0 Hits/KSLOC@level+ = [0+] 243.762 [1+] 199.616 [2+] 128.599 [3+] 92.1305 [4+] 90.2111 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.