Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/virtualpg-2.0.1/virtualpg.c
Examining data/virtualpg-2.0.1/virtualpg.h
FINAL RESULTS:
data/virtualpg-2.0.1/virtualpg.c:306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (new_buf, buf->Buffer);
data/virtualpg-2.0.1/virtualpg.c:312:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf->Buffer + buf->WriteOffset, payload);
data/virtualpg-2.0.1/virtualpg.c:847:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (clean, value);
data/virtualpg-2.0.1/virtualpg.c:1552:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->pg_schema, pg_schema);
data/virtualpg-2.0.1/virtualpg.c:1555:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->pg_table, pg_table);
data/virtualpg-2.0.1/virtualpg.c:1591:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Column + r), col_name);
data/virtualpg-2.0.1/virtualpg.c:1594:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Type + r), col_type);
data/virtualpg-2.0.1/virtualpg.c:1734:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->pg_schema, pg_schema);
data/virtualpg-2.0.1/virtualpg.c:1737:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_vt->pg_table, pg_table);
data/virtualpg-2.0.1/virtualpg.c:1767:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Column + r), col_name);
data/virtualpg-2.0.1/virtualpg.c:1770:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->Type + r), col_type);
data/virtualpg-2.0.1/virtualpg.c:1974:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*(p_vt->PKstrings + k), value);
data/virtualpg-2.0.1/virtualpg.c:651:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (p->Text, value, size);
data/virtualpg-2.0.1/virtualpg.c:973:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1024];
data/virtualpg-2.0.1/virtualpg.c:1011:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%I64d", sqlite3_value_int64 (argv[c]));
data/virtualpg-2.0.1/virtualpg.c:1013:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", sqlite3_value_int64 (argv[c]));
data/virtualpg-2.0.1/virtualpg.c:1077:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)
data/virtualpg-2.0.1/virtualpg.c:1122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1024];
data/virtualpg-2.0.1/virtualpg.c:1161:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%I64d", sqlite3_value_int64 (argv[c2]));
data/virtualpg-2.0.1/virtualpg.c:1163:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dummy, "%lld", sqlite3_value_int64 (argv[c2]));
data/virtualpg-2.0.1/virtualpg.c:1227:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *)
data/virtualpg-2.0.1/virtualpg.c:1409:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi (vpgPQgetvalue (res, 0, 0));
data/virtualpg-2.0.1/virtualpg.c:1450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/virtualpg-2.0.1/virtualpg.c:1478:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
vtable = vpgDequoted ((char *) argv[2]);
data/virtualpg-2.0.1/virtualpg.c:1479:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
conninfo = vpgDequoted ((char *) argv[3]);
data/virtualpg-2.0.1/virtualpg.c:1480:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pg_schema = vpgDequoted ((char *) argv[4]);
data/virtualpg-2.0.1/virtualpg.c:1481:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pg_table = vpgDequoted ((char *) argv[5]);
data/virtualpg-2.0.1/virtualpg.c:1485:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *wr = vpgDequoted ((char *) argv[6]);
data/virtualpg-2.0.1/virtualpg.c:1493:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *julian = vpgDequoted ((char *) argv[7]);
data/virtualpg-2.0.1/virtualpg.c:1581:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_size = atoi (vpgPQgetvalue (res, r, 2));
data/virtualpg-2.0.1/virtualpg.c:1649:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (prefix, ", ");
data/virtualpg-2.0.1/virtualpg.c:283:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen (payload);
data/virtualpg-2.0.1/virtualpg.c:398:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = (strlen (value) - 1); i >= 0; i--)
data/virtualpg-2.0.1/virtualpg.c:641:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen (value);
data/virtualpg-2.0.1/virtualpg.c:663:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db, sql, strlen (sql), &stmt, NULL);
data/virtualpg-2.0.1/virtualpg.c:674:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sqlite3_bind_text (stmt, 1, value, strlen (value), SQLITE_STATIC);
data/virtualpg-2.0.1/virtualpg.c:700:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db, sql, strlen (sql), &stmt, NULL);
data/virtualpg-2.0.1/virtualpg.c:740:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db, sql, strlen (sql), &stmt, NULL);
data/virtualpg-2.0.1/virtualpg.c:780:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = sqlite3_prepare_v2 (db, sql, strlen (sql), &stmt, NULL);
data/virtualpg-2.0.1/virtualpg.c:838:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
data/virtualpg-2.0.1/virtualpg.c:1550:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pg_schema);
data/virtualpg-2.0.1/virtualpg.c:1553:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pg_table);
data/virtualpg-2.0.1/virtualpg.c:1589:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/virtualpg-2.0.1/virtualpg.c:1592:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_type);
data/virtualpg-2.0.1/virtualpg.c:1647:8: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (prefix, "(");
data/virtualpg-2.0.1/virtualpg.c:1732:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pg_schema);
data/virtualpg-2.0.1/virtualpg.c:1735:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pg_table);
data/virtualpg-2.0.1/virtualpg.c:1765:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_name);
data/virtualpg-2.0.1/virtualpg.c:1768:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (col_type);
data/virtualpg-2.0.1/virtualpg.c:1972:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (value);
ANALYSIS SUMMARY:
Hits = 50
Lines analyzed = 2510 in approximately 0.09 seconds (27991 lines/second)
Physical Source Lines of Code (SLOC) = 2071
Hits@level = [0] 0 [1] 19 [2] 19 [3] 0 [4] 12 [5] 0
Hits@level+ = [0+] 50 [1+] 50 [2+] 31 [3+] 12 [4+] 12 [5+] 0
Hits/KSLOC@level+ = [0+] 24.1429 [1+] 24.1429 [2+] 14.9686 [3+] 5.7943 [4+] 5.7943 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.