Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/xdiskusage-1.48/panels.C Examining data/xdiskusage-1.48/panels.H Examining data/xdiskusage-1.48/xdiskusage.C FINAL RESULTS: data/xdiskusage-1.48/xdiskusage.C:408:10: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. int r = readlink(pathbuf, p, 1024-(p-pathbuf)); data/xdiskusage-1.48/xdiskusage.C:77:13: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. FILE* f = popen(DF_COMMAND, "r"); data/xdiskusage-1.48/xdiskusage.C:128:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "@b;%s\t@n;%s %2d%% full", d->mount, formatk(d->total), pct); data/xdiskusage-1.48/xdiskusage.C:130:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "@b%s\t@r%s %2d%%", d->mount, formatk(d->total), pct); data/xdiskusage-1.48/xdiskusage.C:447:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "du -k%c \"%s\"", all_files ? 'a' : ' ', path); data/xdiskusage-1.48/xdiskusage.C:450:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buffer, DU_COMMAND"%c \"%s\"", all_files ? 'a' : ' ', path); data/xdiskusage-1.48/xdiskusage.C:452:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(buffer,"r"); data/xdiskusage-1.48/xdiskusage.C:601:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, child->name); data/xdiskusage-1.48/xdiskusage.C:875:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,n->name); data/xdiskusage-1.48/xdiskusage.C:891:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, d->current_node->name); data/xdiskusage-1.48/xdiskusage.C:1109:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. f = popen(print_command_input->value(), "w"); data/xdiskusage-1.48/xdiskusage.C:57:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[10]; data/xdiskusage-1.48/xdiskusage.C:58:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (k >= 1024*1024) sprintf(buffer,"%.4gGi",(double)k/(1024*1024)); data/xdiskusage-1.48/xdiskusage.C:59:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else if (k >= 1024) sprintf(buffer,"%.4gMi",(double)k/1024); data/xdiskusage-1.48/xdiskusage.C:60:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(buffer,"%.0fKi",(double)k); data/xdiskusage-1.48/xdiskusage.C:84:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/xdiskusage-1.48/xdiskusage.C:118:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/xdiskusage-1.48/xdiskusage.C:395:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/xdiskusage-1.48/xdiskusage.C:396:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathbuf[1024]; data/xdiskusage-1.48/xdiskusage.C:411:6: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(pathbuf, ": no such file"); data/xdiskusage-1.48/xdiskusage.C:431:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path, "r"); data/xdiskusage-1.48/xdiskusage.C:596:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/xdiskusage-1.48/xdiskusage.C:702:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/xdiskusage-1.48/xdiskusage.C:865:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/xdiskusage-1.48/xdiskusage.C:884:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/xdiskusage-1.48/xdiskusage.C:1107:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(print_file_input->value(), "w"); data/xdiskusage-1.48/xdiskusage.C:405:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pathbuf, path, 1024); data/xdiskusage-1.48/xdiskusage.C:505:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (buffer); data/xdiskusage-1.48/xdiskusage.C:512:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = getc (f); data/xdiskusage-1.48/xdiskusage.C:892:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Fl::selection(*d, buffer, strlen(buffer)); ANALYSIS SUMMARY: Hits = 30 Lines analyzed = 1359 in approximately 0.06 seconds (22679 lines/second) Physical Source Lines of Code (SLOC) = 1175 Hits@level = [0] 25 [1] 4 [2] 15 [3] 0 [4] 10 [5] 1 Hits@level+ = [0+] 55 [1+] 30 [2+] 26 [3+] 11 [4+] 11 [5+] 1 Hits/KSLOC@level+ = [0+] 46.8085 [1+] 25.5319 [2+] 22.1277 [3+] 9.3617 [4+] 9.3617 [5+] 0.851064 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.