Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/fped-0.1+201210/bitset.c Examining data/fped-0.1+201210/bitset.h Examining data/fped-0.1+201210/coord.c Examining data/fped-0.1+201210/coord.h Examining data/fped-0.1+201210/cpp.c Examining data/fped-0.1+201210/cpp.h Examining data/fped-0.1+201210/delete.c Examining data/fped-0.1+201210/delete.h Examining data/fped-0.1+201210/dump.c Examining data/fped-0.1+201210/dump.h Examining data/fped-0.1+201210/error.c Examining data/fped-0.1+201210/error.h Examining data/fped-0.1+201210/expr.c Examining data/fped-0.1+201210/expr.h Examining data/fped-0.1+201210/file.c Examining data/fped-0.1+201210/file.h Examining data/fped-0.1+201210/fpd.h Examining data/fped-0.1+201210/fped.c Examining data/fped-0.1+201210/fped.h Examining data/fped-0.1+201210/gnuplot.c Examining data/fped-0.1+201210/gnuplot.h Examining data/fped-0.1+201210/gui.c Examining data/fped-0.1+201210/gui.h Examining data/fped-0.1+201210/gui_canvas.c Examining data/fped-0.1+201210/gui_canvas.h Examining data/fped-0.1+201210/gui_frame.c Examining data/fped-0.1+201210/gui_frame.h Examining data/fped-0.1+201210/gui_frame_drag.c Examining data/fped-0.1+201210/gui_frame_drag.h Examining data/fped-0.1+201210/gui_inst.c Examining data/fped-0.1+201210/gui_inst.h Examining data/fped-0.1+201210/gui_meas.c Examining data/fped-0.1+201210/gui_meas.h Examining data/fped-0.1+201210/gui_over.c Examining data/fped-0.1+201210/gui_over.h Examining data/fped-0.1+201210/gui_status.c Examining data/fped-0.1+201210/gui_status.h Examining data/fped-0.1+201210/gui_style.c Examining data/fped-0.1+201210/gui_style.h Examining data/fped-0.1+201210/gui_tool.c Examining data/fped-0.1+201210/gui_tool.h Examining data/fped-0.1+201210/gui_util.c Examining data/fped-0.1+201210/gui_util.h Examining data/fped-0.1+201210/hole.c Examining data/fped-0.1+201210/hole.h Examining data/fped-0.1+201210/inst.c Examining data/fped-0.1+201210/inst.h Examining data/fped-0.1+201210/kicad.c Examining data/fped-0.1+201210/kicad.h Examining data/fped-0.1+201210/layer.c Examining data/fped-0.1+201210/layer.h Examining data/fped-0.1+201210/meas.c Examining data/fped-0.1+201210/meas.h Examining data/fped-0.1+201210/obj.c Examining data/fped-0.1+201210/obj.h Examining data/fped-0.1+201210/overlap.c Examining data/fped-0.1+201210/overlap.h Examining data/fped-0.1+201210/postscript.c Examining data/fped-0.1+201210/tsort.c Examining data/fped-0.1+201210/tsort.h Examining data/fped-0.1+201210/unparse.c Examining data/fped-0.1+201210/unparse.h Examining data/fped-0.1+201210/util.c Examining data/fped-0.1+201210/util.h Examining data/fped-0.1+201210/postscript.h FINAL RESULTS: data/fped-0.1+201210/cpp.c:121:6: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (execvp(cpp_command,(char **) cpp_argv) < 0) { data/fped-0.1+201210/dump.c:430:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p, name); data/fped-0.1+201210/error.c:42:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf(NULL, 0, fmt, ap); data/fped-0.1+201210/error.c:46:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, n+1, fmt, ap); data/fped-0.1+201210/error.h:26:27: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__((format(printf, 1, 2))); data/fped-0.1+201210/error.h:32:27: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__((format(printf, 1, 2))); data/fped-0.1+201210/expr.c:72:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s^%d", unit, n.exponent); data/fped-0.1+201210/expr.c:558:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf+i, value_string); data/fped-0.1+201210/gui_canvas.c:32:27: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define DPRINTF(fmt, ...) fprintf(stderr, fmt "\n", ##__VA_ARGS__) data/fped-0.1+201210/gui_frame.c:733:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf, fmt, ap); data/fped-0.1+201210/gui_over.c:29:27: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define DPRINTF(fmt, ...) fprintf(stderr, fmt "\n", ##__VA_ARGS__) data/fped-0.1+201210/gui_status.h:62:27: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__((format(printf, 2, 3))) \ data/fped-0.1+201210/postscript.c:839:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, pad_type_name(type)); data/fped-0.1+201210/unparse.c:53:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s%s", a, op, b); data/fped-0.1+201210/unparse.c:65:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s%s", op, a); data/fped-0.1+201210/unparse.c:80:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s(%s)", name, tmp); data/fped-0.1+201210/unparse.c:94:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "(%s)", temp); data/fped-0.1+201210/util.c:32:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf(NULL, 0, fmt, aq); data/fped-0.1+201210/util.c:35:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, n+1, fmt, ap); data/fped-0.1+201210/util.h:62:27: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__((format(printf, 1, 2))); data/fped-0.1+201210/fped.c:151:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "1:gkps:D:I:KPTU:")) != EOF) data/fped-0.1+201210/bitset.c:51:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new->v, old->v, bytes); data/fped-0.1+201210/dump.c:279:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[10]; /* plenty */ data/fped-0.1+201210/dump.c:285:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "__%d", n); data/fped-0.1+201210/dump.c:396:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *meas_type_name[mt_n] = { data/fped-0.1+201210/dump.c:420:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, walk->frame->name, n); data/fped-0.1+201210/dump.c:426:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, base->frame->name, n); data/fped-0.1+201210/expr.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; /* @@@ plenty */ data/fped-0.1+201210/expr.c:104:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[100]; /* enough :-) */ data/fped-0.1+201210/file.c:66:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(name, "w"); data/fped-0.1+201210/fped.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[sizeof(MACHINE_GENERATED)]; data/fped-0.1+201210/fped.c:43:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(name, "r"); data/fped-0.1+201210/fped.c:143:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *args[2]; data/fped-0.1+201210/gui_frame.c:730:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/fped-0.1+201210/gui_util.c:340:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[20]; /* plenty */ data/fped-0.1+201210/gui_util.c:342:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "__dbg%04d.png", buf_num++); data/fped-0.1+201210/postscript.c:823:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[20]; /* @@@ plenty :) */ data/fped-0.1+201210/unparse.c:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[100]; data/fped-0.1+201210/cpp.c:177:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (left = strlen(str); left; left -= wrote) { data/fped-0.1+201210/dump.c:411:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(name)+1; /* vec\0 */ data/fped-0.1+201210/dump.c:413:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += strlen(walk->frame->name)+1; /* frame/ */ data/fped-0.1+201210/dump.c:415:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n += strlen(base->frame->name)+1; /* frame. */ data/fped-0.1+201210/dump.c:419:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(walk->frame->name); data/fped-0.1+201210/dump.c:425:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(base->frame->name); data/fped-0.1+201210/expr.c:497:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(name); data/fped-0.1+201210/expr.c:553:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). value_len = strlen(value_string); data/fped-0.1+201210/postscript.c:448:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return width/strlen(s)*TEXT_HEIGHT_FACTOR*zoom; data/fped-0.1+201210/postscript.c:501:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). width = strlen(s)*height; data/fped-0.1+201210/unparse.c:52:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(op)+strlen(a)+strlen(b)+1); data/fped-0.1+201210/unparse.c:52:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(op)+strlen(a)+strlen(b)+1); data/fped-0.1+201210/unparse.c:52:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(op)+strlen(a)+strlen(b)+1); data/fped-0.1+201210/unparse.c:64:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(op)+strlen(a)+1); data/fped-0.1+201210/unparse.c:64:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(op)+strlen(a)+1); data/fped-0.1+201210/unparse.c:79:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(name)+strlen(tmp)+3); data/fped-0.1+201210/unparse.c:79:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(name)+strlen(tmp)+3); data/fped-0.1+201210/unparse.c:93:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf = alloc_size(strlen(temp)+3); data/fped-0.1+201210/util.h:50:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(strnalloc_tmp, (s), (n)); \ ANALYSIS SUMMARY: Hits = 57 Lines analyzed = 18049 in approximately 0.53 seconds (33963 lines/second) Physical Source Lines of Code (SLOC) = 12651 Hits@level = [0] 257 [1] 19 [2] 17 [3] 1 [4] 20 [5] 0 Hits@level+ = [0+] 314 [1+] 57 [2+] 38 [3+] 21 [4+] 20 [5+] 0 Hits/KSLOC@level+ = [0+] 24.8202 [1+] 4.50557 [2+] 3.00372 [3+] 1.65995 [4+] 1.5809 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.