Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/deborphan-1.7.33/include/deborphan.h
Examining data/deborphan-1.7.33/include/set.h
Examining data/deborphan-1.7.33/src/deborphan.c
Examining data/deborphan-1.7.33/src/exit.c
Examining data/deborphan-1.7.33/src/file.c
Examining data/deborphan-1.7.33/src/keep.c
Examining data/deborphan-1.7.33/src/libdeps.c
Examining data/deborphan-1.7.33/src/pkginfo.c
Examining data/deborphan-1.7.33/src/set.c
Examining data/deborphan-1.7.33/src/string.c
FINAL RESULTS:
data/deborphan-1.7.33/src/deborphan.c:154:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sfile, optarg);
data/deborphan-1.7.33/src/exit.c:36:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/deborphan-1.7.33/src/keep.c:44:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(t, *pkgnames);
data/deborphan-1.7.33/src/keep.c:346:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret[i++], t);
data/deborphan-1.7.33/src/set.c:57:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->section, prefix);
data/deborphan-1.7.33/src/set.c:59:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p->section, section);
data/deborphan-1.7.33/src/deborphan.c:140:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt_long(argc, argv, "p:advhe:nf:sPzHk:ARLZ", longopts,
data/deborphan-1.7.33/src/file.c:30:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY);
data/deborphan-1.7.33/src/file.c:54:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_WRONLY | O_TRUNC);
data/deborphan-1.7.33/src/keep.c:34:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(sfile, "r")))
data/deborphan-1.7.33/src/keep.c:43:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(t, "ackage:");
data/deborphan-1.7.33/src/keep.c:127:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(kfile, "a+");
data/deborphan-1.7.33/src/keep.c:174:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(kfile, O_RDONLY | O_CREAT, 0666 /* let umask handle -w */)) <
data/deborphan-1.7.33/src/keep.c:231:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(kfile, O_WRONLY | O_TRUNC)) < 0) {
data/deborphan-1.7.33/src/keep.c:299:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(kfile, "r");
data/deborphan-1.7.33/src/keep.c:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[100];
data/deborphan-1.7.33/src/pkginfo.c:37:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guess[256];
data/deborphan-1.7.33/src/pkginfo.c:41:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "^lib.*-perl$|");
data/deborphan-1.7.33/src/pkginfo.c:43:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "^python[[:digit:].]*-|");
data/deborphan-1.7.33/src/pkginfo.c:45:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "^pike[[:digit:].]*-|");
data/deborphan-1.7.33/src/pkginfo.c:47:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "^lib.*-ruby[[:digit:].]*$|");
data/deborphan-1.7.33/src/pkginfo.c:49:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "^libmono|");
data/deborphan-1.7.33/src/pkginfo.c:51:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "-dev$|");
data/deborphan-1.7.33/src/pkginfo.c:53:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "-dbg(|sym)$|");
data/deborphan-1.7.33/src/pkginfo.c:55:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "-common$|");
data/deborphan-1.7.33/src/pkginfo.c:57:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "-(data|music)$|");
data/deborphan-1.7.33/src/pkginfo.c:59:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "-doc$|");
data/deborphan-1.7.33/src/pkginfo.c:61:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess,
data/deborphan-1.7.33/src/pkginfo.c:65:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(guess, "^lib.*-java$|");
data/deborphan-1.7.33/src/deborphan.c:153:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sfile = (char*)malloc((strlen(optarg) + 1) * sizeof(sfile));
data/deborphan-1.7.33/src/file.c:41:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, (size_t)statbuf.st_size) < statbuf.st_size) {
data/deborphan-1.7.33/src/keep.c:40:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = (char*)malloc(9 + strlen(*pkgnames));
data/deborphan-1.7.33/src/keep.c:45:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(t, "\n");
data/deborphan-1.7.33/src/keep.c:141:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp);
data/deborphan-1.7.33/src/keep.c:188:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t actually_read = read(fd, fcont, sbuf.st_size);
data/deborphan-1.7.33/src/keep.c:205:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(del[i]) != substrlen)
data/deborphan-1.7.33/src/keep.c:222:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(fcont);
data/deborphan-1.7.33/src/keep.c:342:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret[i] = (char*)malloc((strlen(t) + 1));
data/deborphan-1.7.33/src/pkginfo.c:88:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (guess[strlen(guess) - 1] == '|')
data/deborphan-1.7.33/src/pkginfo.c:89:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
guess[strlen(guess) - 1] = '\0';
data/deborphan-1.7.33/src/set.c:56:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc((strlen(section) + strlen(prefix) + 2) * sizeof(char));
data/deborphan-1.7.33/src/set.c:56:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc((strlen(section) + strlen(prefix) + 2) * sizeof(char));
data/deborphan-1.7.33/src/set.c:58:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p->section, "/");
ANALYSIS SUMMARY:
Hits = 43
Lines analyzed = 2138 in approximately 0.13 seconds (15856 lines/second)
Physical Source Lines of Code (SLOC) = 1611
Hits@level = [0] 99 [1] 14 [2] 22 [3] 1 [4] 6 [5] 0
Hits@level+ = [0+] 142 [1+] 43 [2+] 29 [3+] 7 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 88.144 [1+] 26.6915 [2+] 18.0012 [3+] 4.34513 [4+] 3.72439 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.