Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gkrellm-reminder-2.0.0/reminder.c FINAL RESULTS: data/gkrellm-reminder-2.0.0/reminder.c:383:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( dir, config.event_file ); data/gkrellm-reminder-2.0.0/reminder.c:2747:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( arg, "%s %[^\n]", keyword, value ); data/gkrellm-reminder-2.0.0/reminder.c:309:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen( config.event_file, "r" ); data/gkrellm-reminder-2.0.0/reminder.c:370:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen( config.event_file, "a" ); /* "a" cuz we don't want to delete everything data/gkrellm-reminder-2.0.0/reminder.c:399:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen( config.event_file, "w" ); data/gkrellm-reminder-2.0.0/reminder.c:422:3: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fopen( config.event_file, "w" ); data/gkrellm-reminder-2.0.0/reminder.c:1257:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( array[4], "Never" ); data/gkrellm-reminder-2.0.0/reminder.c:2750:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.remind_early = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:2753:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.list_sort = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:2756:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.remind_old = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:2759:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.delete_old = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:2762:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.ampm = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:2765:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.mdy = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:2768:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). config.alert = atoi( value ); data/gkrellm-reminder-2.0.0/reminder.c:3038:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &event_active, head_today, sizeof( struct event_today ) ); data/gkrellm-reminder-2.0.0/reminder.c:379:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dir = malloc( strlen( config.event_file ) ); data/gkrellm-reminder-2.0.0/reminder.c:1141:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( strlen( name ) < 1 ) data/gkrellm-reminder-2.0.0/reminder.c:2653:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if( !strlen( gtk_entry_get_text( GTK_ENTRY( entry_notify ) ) ) ) ANALYSIS SUMMARY: Hits = 18 Lines analyzed = 3413 in approximately 0.08 seconds (43318 lines/second) Physical Source Lines of Code (SLOC) = 2596 Hits@level = [0] 12 [1] 3 [2] 13 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 30 [1+] 18 [2+] 15 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 11.5562 [1+] 6.93374 [2+] 5.77812 [3+] 0.770416 [4+] 0.770416 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.