Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/girara-0.3.5/girara/callbacks.c
Examining data/girara-0.3.5/girara/callbacks.h
Examining data/girara-0.3.5/girara/commands.c
Examining data/girara-0.3.5/girara/commands.h
Examining data/girara-0.3.5/girara/completion.c
Examining data/girara-0.3.5/girara/completion.h
Examining data/girara-0.3.5/girara/config.c
Examining data/girara-0.3.5/girara/config.h
Examining data/girara-0.3.5/girara/datastructures.c
Examining data/girara-0.3.5/girara/datastructures.h
Examining data/girara-0.3.5/girara/entry.c
Examining data/girara-0.3.5/girara/entry.h
Examining data/girara-0.3.5/girara/girara.h
Examining data/girara-0.3.5/girara/input-history-io.c
Examining data/girara-0.3.5/girara/input-history.c
Examining data/girara-0.3.5/girara/input-history.h
Examining data/girara-0.3.5/girara/internal.h
Examining data/girara-0.3.5/girara/log.c
Examining data/girara-0.3.5/girara/log.h
Examining data/girara-0.3.5/girara/macros.h
Examining data/girara-0.3.5/girara/session.c
Examining data/girara-0.3.5/girara/session.h
Examining data/girara-0.3.5/girara/settings.c
Examining data/girara-0.3.5/girara/settings.h
Examining data/girara-0.3.5/girara/shortcuts.c
Examining data/girara-0.3.5/girara/shortcuts.h
Examining data/girara-0.3.5/girara/statusbar.c
Examining data/girara-0.3.5/girara/statusbar.h
Examining data/girara-0.3.5/girara/template.c
Examining data/girara-0.3.5/girara/template.h
Examining data/girara-0.3.5/girara/types.h
Examining data/girara-0.3.5/girara/utils.c
Examining data/girara-0.3.5/girara/utils.h
Examining data/girara-0.3.5/tests/test_config.c
Examining data/girara-0.3.5/tests/test_datastructures.c
Examining data/girara-0.3.5/tests/test_session.c
Examining data/girara-0.3.5/tests/test_setting.c
Examining data/girara-0.3.5/tests/test_template.c
Examining data/girara-0.3.5/tests/test_utils.c
Examining data/girara-0.3.5/tests/tests.c
Examining data/girara-0.3.5/tests/tests.h
Examining data/girara-0.3.5/tests/xdg_test_helper.c
FINAL RESULTS:
data/girara-0.3.5/girara/log.c:33:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/girara-0.3.5/girara/utils.c:160:21: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
return g_strdup(g_get_home_dir());
data/girara-0.3.5/tests/test_utils.c:37:23: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const gchar* user = g_get_home_dir();
data/girara-0.3.5/tests/test_utils.c:85:23: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const gchar* user = g_get_home_dir();
data/girara-0.3.5/girara/commands.c:513:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(value);
data/girara-0.3.5/girara/utils.c:229:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(fixed_path, mode);
data/girara-0.3.5/girara/callbacks.c:416:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) == 0) {
data/girara-0.3.5/girara/commands.c:128:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t tmp_length = strlen(tmp);
data/girara-0.3.5/girara/commands.c:154:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_length = strlen(tmp);
data/girara-0.3.5/girara/commands.c:160:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_length = strlen(tmp);
data/girara-0.3.5/girara/commands.c:272:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_length = strlen(tmp);
data/girara-0.3.5/girara/completion.c:150:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t input_length = strlen(input);
data/girara-0.3.5/girara/completion.c:183:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t current_command_length = current_command ? strlen(current_command) : 0;
data/girara-0.3.5/girara/completion.c:296:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current_command_length = strlen(current_command);
data/girara-0.3.5/girara/completion.c:480:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
previous_length = strlen(temp);
data/girara-0.3.5/girara/config.c:72:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t input_length = strlen(input);
data/girara-0.3.5/girara/config.c:137:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t guioptions_len = strlen(guioptions);
data/girara-0.3.5/girara/config.c:336:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 0 || strchr(COMMENT_PREFIX, line[0]) != NULL) {
data/girara-0.3.5/girara/input-history-io.c:24:53: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return GIRARA_INPUT_HISTORY_IO_GET_INTERFACE(io)->read(io);
data/girara-0.3.5/girara/input-history.h:29:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
girara_list_t* (*read)(GiraraInputHistoryIO* io);
data/girara-0.3.5/girara/session.c:580:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (window_icon != NULL && strlen(window_icon) != 0) {
data/girara-0.3.5/girara/session.c:909:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0) {
data/girara-0.3.5/girara/settings.c:226:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int input_length = strlen(input);
data/girara-0.3.5/girara/settings.c:229:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((setting->init_only == false) && (input_length <= strlen(setting->name)) &&
data/girara-0.3.5/girara/shortcuts.c:201:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(input);
data/girara-0.3.5/girara/shortcuts.c:567:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int input_length = strlen(input);
data/girara-0.3.5/girara/utils.c:32:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(path);
data/girara-0.3.5/girara/utils.c:67:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (uri == NULL || strlen(uri) == 0) {
data/girara-0.3.5/girara/utils.c:338:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != 1) {
data/girara-0.3.5/girara/utils.c:358:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen(line); i++) {
data/girara-0.3.5/girara/utils.c:448:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cmd == NULL || strlen(cmd) == 0) {
data/girara-0.3.5/tests/test_utils.c:48:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(result != NULL && strlen(result) != 0, "Home directory is empty", NULL);
data/girara-0.3.5/tests/test_utils.c:93:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fail_unless(result != NULL && strlen(result) != 0,
data/girara-0.3.5/tests/xdg_test_helper.c:13:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) != 1) {
ANALYSIS SUMMARY:
Hits = 34
Lines analyzed = 10072 in approximately 0.23 seconds (44581 lines/second)
Physical Source Lines of Code (SLOC) = 6760
Hits@level = [0] 6 [1] 28 [2] 2 [3] 3 [4] 1 [5] 0
Hits@level+ = [0+] 40 [1+] 34 [2+] 6 [3+] 4 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 5.91716 [1+] 5.02959 [2+] 0.887574 [3+] 0.591716 [4+] 0.147929 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.