Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cbootimage-1.8/src/aes_ref.c
Examining data/cbootimage-1.8/src/bct_dump.c
Examining data/cbootimage-1.8/src/cbootimage.c
Examining data/cbootimage-1.8/src/cbootimage.h
Examining data/cbootimage-1.8/src/context.c
Examining data/cbootimage-1.8/src/context.h
Examining data/cbootimage-1.8/src/crypto.c
Examining data/cbootimage-1.8/src/crypto.h
Examining data/cbootimage-1.8/src/data_layout.c
Examining data/cbootimage-1.8/src/data_layout.h
Examining data/cbootimage-1.8/src/nvaes_ref.h
Examining data/cbootimage-1.8/src/parse.c
Examining data/cbootimage-1.8/src/parse.h
Examining data/cbootimage-1.8/src/set.c
Examining data/cbootimage-1.8/src/set.h
Examining data/cbootimage-1.8/src/t114/nvbctlib_t114.c
Examining data/cbootimage-1.8/src/t114/nvboot_bct_t114.h
Examining data/cbootimage-1.8/src/t114/nvboot_sdram_param_t114.h
Examining data/cbootimage-1.8/src/t114/parse_t114.c
Examining data/cbootimage-1.8/src/t124/nvbctlib_t124.c
Examining data/cbootimage-1.8/src/t124/nvboot_bct_t124.h
Examining data/cbootimage-1.8/src/t124/nvboot_sdram_param_t124.h
Examining data/cbootimage-1.8/src/t124/parse_t124.c
Examining data/cbootimage-1.8/src/t132/nvbctlib_t132.c
Examining data/cbootimage-1.8/src/t132/nvboot_bct_t132.h
Examining data/cbootimage-1.8/src/t132/nvboot_sdram_param_t132.h
Examining data/cbootimage-1.8/src/t132/parse_t132.c
Examining data/cbootimage-1.8/src/t20/nvbctlib_t20.c
Examining data/cbootimage-1.8/src/t20/nvboot_bct_t20.h
Examining data/cbootimage-1.8/src/t20/nvboot_sdram_param_t20.h
Examining data/cbootimage-1.8/src/t20/parse_t20.c
Examining data/cbootimage-1.8/src/t210/nvbctlib_t210.c
Examining data/cbootimage-1.8/src/t210/nvboot_bct_t210.h
Examining data/cbootimage-1.8/src/t210/nvboot_sdram_param_t210.h
Examining data/cbootimage-1.8/src/t210/parse_t210.c
Examining data/cbootimage-1.8/src/t30/nvbctlib_t30.c
Examining data/cbootimage-1.8/src/t30/nvboot_bct_t30.h
Examining data/cbootimage-1.8/src/t30/nvboot_sdram_param_t30.h
Examining data/cbootimage-1.8/src/t30/parse_t30.c
FINAL RESULTS:
data/cbootimage-1.8/src/cbootimage.c:96:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "hdg:t:o:s:u", cbootcmd, NULL)) != -1) {
data/cbootimage-1.8/src/aes_ref.c:247:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (state, tmp, sizeof(tmp));
data/cbootimage-1.8/src/aes_ref.c:276:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(expkey, key, NVAES_KEYCOLS * 4);
data/cbootimage-1.8/src/aes_ref.c:312:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state, in, NVAES_STATECOLS * 4);
data/cbootimage-1.8/src/aes_ref.c:325:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, state, sizeof(state));
data/cbootimage-1.8/src/bct_dump.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid_str[35] = "0x";
data/cbootimage-1.8/src/bct_dump.c:115:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%02x", uid[byte_index]);
data/cbootimage-1.8/src/cbootimage.c:163:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
context->config_file = fopen(argv[optind++], "r");
data/cbootimage-1.8/src/cbootimage.c:221:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
context.raw_file = fopen(context.output_image_filename, "w+");
data/cbootimage-1.8/src/data_layout.c:230:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(page_ptr, data, context->page_size);
data/cbootimage-1.8/src/data_layout.c:284:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, context->bct, context->bct_size);
data/cbootimage-1.8/src/data_layout.c:605:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, image_storage, image_actual_size);
data/cbootimage-1.8/src/data_layout.c:791:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->bct, bct_storage, context->bct_size);
data/cbootimage-1.8/src/data_layout.c:1051:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(context->input_image_filename, "r");
data/cbootimage-1.8/src/data_layout.c:1108:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, image, image_actual_size);
data/cbootimage-1.8/src/parse.c:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte_str[3];
data/cbootimage-1.8/src/parse.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_state[MAX_STR_LEN];
data/cbootimage-1.8/src/parse.c:448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e_state[MAX_STR_LEN];
data/cbootimage-1.8/src/parse.c:503:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:675:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_BUFFER];
data/cbootimage-1.8/src/parse.c:885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_BUFFER];
data/cbootimage-1.8/src/set.c:56:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/cbootimage-1.8/src/set.c:300:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->unique_chip_id, value, 16);
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->id), size); \
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:90:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->id), data, size); \
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:871:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:906:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:964:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t114/nvbctlib_t114.c:1057:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash) );
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->id), size); \
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->id), data, size); \
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:877:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:918:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:977:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:983:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->unique_chip_id), sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:1086:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t124/nvbctlib_t124.c:1132:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash));
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->id), size); \
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->id), data, size); \
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:886:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:921:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:987:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->unique_chip_id), sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:1063:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t132/nvbctlib_t132.c:1093:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash));
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->id), size); \
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:90:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->id), data, size); \
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:460:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t20/nvbctlib_t20.c:495:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->bootloader[set].crypto_hash),
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->id), size); \
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->id), data, size); \
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2034:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2075:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->bootloader[set].signature.crypto_hash),
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2132:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->unique_chip_id), sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2242:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bct_ptr->unique_chip_id, data, sizeof(nvboot_ecid));
data/cbootimage-1.8/src/t210/nvbctlib_t210.c:2288:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bct_ptr->signature.crypto_hash, data, sizeof(nvboot_hash));
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:83:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &(bct_ptr->id), size); \
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:90:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->id), data, size); \
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:667:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data,
data/cbootimage-1.8/src/t30/nvbctlib_t30.c:702:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bct_ptr->bootloader[set].crypto_hash),
data/cbootimage-1.8/src/bct_dump.c:169:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(table[i].name);
data/cbootimage-1.8/src/parse.c:210:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
paddings = strlen(str) % 2;
data/cbootimage-1.8/src/parse.c:211:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
byte_index = strlen(str) / 2 + paddings;
data/cbootimage-1.8/src/parse.c:221:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(byte_str, str, 2 - paddings);
data/cbootimage-1.8/src/parse.c:291:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(field_table[i].name) == field_name_len) &&
data/cbootimage-1.8/src/parse.c:370:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(table[i].name))) {
data/cbootimage-1.8/src/parse.c:372:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rest = str + strlen(table[i].name);
data/cbootimage-1.8/src/parse.c:428:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(e_state, "Complete", strlen("Complete")))
data/cbootimage-1.8/src/parse.c:483:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(e_state, "Complete", strlen("Complete")))
data/cbootimage-1.8/src/parse.c:754:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rest, strlen(g_soc_config->device_type_table[i].prefix))) {
data/cbootimage-1.8/src/parse.c:757:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rest = rest + strlen(g_soc_config->device_type_table[i].prefix);
data/cbootimage-1.8/src/parse.c:864:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cfg_parse_item[i].prefix))) {
data/cbootimage-1.8/src/parse.c:865:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rest = str + strlen(cfg_parse_item[i].prefix);
data/cbootimage-1.8/src/parse.c:896:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((current = fgetc(context->config_file)) != EOF) {
ANALYSIS SUMMARY:
Hits = 77
Lines analyzed = 22571 in approximately 0.57 seconds (39748 lines/second)
Physical Source Lines of Code (SLOC) = 14830
Hits@level = [0] 126 [1] 14 [2] 62 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 203 [1+] 77 [2+] 63 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 13.6885 [1+] 5.19218 [2+] 4.24815 [3+] 0.0674309 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.