Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/fsmark-3.3/fs_mark.h Examining data/fsmark-3.3/fs_mark.c Examining data/fsmark-3.3/lib_timing.c FINAL RESULTS: data/fsmark-3.3/fs_mark.c:55:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(child_log_file_name, "%s.%d", log_file_name, getpid()); data/fsmark-3.3/fs_mark.c:382:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(names[file_index].target_dir, "%s/%s", my_dir, subdir_name); data/fsmark-3.3/fs_mark.c:394:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(names[file_index].write_dir, "%s", names[file_index].target_dir); data/fsmark-3.3/fs_mark.c:463:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(thread_log_file_name, "%s.%d", log_file_name, pid); data/fsmark-3.3/fs_mark.c:677:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_write_name, "%s/%s", names[file_index].write_dir, data/fsmark-3.3/fs_mark.c:679:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_target_name, "%s/%s", names[file_index].target_dir, data/fsmark-3.3/fs_mark.c:767:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_target_name, "%s/%s", data/fsmark-3.3/fs_mark.c:805:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_target_name, "%s/%s", data/fsmark-3.3/fs_mark.c:842:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_target_name, "%s/%s", names[0].target_dir, data/fsmark-3.3/fs_mark.c:872:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_target_name, "%s/%s", data/fsmark-3.3/fs_mark.c:949:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(child_log_file_name, "%s.%d", log_file_name, child_pid); data/fsmark-3.3/fs_mark.c:97:3: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. getopt(argc, argv, "vhkFr:S:N:D:d:l:L:n:p:s:t:w:")) != EOF) { data/fsmark-3.3/fs_mark.c:411:10: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. val = random(); data/fsmark-3.3/fs_mark.c:449:2: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom((long)now.tv_usec); data/fsmark-3.3/fs_mark.c:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char child_log_file_name[PATH_MAX]; data/fsmark-3.3/fs_mark.c:104:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_subdirs = atoi(optarg); data/fsmark-3.3/fs_mark.c:149:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loop_count = atoi(optarg); data/fsmark-3.3/fs_mark.c:154:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_files = atoi(optarg); data/fsmark-3.3/fs_mark.c:163:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_per_subdir = atoi(optarg); data/fsmark-3.3/fs_mark.c:167:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). name_len = atoi(optarg); data/fsmark-3.3/fs_mark.c:176:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). file_size = atoi(optarg); data/fsmark-3.3/fs_mark.c:180:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rand_len = atoi(optarg); data/fsmark-3.3/fs_mark.c:184:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sync_method_type = atoi(optarg); data/fsmark-3.3/fs_mark.c:216:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_threads = atoi(optarg); data/fsmark-3.3/fs_mark.c:225:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). io_buffer_size = atoi(optarg); data/fsmark-3.3/fs_mark.c:309:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subdir_name[MAX_NAME_PATH]; data/fsmark-3.3/fs_mark.c:365:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(subdir_name, "%02x", current_subdir); data/fsmark-3.3/fs_mark.c:373:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(subdir_name, "%02x", current_subdir); data/fsmark-3.3/fs_mark.c:399:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(seq_name, "%lx", sec_time); data/fsmark-3.3/fs_mark.c:441:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char thread_log_file_name[PATH_MAX]; data/fsmark-3.3/fs_mark.c:464:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((child_log_file_fp = fopen(thread_log_file_name, "w")) == NULL) { data/fsmark-3.3/fs_mark.c:633:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_write_name[MAX_NAME_PATH + FILENAME_SIZE]; data/fsmark-3.3/fs_mark.c:634:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_target_name[MAX_NAME_PATH + FILENAME_SIZE]; data/fsmark-3.3/fs_mark.c:684:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(file_write_name, O_CREAT | O_RDWR | O_TRUNC, data/fsmark-3.3/fs_mark.c:772:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(file_target_name, O_RDONLY, 0666)) == -1) { data/fsmark-3.3/fs_mark.c:810:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(file_target_name, O_RDONLY, 0666)) == -1) { data/fsmark-3.3/fs_mark.c:846:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(file_target_name, O_RDONLY, 0666)) == -1) { data/fsmark-3.3/fs_mark.c:942:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char child_log_file_name[PATH_MAX]; data/fsmark-3.3/fs_mark.c:950:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((thread_log_fp = fopen(child_log_file_name, "r")) == NULL) { data/fsmark-3.3/fs_mark.c:1315:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((log_file_fp = fopen(log_file_name, "a")) == NULL) { data/fsmark-3.3/fs_mark.h:52:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char dir_policy_string[NUM_DIR_POLICIES][MAX_STRING_SIZE] = { data/fsmark-3.3/fs_mark.h:84:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char sync_policy_string[NUM_SYNC_METHODS][MAX_STRING_SIZE] = { data/fsmark-3.3/fs_mark.h:128:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_file_name[PATH_MAX] = "fs_log.txt"; /* Log file name for run */ data/fsmark-3.3/fs_mark.h:136:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char io_buffer[MAX_IO_BUFFER_SIZE]; /* Buffer used in writes to files */ data/fsmark-3.3/fs_mark.h:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f_name[FILENAME_SIZE]; /* Actual name of file in directory without path */ data/fsmark-3.3/fs_mark.h:140:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char write_dir[MAX_NAME_PATH]; /* Name of directory file is written to */ data/fsmark-3.3/fs_mark.h:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_dir[MAX_NAME_PATH]; /* Name of directory when & if file is renamed */ data/fsmark-3.3/fs_mark.h:146:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char rand_name[FILENAME_SIZE]; data/fsmark-3.3/fs_mark.h:147:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char seq_name[FILENAME_SIZE]; data/fsmark-3.3/fs_mark.h:151:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test_dir[PATH_MAX]; /* Directory name to use to create test files in */ data/fsmark-3.3/fs_mark.c:124:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(optarg) >= MAX_NAME_PATH) { data/fsmark-3.3/fs_mark.c:130:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(child_tasks[num_dirs].test_dir, optarg, data/fsmark-3.3/fs_mark.c:145:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(log_file_name, optarg, PATH_MAX); data/fsmark-3.3/fs_mark.c:276:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(child_tasks[i + (j * num_dirs)]. data/fsmark-3.3/fs_mark.c:422:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). skip = strlen(seq_name) - seq_len; data/fsmark-3.3/fs_mark.c:424:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(names[file_index].f_name, &seq_name[skip], seq_len); data/fsmark-3.3/fs_mark.c:426:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(names[file_index].f_name, seq_name, seq_len); data/fsmark-3.3/fs_mark.c:428:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pad = seq_len - strlen(seq_name); data/fsmark-3.3/fs_mark.c:430:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(names[file_index].f_name, "~"); data/fsmark-3.3/fs_mark.c:431:2: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(names[file_index].f_name, rand_name, rand_len); ANALYSIS SUMMARY: Hits = 60 Lines analyzed = 1717 in approximately 0.09 seconds (19121 lines/second) Physical Source Lines of Code (SLOC) = 1073 Hits@level = [0] 54 [1] 10 [2] 36 [3] 3 [4] 11 [5] 0 Hits@level+ = [0+] 114 [1+] 60 [2+] 50 [3+] 14 [4+] 11 [5+] 0 Hits/KSLOC@level+ = [0+] 106.244 [1+] 55.918 [2+] 46.5983 [3+] 13.0475 [4+] 10.2516 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.