Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/acpid-2.0.32/acpid.h
Examining data/acpid-2.0.32/inotify_handler.h
Examining data/acpid-2.0.32/acpi_genetlink.h
Examining data/acpid-2.0.32/log.h
Examining data/acpid-2.0.32/input_layer.h
Examining data/acpid-2.0.32/log.c
Examining data/acpid-2.0.32/connection_list.c
Examining data/acpid-2.0.32/netlink.h
Examining data/acpid-2.0.32/input_layer.c
Examining data/acpid-2.0.32/acpi_ids.h
Examining data/acpid-2.0.32/libc_compat.h
Examining data/acpid-2.0.32/acpid.c
Examining data/acpid-2.0.32/sock.c
Examining data/acpid-2.0.32/proc.h
Examining data/acpid-2.0.32/event.c
Examining data/acpid-2.0.32/acpi_ids.c
Examining data/acpid-2.0.32/ud_socket.c
Examining data/acpid-2.0.32/config.h
Examining data/acpid-2.0.32/inotify_handler.c
Examining data/acpid-2.0.32/netlink.c
Examining data/acpid-2.0.32/event.h
Examining data/acpid-2.0.32/libnetlink.c
Examining data/acpid-2.0.32/ud_socket.h
Examining data/acpid-2.0.32/acpi_listen.c
Examining data/acpid-2.0.32/connection_list.h
Examining data/acpid-2.0.32/proc.c
Examining data/acpid-2.0.32/kacpimon/acpi_genetlink.h
Examining data/acpid-2.0.32/kacpimon/input_layer.h
Examining data/acpid-2.0.32/kacpimon/connection_list.c
Examining data/acpid-2.0.32/kacpimon/netlink.h
Examining data/acpid-2.0.32/kacpimon/input_layer.c
Examining data/acpid-2.0.32/kacpimon/acpi_ids.h
Examining data/acpid-2.0.32/kacpimon/libc_compat.h
Examining data/acpid-2.0.32/kacpimon/acpi_ids.c
Examining data/acpid-2.0.32/kacpimon/netlink.c
Examining data/acpid-2.0.32/kacpimon/kacpimon.h
Examining data/acpid-2.0.32/kacpimon/libnetlink.c
Examining data/acpid-2.0.32/kacpimon/connection_list.h
Examining data/acpid-2.0.32/kacpimon/libnetlink.h
Examining data/acpid-2.0.32/kacpimon/genetlink.h
Examining data/acpid-2.0.32/kacpimon/kacpimon.c
Examining data/acpid-2.0.32/libnetlink.h
Examining data/acpid-2.0.32/genetlink.h
Examining data/acpid-2.0.32/sock.h
FINAL RESULTS:
data/acpid-2.0.32/sock.c:152:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(socketfile, buf.st_uid, gr->gr_gid) < 0) {
data/acpid-2.0.32/acpi_listen.c:182:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(PACKAGE "-" VERSION "\n");
data/acpid-2.0.32/acpid.c:295:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(PACKAGE "-" VERSION "\n");
data/acpid-2.0.32/event.c:690:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "/bin/sh", "-c", action, NULL);
data/acpid-2.0.32/inotify_handler.c:83:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(devname, ACPID_INPUTLAYERDIR);
data/acpid-2.0.32/input_layer.c:357:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str2, str);
data/acpid-2.0.32/input_layer.c:458:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c.pathname, filename);
data/acpid-2.0.32/log.c:34:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)))
data/acpid-2.0.32/log.c:43:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/acpid-2.0.32/log.h:35:77: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int acpid_log(int level, const char *fmt, ...) __attribute__((format(printf,2,3)));
data/acpid-2.0.32/ud_socket.c:125:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(addr.sun_path, "%s", name);
data/acpid-2.0.32/acpi_listen.c:159:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
i = getopt_long(*argc, *argv, "c:s:t:vh", opts, NULL);
data/acpid-2.0.32/acpid.c:243:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
i = getopt_long(*argc, *argv,
data/acpid-2.0.32/acpi_genetlink.h:7:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_class[20];
data/acpid-2.0.32/acpi_genetlink.h:8:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bus_id[15];
data/acpid-2.0.32/acpi_ids.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ghdr, NLMSG_DATA(n), GENL_HDRLEN);
data/acpid-2.0.32/acpi_ids.c:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096]; /* ??? Is this big enough for all cases? */
data/acpid-2.0.32/acpi_ids.c:194:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(NLMSG_DATA(&req.n), &ghdr, GENL_HDRLEN);
data/acpid-2.0.32/acpi_listen.c:67:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
progname = (const char *)strrchr(argv[0], '/');
data/acpid-2.0.32/acpi_listen.c:169:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_events = atoi(optarg);
data/acpid-2.0.32/acpi_listen.c:179:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
alarm(atoi(optarg));
data/acpid-2.0.32/acpid.c:72:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
progname = (const char *)strrchr(argv[0], '/');
data/acpid-2.0.32/acpid.c:402:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nullfd = open("/dev/null", O_RDWR);
data/acpid-2.0.32/acpid.c:442:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pidfile, O_WRONLY|O_CREAT|O_EXCL, 0644);
data/acpid-2.0.32/event.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/acpid-2.0.32/event.c:287:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[64];
data/acpid-2.0.32/event.c:288:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[512];
data/acpid-2.0.32/event.c:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[128];
data/acpid-2.0.32/event.c:415:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/acpid-2.0.32/event.c:784:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/acpid-2.0.32/inotify_handler.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventbuf[sizeof(struct inotify_event) + NAME_MAX + 1];
data/acpid-2.0.32/inotify_handler.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[dnsize];
data/acpid-2.0.32/input_layer.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[100];
data/acpid-2.0.32/input_layer.c:358:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str2, " K");
data/acpid-2.0.32/input_layer.c:434:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY | O_NONBLOCK | O_CLOEXEC);
data/acpid-2.0.32/input_layer.c:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char evname[256];
data/acpid-2.0.32/input_layer.c:446:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(evname, "Unknown");
data/acpid-2.0.32/kacpimon/acpi_genetlink.h:7:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_class[20];
data/acpid-2.0.32/kacpimon/acpi_genetlink.h:8:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bus_id[15];
data/acpid-2.0.32/kacpimon/acpi_ids.c:114:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ghdr, NLMSG_DATA(n), GENL_HDRLEN);
data/acpid-2.0.32/kacpimon/acpi_ids.c:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096]; /* ??? Is this big enough for all cases? */
data/acpid-2.0.32/kacpimon/acpi_ids.c:191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(NLMSG_DATA(&req.n), &ghdr, GENL_HDRLEN);
data/acpid-2.0.32/kacpimon/input_layer.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char evname[256];
data/acpid-2.0.32/kacpimon/input_layer.c:126:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY | O_NONBLOCK);
data/acpid-2.0.32/kacpimon/input_layer.c:129:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(evname, "Unknown");
data/acpid-2.0.32/kacpimon/kacpimon.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[buffsize];
data/acpid-2.0.32/kacpimon/kacpimon.c:94:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY | O_NONBLOCK);
data/acpid-2.0.32/kacpimon/libnetlink.c:166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/acpid-2.0.32/kacpimon/libnetlink.c:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/acpid-2.0.32/kacpimon/libnetlink.c:325:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/acpid-2.0.32/kacpimon/libnetlink.c:333:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/acpid-2.0.32/kacpimon/libnetlink.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/acpid-2.0.32/kacpimon/libnetlink.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/acpid-2.0.32/kacpimon/libnetlink.c:486:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &data, 4);
data/acpid-2.0.32/kacpimon/libnetlink.c:504:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), data, alen);
data/acpid-2.0.32/kacpimon/libnetlink.c:516:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(NLMSG_TAIL(n), data, len);
data/acpid-2.0.32/kacpimon/libnetlink.c:534:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), &data, 4);
data/acpid-2.0.32/kacpimon/libnetlink.c:552:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), data, alen);
data/acpid-2.0.32/kacpimon/netlink.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/acpid-2.0.32/libnetlink.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/acpid-2.0.32/libnetlink.c:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/acpid-2.0.32/libnetlink.c:327:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/acpid-2.0.32/libnetlink.c:335:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/acpid-2.0.32/libnetlink.c:369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/acpid-2.0.32/libnetlink.c:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/acpid-2.0.32/libnetlink.c:488:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), &data, 4);
data/acpid-2.0.32/libnetlink.c:506:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), data, alen);
data/acpid-2.0.32/libnetlink.c:518:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(NLMSG_TAIL(n), data, len);
data/acpid-2.0.32/libnetlink.c:536:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), &data, 4);
data/acpid-2.0.32/libnetlink.c:554:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(subrta), data, alen);
data/acpid-2.0.32/netlink.c:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/acpid-2.0.32/netlink.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/acpid-2.0.32/proc.c:94:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(eventfile, O_RDONLY | O_CLOEXEC);
data/acpid-2.0.32/proc.c:130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFLEN];
data/acpid-2.0.32/acpi_ids.c:198:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
family_name, strlen(family_name) + 1);
data/acpid-2.0.32/acpi_listen.c:138:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(opt->name);
data/acpid-2.0.32/acpi_listen.c:144:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(opt->name);
data/acpid-2.0.32/acpi_listen.c:220:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = TEMP_FAILURE_RETRY (read(fd, buf+i, 1) );
data/acpid-2.0.32/acpid.c:302:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(opt->name);
data/acpid-2.0.32/acpid.c:311:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(opt->name);
data/acpid-2.0.32/acpid.c:366:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/acpid-2.0.32/event.c:689:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0077);
data/acpid-2.0.32/event.c:728:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = safe_write(client, event, strlen(event));
data/acpid-2.0.32/inotify_handler.c:52:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read(fd, &eventbuf, sizeof(eventbuf));
data/acpid-2.0.32/inotify_handler.c:84:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(devname, "/");
data/acpid-2.0.32/inotify_handler.c:85:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(devname, curevent->name, dnsize - strlen(devname) - 1);
data/acpid-2.0.32/inotify_handler.c:85:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(devname, curevent->name, dnsize - strlen(devname) - 1);
data/acpid-2.0.32/input_layer.c:301:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = TEMP_FAILURE_RETRY ( read(fd, &event, sizeof(event)) );
data/acpid-2.0.32/input_layer.c:456:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c.pathname = malloc(strlen(filename) + 1);
data/acpid-2.0.32/kacpimon/acpi_ids.c:195:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
family_name, strlen(family_name) + 1);
data/acpid-2.0.32/kacpimon/input_layer.c:56:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(fd, &event, sizeof(event));
data/acpid-2.0.32/kacpimon/kacpimon.c:71:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbytes = read(fd, buffer, buffsize - 1);
data/acpid-2.0.32/proc.c:140:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = TEMP_FAILURE_RETRY(read(fd, buf+i, 1));
data/acpid-2.0.32/proc.c:194:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(fd, buf+i, 1);
data/acpid-2.0.32/ud_socket.c:51:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/acpid-2.0.32/ud_socket.c:63:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(uds_addr.sun_path, name, sizeof(uds_addr.sun_path) - 1);
ANALYSIS SUMMARY:
Hits = 96
Lines analyzed = 6999 in approximately 0.21 seconds (33188 lines/second)
Physical Source Lines of Code (SLOC) = 4487
Hits@level = [0] 140 [1] 22 [2] 61 [3] 2 [4] 10 [5] 1
Hits@level+ = [0+] 236 [1+] 96 [2+] 74 [3+] 13 [4+] 11 [5+] 1
Hits/KSLOC@level+ = [0+] 52.5964 [1+] 21.3951 [2+] 16.4921 [3+] 2.89726 [4+] 2.45153 [5+] 0.222866
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.