Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dbeacon-0.4.0/dbeacon_posix.cpp
Examining data/dbeacon-0.4.0/protocol.h
Examining data/dbeacon-0.4.0/ssmping.cpp
Examining data/dbeacon-0.4.0/address.h
Examining data/dbeacon-0.4.0/msocket.h
Examining data/dbeacon-0.4.0/protocol.cpp
Examining data/dbeacon-0.4.0/dbeacon.h
Examining data/dbeacon-0.4.0/dbeacon.cpp
FINAL RESULTS:
data/dbeacon-0.4.0/dbeacon.cpp:247:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, sizeof(buffer), format, vl);
data/dbeacon-0.4.0/dbeacon.cpp:406:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sessionName, beaconName.c_str());
data/dbeacon-0.4.0/dbeacon.cpp:1602:3: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(launchSomething.c_str(), launchSomething.c_str(),
data/dbeacon-0.4.0/dbeacon.cpp:338:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/dbeacon-0.4.0/dbeacon.cpp:997:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint32_t timeFact(int val, bool random) {
data/dbeacon-0.4.0/dbeacon.cpp:998:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (uint32_t) ((random ? ceil(Exprnd(beacInt * val)) : (beacInt * val)) * 1000);
data/dbeacon-0.4.0/dbeacon.cpp:126:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sessionName[256];
data/dbeacon-0.4.0/dbeacon.cpp:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/dbeacon-0.4.0/dbeacon.cpp:252:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[64];
data/dbeacon-0.4.0/dbeacon.cpp:328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/dbeacon-0.4.0/dbeacon.cpp:856:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename, "r");
data/dbeacon-0.4.0/dbeacon.cpp:861:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuf[256];
data/dbeacon-0.4.0/dbeacon.cpp:1135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:1181:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:1207:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:1247:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:1424:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:1466:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(tmpf.c_str(), "w");
data/dbeacon-0.4.0/dbeacon.cpp:1483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon_posix.cpp:84:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t, addr.v4(), addr.addrlen());
data/dbeacon-0.4.0/dbeacon_posix.cpp:86:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t, addr.v6(), addr.addrlen());
data/dbeacon-0.4.0/dbeacon_posix.cpp:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/dbeacon-0.4.0/dbeacon_posix.cpp:516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/dbeacon-0.4.0/dbeacon_posix.cpp:601:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int null = open("/dev/null", O_RDWR);
data/dbeacon-0.4.0/dbeacon_posix.cpp:612:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(pidfile, "w");
data/dbeacon-0.4.0/protocol.cpp:24:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + pointer + 2, str, len);
data/dbeacon-0.4.0/protocol.cpp:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + ptr, &v, 4);
data/dbeacon-0.4.0/protocol.cpp:57:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &value, sizeof(uint32_t));
data/dbeacon-0.4.0/protocol.cpp:163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + ptr, &addr->sin6_addr, sizeof(in6_addr));
data/dbeacon-0.4.0/protocol.cpp:164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + ptr + 16, &addr->sin6_port, sizeof(uint16_t));
data/dbeacon-0.4.0/protocol.cpp:170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + ptr, &addr->sin_addr, sizeof(in_addr));
data/dbeacon-0.4.0/protocol.cpp:171:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff + ptr + 4, &addr->sin_port, sizeof(uint16_t));
data/dbeacon-0.4.0/protocol.cpp:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v, data, 4);
data/dbeacon-0.4.0/protocol.cpp:301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/protocol.cpp:325:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a6->sin6_addr, hd + 2, sizeof(in6_addr));
data/dbeacon-0.4.0/protocol.cpp:326:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a6->sin6_port, hd + 18, sizeof(uint16_t));
data/dbeacon-0.4.0/protocol.cpp:332:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a4->sin_addr, hd + 2, sizeof(in_addr));
data/dbeacon-0.4.0/protocol.cpp:333:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a4->sin_port, hd + 6, sizeof(uint16_t));
data/dbeacon-0.4.0/ssmping.cpp:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/dbeacon-0.4.0/dbeacon.cpp:627:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(value);
data/dbeacon-0.4.0/dbeacon.cpp:754:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg) != 2)
data/dbeacon-0.4.0/dbeacon.cpp:866:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *val, *end = lp + strlen(lp);
data/dbeacon-0.4.0/dbeacon.cpp:878:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
terminate_str(lp, lp + strlen(lp) - 1);
data/dbeacon-0.4.0/dbeacon_posix.cpp:405:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, str, sizeof(tmp));
data/dbeacon-0.4.0/dbeacon_posix.cpp:510:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str + strlen(str), len - strlen(str), "/%u", port);
data/dbeacon-0.4.0/dbeacon_posix.cpp:510:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str + strlen(str), len - strlen(str), "/%u", port);
data/dbeacon-0.4.0/dbeacon_posix.cpp:608:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(022);
data/dbeacon-0.4.0/protocol.cpp:19:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
ANALYSIS SUMMARY:
Hits = 49
Lines analyzed = 3066 in approximately 0.11 seconds (27713 lines/second)
Physical Source Lines of Code (SLOC) = 2346
Hits@level = [0] 104 [1] 9 [2] 34 [3] 3 [4] 3 [5] 0
Hits@level+ = [0+] 153 [1+] 49 [2+] 40 [3+] 6 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 65.2174 [1+] 20.8866 [2+] 17.0503 [3+] 2.55754 [4+] 1.27877 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.