Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/donkey-1.2.0/src/btoe.c Examining data/donkey-1.2.0/src/config.h Examining data/donkey-1.2.0/src/donkey.c Examining data/donkey-1.2.0/src/donkey.h Examining data/donkey-1.2.0/src/md.c Examining data/donkey-1.2.0/src/md.h Examining data/donkey-1.2.0/src/passphrase.c Examining data/donkey-1.2.0/src/skey.c FINAL RESULTS: data/donkey-1.2.0/src/donkey.c:139:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(user, defaultuser); data/donkey-1.2.0/src/donkey.c:199:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(seed, defaultseed); data/donkey-1.2.0/src/donkey.c:247:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(tstr, "%s %s %s %s %s\n", w, m, d, t, y); data/donkey-1.2.0/src/donkey.c:248:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tstr, " %s %s,%s %s", m, d, y, t); data/donkey-1.2.0/src/skey.c:30:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, seed); data/donkey-1.2.0/src/skey.c:31:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf, passwd); data/donkey-1.2.0/src/donkey.c:281:16: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((optc = getopt_long(argc, argv, "n:ihvf:", longopts, (int *)0)) data/donkey-1.2.0/src/btoe.c:12:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char Wp[2048][4] = { "A", "ABE", "ACE", "ACT", "AD", "ADA", "ADD", data/donkey-1.2.0/src/btoe.c:271:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cp[9]; /* 64 + 2 = 66 bits */ data/donkey-1.2.0/src/btoe.c:273:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[BUFSIZ]; data/donkey-1.2.0/src/btoe.c:276:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, md, 8); data/donkey-1.2.0/src/config.h:40:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/donkey-1.2.0/src/config.h:40:29: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memcpy(d, s, n) bcopy ((s), (d), (n)) data/donkey-1.2.0/src/config.h:41:30: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(d, s, n) bcopy ((s), (d), (n)) data/donkey-1.2.0/src/donkey.c:100:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out, "%02x", *in++ & 0xff); data/donkey-1.2.0/src/donkey.c:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[BUFSIZ]; data/donkey-1.2.0/src/donkey.c:147:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char seqbuf[BUFSIZ]; data/donkey-1.2.0/src/donkey.c:170:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char defaultseed[SEED_LEN]; data/donkey-1.2.0/src/donkey.c:183:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(defaultseed + SEED_HOST_LEN, data/donkey-1.2.0/src/donkey.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char seed[SEED_LEN]; data/donkey-1.2.0/src/donkey.c:209:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char passphrase1[PASS_PHRASE_MAX_LEN]; data/donkey-1.2.0/src/donkey.c:210:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char passphrase2[PASS_PHRASE_MAX_LEN]; data/donkey-1.2.0/src/donkey.c:224:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[8]; data/donkey-1.2.0/src/donkey.c:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[27]; data/donkey-1.2.0/src/donkey.c:246:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m[16], d[16], y[16], t[16], w[16]; data/donkey-1.2.0/src/donkey.c:257:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key2[BUFSIZ]; data/donkey-1.2.0/src/donkey.c:346:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char passphrase1[PASS_PHRASE_MAX_LEN]; data/donkey-1.2.0/src/donkey.c:349:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[8]; data/donkey-1.2.0/src/passphrase.c:102:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfp = fp = fopen("/dev/tty", "r+")) == NULL) { data/donkey-1.2.0/src/skey.c:43:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result,(char *)results,8); data/donkey-1.2.0/src/skey.c:61:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x, (char *)results, 8); data/donkey-1.2.0/src/btoe.c:284:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(engout, &Wp[extract(cp, 0, 11)][0], 4); data/donkey-1.2.0/src/btoe.c:285:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (engout," "); data/donkey-1.2.0/src/btoe.c:286:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(engout, &Wp[extract(cp, 11, 11)][0], 4); data/donkey-1.2.0/src/btoe.c:287:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (engout," "); data/donkey-1.2.0/src/btoe.c:288:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(engout, &Wp[extract(cp, 22, 11)][0], 4); data/donkey-1.2.0/src/btoe.c:289:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (engout," "); data/donkey-1.2.0/src/btoe.c:290:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(engout, &Wp[extract(cp, 33, 11)][0], 4); data/donkey-1.2.0/src/btoe.c:291:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (engout," "); data/donkey-1.2.0/src/btoe.c:292:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(engout, &Wp[extract(cp, 44, 11)][0], 4); data/donkey-1.2.0/src/btoe.c:293:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat (engout," "); data/donkey-1.2.0/src/btoe.c:294:9: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(engout, &Wp[extract(cp, 55, 11)][0], 4); data/donkey-1.2.0/src/donkey.c:128:17: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int c = getchar(); data/donkey-1.2.0/src/donkey.c:149:17: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int c = getchar(); data/donkey-1.2.0/src/donkey.c:177:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(defaultseed, sys.nodename, SEED_HOST_LEN); data/donkey-1.2.0/src/donkey.c:189:17: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const int c = getchar(); data/donkey-1.2.0/src/passphrase.c:125:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). phrase[strlen(phrase) - 1] = '\0'; data/donkey-1.2.0/src/passphrase.c:129:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (strlen(phrase) < PASS_PHRASE_MIN_LEN) { data/donkey-1.2.0/src/passphrase.c:139:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). phrase[strlen(phrase) - 1] = '\0'; data/donkey-1.2.0/src/skey.c:26:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t buflen = strlen(seed) + strlen(passwd); data/donkey-1.2.0/src/skey.c:26:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t buflen = strlen(seed) + strlen(passwd); ANALYSIS SUMMARY: Hits = 51 Lines analyzed = 1182 in approximately 0.07 seconds (16204 lines/second) Physical Source Lines of Code (SLOC) = 877 Hits@level = [0] 20 [1] 20 [2] 24 [3] 1 [4] 6 [5] 0 Hits@level+ = [0+] 71 [1+] 51 [2+] 31 [3+] 7 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 80.9578 [1+] 58.1528 [2+] 35.3478 [3+] 7.98176 [4+] 6.84151 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.