Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fastforward-0.51/hier.c
Examining data/fastforward-0.51/fastforward.c
Examining data/fastforward-0.51/printforward.c
Examining data/fastforward-0.51/setforward.c
Examining data/fastforward-0.51/printmaillist.c
Examining data/fastforward-0.51/setmaillist.c
Examining data/fastforward-0.51/newaliases.c
Examining data/fastforward-0.51/newinclude.c
Examining data/fastforward-0.51/auto-str.c
Examining data/fastforward-0.51/install.c
Examining data/fastforward-0.51/instcheck.c
Examining data/fastforward-0.51/trycpp.c
Examining data/fastforward-0.51/alloc.h
Examining data/fastforward-0.51/alloc.c
Examining data/fastforward-0.51/alloc_re.c
Examining data/fastforward-0.51/case.h
Examining data/fastforward-0.51/case_lowerb.c
Examining data/fastforward-0.51/cdb.h
Examining data/fastforward-0.51/cdb_hash.c
Examining data/fastforward-0.51/cdb_unpack.c
Examining data/fastforward-0.51/cdbmake.h
Examining data/fastforward-0.51/cdbmake_hash.c
Examining data/fastforward-0.51/cdbmake_pack.c
Examining data/fastforward-0.51/cdbmss.h
Examining data/fastforward-0.51/cdbmss.c
Examining data/fastforward-0.51/control.h
Examining data/fastforward-0.51/control.c
Examining data/fastforward-0.51/env.h
Examining data/fastforward-0.51/envread.c
Examining data/fastforward-0.51/error.c
Examining data/fastforward-0.51/error_str.c
Examining data/fastforward-0.51/fd.h
Examining data/fastforward-0.51/fd_copy.c
Examining data/fastforward-0.51/fd_move.c
Examining data/fastforward-0.51/tryvfork.c
Examining data/fastforward-0.51/fmt.h
Examining data/fastforward-0.51/fmt_ulong.c
Examining data/fastforward-0.51/scan.h
Examining data/fastforward-0.51/scan_ulong.c
Examining data/fastforward-0.51/getln.h
Examining data/fastforward-0.51/getln.c
Examining data/fastforward-0.51/getln2.c
Examining data/fastforward-0.51/sgetopt.h
Examining data/fastforward-0.51/sgetopt.c
Examining data/fastforward-0.51/subgetopt.h
Examining data/fastforward-0.51/subgetopt.c
Examining data/fastforward-0.51/open.h
Examining data/fastforward-0.51/open_read.c
Examining data/fastforward-0.51/open_trunc.c
Examining data/fastforward-0.51/auto_qmail.h
Examining data/fastforward-0.51/qmail.h
Examining data/fastforward-0.51/qmail.c
Examining data/fastforward-0.51/seek.h
Examining data/fastforward-0.51/seek_set.c
Examining data/fastforward-0.51/sig.h
Examining data/fastforward-0.51/sig_catch.c
Examining data/fastforward-0.51/sig_pipe.c
Examining data/fastforward-0.51/trysgact.c
Examining data/fastforward-0.51/byte.h
Examining data/fastforward-0.51/byte_chr.c
Examining data/fastforward-0.51/byte_copy.c
Examining data/fastforward-0.51/byte_cr.c
Examining data/fastforward-0.51/byte_diff.c
Examining data/fastforward-0.51/str.h
Examining data/fastforward-0.51/str_chr.c
Examining data/fastforward-0.51/str_cpy.c
Examining data/fastforward-0.51/str_diff.c
Examining data/fastforward-0.51/str_diffn.c
Examining data/fastforward-0.51/str_len.c
Examining data/fastforward-0.51/str_rchr.c
Examining data/fastforward-0.51/gen_alloc.h
Examining data/fastforward-0.51/gen_allocdefs.h
Examining data/fastforward-0.51/stralloc.h
Examining data/fastforward-0.51/stralloc_eady.c
Examining data/fastforward-0.51/stralloc_pend.c
Examining data/fastforward-0.51/stralloc_copy.c
Examining data/fastforward-0.51/stralloc_opyb.c
Examining data/fastforward-0.51/stralloc_opys.c
Examining data/fastforward-0.51/stralloc_cat.c
Examining data/fastforward-0.51/stralloc_catb.c
Examining data/fastforward-0.51/stralloc_cats.c
Examining data/fastforward-0.51/stralloc_arts.c
Examining data/fastforward-0.51/strset.h
Examining data/fastforward-0.51/substdio.h
Examining data/fastforward-0.51/substdio.c
Examining data/fastforward-0.51/substdi.c
Examining data/fastforward-0.51/substdo.c
Examining data/fastforward-0.51/substdio_copy.c
Examining data/fastforward-0.51/subfd.h
Examining data/fastforward-0.51/subfderr.c
Examining data/fastforward-0.51/subfdouts.c
Examining data/fastforward-0.51/subfdins.c
Examining data/fastforward-0.51/readwrite.h
Examining data/fastforward-0.51/exit.h
Examining data/fastforward-0.51/token822.h
Examining data/fastforward-0.51/token822.c
Examining data/fastforward-0.51/tryulong32.c
Examining data/fastforward-0.51/wait.h
Examining data/fastforward-0.51/wait_pid.c
Examining data/fastforward-0.51/trywaitp.c
Examining data/fastforward-0.51/strerr.h
Examining data/fastforward-0.51/strerr_sys.c
Examining data/fastforward-0.51/strerr_die.c
Examining data/fastforward-0.51/slurpclose.h
Examining data/fastforward-0.51/slurpclose.c
Examining data/fastforward-0.51/coe.h
Examining data/fastforward-0.51/coe.c
Examining data/fastforward-0.51/cdb_seek.c
Examining data/fastforward-0.51/error.h
Examining data/fastforward-0.51/cdbmake_add.c
Examining data/fastforward-0.51/strset.c
FINAL RESULTS:
data/fastforward-0.51/install.c:23:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(home,uid,gid) == -1)
data/fastforward-0.51/install.c:25:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(home,mode) == -1)
data/fastforward-0.51/install.c:41:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(subdir,uid,gid) == -1)
data/fastforward-0.51/install.c:43:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(subdir,mode) == -1)
data/fastforward-0.51/install.c:96:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(file,uid,gid) == -1)
data/fastforward-0.51/install.c:98:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(file,mode) == -1)
data/fastforward-0.51/fastforward.c:213:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(*args,args);
data/fastforward-0.51/qmail.c:32:7: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(*binqqargs,binqqargs);
data/fastforward-0.51/fastforward.c:304:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc,argv,"nNpPdD")) != opteof)
data/fastforward-0.51/sgetopt.c:19:9: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define getopt sgetoptmine
data/fastforward-0.51/sgetopt.c:28:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(argc,argv,opts)
data/fastforward-0.51/sgetopt.h:5:9: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define getopt sgetoptmine
data/fastforward-0.51/alloc.c:9:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef union { char irrelevant[ALIGNMENT]; double d; } aligned;
data/fastforward-0.51/auto-str.c:5:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[256];
data/fastforward-0.51/auto-str.c:21:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char octal[4];
data/fastforward-0.51/cdb_seek.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/fastforward-0.51/cdb_seek.c:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packbuf[8];
data/fastforward-0.51/cdbmake.h:17:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final[2048];
data/fastforward-0.51/cdbmss.h:8:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssbuf[1024];
data/fastforward-0.51/cdbmss.h:11:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packbuf[8];
data/fastforward-0.51/control.c:11:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inbuf[64];
data/fastforward-0.51/fastforward.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qp[FMT_ULONG];
data/fastforward-0.51/fastforward.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qqbuf[1];
data/fastforward-0.51/fastforward.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messbuf[4096];
data/fastforward-0.51/fastforward.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[5];
data/fastforward-0.51/fastforward.c:208:18: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
switch(child = vfork()) {
data/fastforward-0.51/install.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[SUBSTDIO_INSIZE];
data/fastforward-0.51/install.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[SUBSTDIO_OUTSIZE];
data/fastforward-0.51/newaliases.c:246:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[1024];
data/fastforward-0.51/newinclude.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char listbuf[1024];
data/fastforward-0.51/newinclude.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[1024];
data/fastforward-0.51/open_read.c:6:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ return open(fn,O_RDONLY | O_NDELAY); }
data/fastforward-0.51/open_trunc.c:6:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
data/fastforward-0.51/printforward.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/fastforward-0.51/qmail.c:10:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *binqqargs[2] = { "bin/qmail-queue", 0 } ;
data/fastforward-0.51/qmail.c:21:20: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
switch(qq->pid = vfork()) {
data/fastforward-0.51/qmail.h:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/fastforward-0.51/setmaillist.c:23:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/fastforward-0.51/sgetopt.c:44:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chp[2]; chp[0] = optproblem; chp[1] = '\n';
data/fastforward-0.51/subfderr.c:5:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subfd_errbuf[256];
data/fastforward-0.51/subfdins.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subfd_inbufsmall[256];
data/fastforward-0.51/subfdouts.c:5:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subfd_outbufsmall[256];
data/fastforward-0.51/tryvfork.c:3:3: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
vfork();
data/fastforward-0.51/cdb_seek.c:17:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(fd,buf,len);
data/fastforward-0.51/control.c:63:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
substdio_fdbuf(&ss,read,fd,inbuf,sizeof(inbuf));
data/fastforward-0.51/control.c:115:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
substdio_fdbuf(&ss,read,fd,inbuf,sizeof(inbuf));
data/fastforward-0.51/fastforward.c:65:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
substdio ssmess = SUBSTDIO_FDBUF(read,0,messbuf,sizeof messbuf);
data/fastforward-0.51/install.c:69:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
substdio_fdbuf(&ssin,read,fdin,inbuf,sizeof inbuf);
data/fastforward-0.51/install.c:108:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(077);
data/fastforward-0.51/newaliases.c:277:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(033);
data/fastforward-0.51/newaliases.c:282:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
substdio_fdbuf(&ssin,read,fd,inbuf,sizeof inbuf);
data/fastforward-0.51/newinclude.c:277:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(033);
data/fastforward-0.51/newinclude.c:292:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
substdio_fdbuf(&sslist,read,fd,listbuf,sizeof listbuf);
data/fastforward-0.51/readwrite.h:4:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int read();
data/fastforward-0.51/setmaillist.c:41:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(033);
data/fastforward-0.51/slurpclose.c:14:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(fd,sa->s + sa->len,bufsize);
data/fastforward-0.51/subfdins.c:8:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(fd,buf,len);
ANALYSIS SUMMARY:
Hits = 57
Lines analyzed = 5102 in approximately 0.18 seconds (27579 lines/second)
Physical Source Lines of Code (SLOC) = 4394
Hits@level = [0] 2 [1] 14 [2] 31 [3] 4 [4] 2 [5] 6
Hits@level+ = [0+] 59 [1+] 57 [2+] 43 [3+] 12 [4+] 8 [5+] 6
Hits/KSLOC@level+ = [0+] 13.4274 [1+] 12.9722 [2+] 9.78607 [3+] 2.731 [4+] 1.82066 [5+] 1.3655
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.