Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/daemontools-0.76/daemontools-0.76/src/svscan.c Examining data/daemontools-0.76/daemontools-0.76/src/supervise.c Examining data/daemontools-0.76/daemontools-0.76/src/svc.c Examining data/daemontools-0.76/daemontools-0.76/src/svok.c Examining data/daemontools-0.76/daemontools-0.76/src/svstat.c Examining data/daemontools-0.76/daemontools-0.76/src/fghack.c Examining data/daemontools-0.76/daemontools-0.76/src/pgrphack.c Examining data/daemontools-0.76/daemontools-0.76/src/readproctitle.c Examining data/daemontools-0.76/daemontools-0.76/src/multilog.c Examining data/daemontools-0.76/daemontools-0.76/src/tai64n.c Examining data/daemontools-0.76/daemontools-0.76/src/tai64nlocal.c Examining data/daemontools-0.76/daemontools-0.76/src/softlimit.c Examining data/daemontools-0.76/daemontools-0.76/src/setuidgid.c Examining data/daemontools-0.76/daemontools-0.76/src/envuidgid.c Examining data/daemontools-0.76/daemontools-0.76/src/envdir.c Examining data/daemontools-0.76/daemontools-0.76/src/setlock.c Examining data/daemontools-0.76/daemontools-0.76/src/match.c Examining data/daemontools-0.76/daemontools-0.76/src/match.h Examining data/daemontools-0.76/daemontools-0.76/src/matchtest.c Examining data/daemontools-0.76/daemontools-0.76/src/timestamp.c Examining data/daemontools-0.76/daemontools-0.76/src/timestamp.h Examining data/daemontools-0.76/daemontools-0.76/src/deepsleep.c Examining data/daemontools-0.76/daemontools-0.76/src/deepsleep.h Examining data/daemontools-0.76/daemontools-0.76/src/trycpp.c Examining data/daemontools-0.76/daemontools-0.76/src/x86cpuid.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer.h Examining data/daemontools-0.76/daemontools-0.76/src/buffer.c Examining data/daemontools-0.76/daemontools-0.76/src/byte.h Examining data/daemontools-0.76/daemontools-0.76/src/str.h Examining data/daemontools-0.76/daemontools-0.76/src/str_len.c Examining data/daemontools-0.76/daemontools-0.76/src/byte_copy.c Examining data/daemontools-0.76/daemontools-0.76/src/byte_cr.c Examining data/daemontools-0.76/daemontools-0.76/src/error.h Examining data/daemontools-0.76/daemontools-0.76/src/error.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_put.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_read.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_write.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_1.c Examining data/daemontools-0.76/daemontools-0.76/src/trydrent.c Examining data/daemontools-0.76/daemontools-0.76/src/strerr.h Examining data/daemontools-0.76/daemontools-0.76/src/error_str.c Examining data/daemontools-0.76/daemontools-0.76/src/strerr_sys.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_2.c Examining data/daemontools-0.76/daemontools-0.76/src/strerr_die.c Examining data/daemontools-0.76/daemontools-0.76/src/wait.h Examining data/daemontools-0.76/daemontools-0.76/src/trywaitp.c Examining data/daemontools-0.76/daemontools-0.76/src/wait_pid.c Examining data/daemontools-0.76/daemontools-0.76/src/coe.h Examining data/daemontools-0.76/daemontools-0.76/src/coe.c Examining data/daemontools-0.76/daemontools-0.76/src/fd.h Examining data/daemontools-0.76/daemontools-0.76/src/fd_copy.c Examining data/daemontools-0.76/daemontools-0.76/src/fd_move.c Examining data/daemontools-0.76/daemontools-0.76/src/str_start.c Examining data/daemontools-0.76/daemontools-0.76/src/env.h Examining data/daemontools-0.76/daemontools-0.76/src/env.c Examining data/daemontools-0.76/daemontools-0.76/src/alloc.h Examining data/daemontools-0.76/daemontools-0.76/src/alloc.c Examining data/daemontools-0.76/daemontools-0.76/src/alloc_re.c Examining data/daemontools-0.76/daemontools-0.76/src/gen_alloc.h Examining data/daemontools-0.76/daemontools-0.76/src/gen_allocdefs.h Examining data/daemontools-0.76/daemontools-0.76/src/stralloc.h Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_eady.c Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_opyb.c Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_catb.c Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_cats.c Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_pend.c Examining data/daemontools-0.76/daemontools-0.76/src/str_chr.c Examining data/daemontools-0.76/daemontools-0.76/src/pathexec.h Examining data/daemontools-0.76/daemontools-0.76/src/pathexec_run.c Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_opys.c Examining data/daemontools-0.76/daemontools-0.76/src/stralloc_cat.c Examining data/daemontools-0.76/daemontools-0.76/src/byte_diff.c Examining data/daemontools-0.76/daemontools-0.76/src/pathexec_env.c Examining data/daemontools-0.76/daemontools-0.76/src/wait_nohang.c Examining data/daemontools-0.76/daemontools-0.76/src/sig.h Examining data/daemontools-0.76/daemontools-0.76/src/sig.c Examining data/daemontools-0.76/daemontools-0.76/src/sig_block.c Examining data/daemontools-0.76/daemontools-0.76/src/sig_catch.c Examining data/daemontools-0.76/daemontools-0.76/src/sig_pause.c Examining data/daemontools-0.76/daemontools-0.76/src/trysgact.c Examining data/daemontools-0.76/daemontools-0.76/src/trysgprm.c Examining data/daemontools-0.76/daemontools-0.76/src/trysysel.c Examining data/daemontools-0.76/daemontools-0.76/src/tryulong64.c Examining data/daemontools-0.76/daemontools-0.76/src/tai.h Examining data/daemontools-0.76/daemontools-0.76/src/taia.h Examining data/daemontools-0.76/daemontools-0.76/src/taia_now.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_sub.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_less.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_frac.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_approx.c Examining data/daemontools-0.76/daemontools-0.76/src/iopause.c Examining data/daemontools-0.76/daemontools-0.76/src/trypoll.c Examining data/daemontools-0.76/daemontools-0.76/src/fifo.h Examining data/daemontools-0.76/daemontools-0.76/src/fifo.c Examining data/daemontools-0.76/daemontools-0.76/src/trymkffo.c Examining data/daemontools-0.76/daemontools-0.76/src/open.h Examining data/daemontools-0.76/daemontools-0.76/src/open_read.c Examining data/daemontools-0.76/daemontools-0.76/src/open_write.c Examining data/daemontools-0.76/daemontools-0.76/src/open_append.c Examining data/daemontools-0.76/daemontools-0.76/src/lock.h Examining data/daemontools-0.76/daemontools-0.76/src/tryflock.c Examining data/daemontools-0.76/daemontools-0.76/src/lock_exnb.c Examining data/daemontools-0.76/daemontools-0.76/src/lock_ex.c Examining data/daemontools-0.76/daemontools-0.76/src/ndelay.h Examining data/daemontools-0.76/daemontools-0.76/src/ndelay_on.c Examining data/daemontools-0.76/daemontools-0.76/src/ndelay_off.c Examining data/daemontools-0.76/daemontools-0.76/src/tai_pack.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_pack.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_add.c Examining data/daemontools-0.76/daemontools-0.76/src/open_trunc.c Examining data/daemontools-0.76/daemontools-0.76/src/taia_uint.c Examining data/daemontools-0.76/daemontools-0.76/src/subgetopt.h Examining data/daemontools-0.76/daemontools-0.76/src/subgetopt.c Examining data/daemontools-0.76/daemontools-0.76/src/sgetopt.h Examining data/daemontools-0.76/daemontools-0.76/src/sgetopt.c Examining data/daemontools-0.76/daemontools-0.76/src/byte_chr.c Examining data/daemontools-0.76/daemontools-0.76/src/fmt.h Examining data/daemontools-0.76/daemontools-0.76/src/scan.h Examining data/daemontools-0.76/daemontools-0.76/src/fmt_ulong.c Examining data/daemontools-0.76/daemontools-0.76/src/fmt_uint.c Examining data/daemontools-0.76/daemontools-0.76/src/fmt_uint0.c Examining data/daemontools-0.76/daemontools-0.76/src/tai_unpack.c Examining data/daemontools-0.76/daemontools-0.76/src/tai_now.c Examining data/daemontools-0.76/daemontools-0.76/src/tai_sub.c Examining data/daemontools-0.76/daemontools-0.76/src/seek.h Examining data/daemontools-0.76/daemontools-0.76/src/seek_set.c Examining data/daemontools-0.76/daemontools-0.76/src/str_diff.c Examining data/daemontools-0.76/daemontools-0.76/src/byte_rchr.c Examining data/daemontools-0.76/daemontools-0.76/src/scan_ulong.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_get.c Examining data/daemontools-0.76/daemontools-0.76/src/buffer_0.c Examining data/daemontools-0.76/daemontools-0.76/src/prot.h Examining data/daemontools-0.76/daemontools-0.76/src/prot.c Examining data/daemontools-0.76/daemontools-0.76/src/chkshsgr.c Examining data/daemontools-0.76/daemontools-0.76/src/tryshsgr.c Examining data/daemontools-0.76/daemontools-0.76/src/readclose.h Examining data/daemontools-0.76/daemontools-0.76/src/readclose.c Examining data/daemontools-0.76/daemontools-0.76/src/openreadclose.h Examining data/daemontools-0.76/daemontools-0.76/src/openreadclose.c FINAL RESULTS: data/daemontools-0.76/daemontools-0.76/src/multilog.c:225:10: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. while (chmod("previous",0744) == -1) data/daemontools-0.76/daemontools-0.76/src/setlock.c:23:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc,argv,"nNxX")) != opteof) data/daemontools-0.76/daemontools-0.76/src/sgetopt.c:21:9: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt sgetoptmine data/daemontools-0.76/daemontools-0.76/src/sgetopt.c:30:5: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int getopt(int argc,const char *const *argv,const char *opts) data/daemontools-0.76/daemontools-0.76/src/sgetopt.h:7:9: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. #define getopt sgetoptmine data/daemontools-0.76/daemontools-0.76/src/softlimit.c:43:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc,argv,"a:c:d:f:l:m:o:p:r:s:t:")) != opteof) data/daemontools-0.76/daemontools-0.76/src/svc.c:30:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc,argv,"udopchaitkx")) != opteof) data/daemontools-0.76/daemontools-0.76/src/alloc.c:10:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef union { char irrelevant[ALIGNMENT]; double d; } aligned; data/daemontools-0.76/daemontools-0.76/src/buffer_0.c:11:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer_0_space[BUFFER_INSIZE]; data/daemontools-0.76/daemontools-0.76/src/buffer_1.c:5:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer_1_space[BUFFER_OUTSIZE]; data/daemontools-0.76/daemontools-0.76/src/buffer_2.c:5:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer_2_space[256]; data/daemontools-0.76/daemontools-0.76/src/envuidgid.c:14:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strnum[FMT_ULONG]; data/daemontools-0.76/daemontools-0.76/src/multilog.c:73:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/daemontools-0.76/daemontools-0.76/src/multilog.c:87:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[40]; data/daemontools-0.76/daemontools-0.76/src/multilog.c:175:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *args[4]; data/daemontools-0.76/daemontools-0.76/src/multilog.c:480:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[1024]; data/daemontools-0.76/daemontools-0.76/src/multilog.c:483:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1001]; data/daemontools-0.76/daemontools-0.76/src/open_append.c:8:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). { return open(fn,O_WRONLY | O_NDELAY | O_APPEND | O_CREAT,0600); } data/daemontools-0.76/daemontools-0.76/src/open_read.c:8:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). { return open(fn,O_RDONLY | O_NDELAY); } data/daemontools-0.76/daemontools-0.76/src/open_trunc.c:8:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). { return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); } data/daemontools-0.76/daemontools-0.76/src/open_write.c:8:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). { return open(fn,O_WRONLY | O_NDELAY); } data/daemontools-0.76/daemontools-0.76/src/sgetopt.c:43:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chp[2]; chp[0] = optproblem; chp[1] = '\n'; data/daemontools-0.76/daemontools-0.76/src/supervise.c:35:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status[18]; data/daemontools-0.76/daemontools-0.76/src/supervise.c:87:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *run[2] = { "./run", 0 }; data/daemontools-0.76/daemontools-0.76/src/svc.c:15:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[20]; data/daemontools-0.76/daemontools-0.76/src/svc.c:18:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bspace[1]; data/daemontools-0.76/daemontools-0.76/src/svscan.c:31:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fnlog[260]; data/daemontools-0.76/daemontools-0.76/src/svscan.c:39:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *args[3]; data/daemontools-0.76/daemontools-0.76/src/svstat.c:14:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bspace[1024]; data/daemontools-0.76/daemontools-0.76/src/svstat.c:17:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char status[18]; data/daemontools-0.76/daemontools-0.76/src/svstat.c:18:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strnum[FMT_ULONG]; data/daemontools-0.76/daemontools-0.76/src/tai64n.c:13:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outbuf[2048]; data/daemontools-0.76/daemontools-0.76/src/tai64n.c:25:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[1024]; data/daemontools-0.76/daemontools-0.76/src/tai64n.c:28:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stamp[TIMESTAMP + 1]; data/daemontools-0.76/daemontools-0.76/src/tai64nlocal.c:8:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[FMT_ULONG]; data/daemontools-0.76/daemontools-0.76/src/timestamp.c:4:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char hex[16] = "0123456789abcdef"; data/daemontools-0.76/daemontools-0.76/src/timestamp.c:6:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void timestamp(char s[TIMESTAMP]) data/daemontools-0.76/daemontools-0.76/src/timestamp.c:9:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nowpack[TAIA_PACK]; data/daemontools-0.76/daemontools-0.76/src/trypoll.c:11:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). x.fd = open("trypoll.c",O_RDONLY); data/daemontools-0.76/daemontools-0.76/src/buffer_read.c:8:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read(fd,buf,len); data/daemontools-0.76/daemontools-0.76/src/multilog.c:470:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(fd,buf,len); data/daemontools-0.76/daemontools-0.76/src/multilog.c:599:3: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(022); data/daemontools-0.76/daemontools-0.76/src/readclose.c:12:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd,sa->s + sa->len,bufsize); data/daemontools-0.76/daemontools-0.76/src/readproctitle.c:18:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). switch(read(0,&ch,1)) { data/daemontools-0.76/daemontools-0.76/src/supervise.c:139:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(selfpipe[0],&ch,1) == 1) data/daemontools-0.76/daemontools-0.76/src/supervise.c:156:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fdcontrol,&ch,1) == 1) ANALYSIS SUMMARY: Hits = 46 Lines analyzed = 4630 in approximately 0.16 seconds (29484 lines/second) Physical Source Lines of Code (SLOC) = 3750 Hits@level = [0] 3 [1] 7 [2] 32 [3] 6 [4] 0 [5] 1 Hits@level+ = [0+] 49 [1+] 46 [2+] 39 [3+] 7 [4+] 1 [5+] 1 Hits/KSLOC@level+ = [0+] 13.0667 [1+] 12.2667 [2+] 10.4 [3+] 1.86667 [4+] 0.266667 [5+] 0.266667 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.