Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gnu-efi-3.0.9/apps/AllocPages.c Examining data/gnu-efi-3.0.9/apps/FreePages.c Examining data/gnu-efi-3.0.9/apps/bltgrid.c Examining data/gnu-efi-3.0.9/apps/debughook.c Examining data/gnu-efi-3.0.9/apps/drv0.c Examining data/gnu-efi-3.0.9/apps/drv0.h Examining data/gnu-efi-3.0.9/apps/drv0_use.c Examining data/gnu-efi-3.0.9/apps/exit.c Examining data/gnu-efi-3.0.9/apps/lfbgrid.c Examining data/gnu-efi-3.0.9/apps/modelist.c Examining data/gnu-efi-3.0.9/apps/printenv.c Examining data/gnu-efi-3.0.9/apps/route80h.c Examining data/gnu-efi-3.0.9/apps/setdbg.c Examining data/gnu-efi-3.0.9/apps/setjmp.c Examining data/gnu-efi-3.0.9/apps/t.c Examining data/gnu-efi-3.0.9/apps/t2.c Examining data/gnu-efi-3.0.9/apps/t3.c Examining data/gnu-efi-3.0.9/apps/t4.c Examining data/gnu-efi-3.0.9/apps/t5.c Examining data/gnu-efi-3.0.9/apps/t6.c Examining data/gnu-efi-3.0.9/apps/t7.c Examining data/gnu-efi-3.0.9/apps/t8.c Examining data/gnu-efi-3.0.9/apps/tcc.c Examining data/gnu-efi-3.0.9/apps/tpause.c Examining data/gnu-efi-3.0.9/apps/unsetdbg.c Examining data/gnu-efi-3.0.9/gnuefi/reloc_aarch64.c Examining data/gnu-efi-3.0.9/gnuefi/reloc_arm.c Examining data/gnu-efi-3.0.9/gnuefi/reloc_ia32.c Examining data/gnu-efi-3.0.9/gnuefi/reloc_mips64el.c Examining data/gnu-efi-3.0.9/gnuefi/reloc_x86_64.c Examining data/gnu-efi-3.0.9/inc/aarch64/efibind.h Examining data/gnu-efi-3.0.9/inc/aarch64/efilibplat.h Examining data/gnu-efi-3.0.9/inc/aarch64/efisetjmp_arch.h Examining data/gnu-efi-3.0.9/inc/arm/efilibplat.h Examining data/gnu-efi-3.0.9/inc/arm/efisetjmp_arch.h Examining data/gnu-efi-3.0.9/inc/arm/efibind.h Examining data/gnu-efi-3.0.9/inc/efi.h Examining data/gnu-efi-3.0.9/inc/efi_nii.h Examining data/gnu-efi-3.0.9/inc/efi_pxe.h Examining data/gnu-efi-3.0.9/inc/efiapi.h Examining data/gnu-efi-3.0.9/inc/eficompiler.h Examining data/gnu-efi-3.0.9/inc/eficon.h Examining data/gnu-efi-3.0.9/inc/efidebug.h Examining data/gnu-efi-3.0.9/inc/efidef.h Examining data/gnu-efi-3.0.9/inc/efidevp.h Examining data/gnu-efi-3.0.9/inc/efierr.h Examining data/gnu-efi-3.0.9/inc/efifs.h Examining data/gnu-efi-3.0.9/inc/efigpt.h Examining data/gnu-efi-3.0.9/inc/efiip.h Examining data/gnu-efi-3.0.9/inc/efilib.h Examining data/gnu-efi-3.0.9/inc/efilink.h Examining data/gnu-efi-3.0.9/inc/efinet.h Examining data/gnu-efi-3.0.9/inc/efipart.h Examining data/gnu-efi-3.0.9/inc/efipciio.h Examining data/gnu-efi-3.0.9/inc/efipoint.h Examining data/gnu-efi-3.0.9/inc/efiprot.h Examining data/gnu-efi-3.0.9/inc/efipxebc.h Examining data/gnu-efi-3.0.9/inc/efirtlib.h Examining data/gnu-efi-3.0.9/inc/efiser.h Examining data/gnu-efi-3.0.9/inc/efisetjmp.h Examining data/gnu-efi-3.0.9/inc/efishellintf.h Examining data/gnu-efi-3.0.9/inc/efishellparm.h Examining data/gnu-efi-3.0.9/inc/efistdarg.h Examining data/gnu-efi-3.0.9/inc/efitcp.h Examining data/gnu-efi-3.0.9/inc/efiudp.h Examining data/gnu-efi-3.0.9/inc/efiui.h Examining data/gnu-efi-3.0.9/inc/ia32/efibind.h Examining data/gnu-efi-3.0.9/inc/ia32/efilibplat.h Examining data/gnu-efi-3.0.9/inc/ia32/efisetjmp_arch.h Examining data/gnu-efi-3.0.9/inc/ia32/pe.h Examining data/gnu-efi-3.0.9/inc/ia64/efibind.h Examining data/gnu-efi-3.0.9/inc/ia64/efilibplat.h Examining data/gnu-efi-3.0.9/inc/ia64/efisetjmp_arch.h Examining data/gnu-efi-3.0.9/inc/ia64/pe.h Examining data/gnu-efi-3.0.9/inc/ia64/salproc.h Examining data/gnu-efi-3.0.9/inc/libsmbios.h Examining data/gnu-efi-3.0.9/inc/mips64el/efibind.h Examining data/gnu-efi-3.0.9/inc/mips64el/efilibplat.h Examining data/gnu-efi-3.0.9/inc/mips64el/efisetjmp_arch.h Examining data/gnu-efi-3.0.9/inc/pci22.h Examining data/gnu-efi-3.0.9/inc/protocol/adapterdebug.h Examining data/gnu-efi-3.0.9/inc/protocol/eficonsplit.h Examining data/gnu-efi-3.0.9/inc/protocol/efidbg.h Examining data/gnu-efi-3.0.9/inc/protocol/efivar.h Examining data/gnu-efi-3.0.9/inc/protocol/ia64/eficontext.h Examining data/gnu-efi-3.0.9/inc/protocol/intload.h Examining data/gnu-efi-3.0.9/inc/protocol/legacyboot.h Examining data/gnu-efi-3.0.9/inc/protocol/piflash64.h Examining data/gnu-efi-3.0.9/inc/protocol/vgaclass.h Examining data/gnu-efi-3.0.9/inc/romload.h Examining data/gnu-efi-3.0.9/inc/x86_64/efibind.h Examining data/gnu-efi-3.0.9/inc/x86_64/efilibplat.h Examining data/gnu-efi-3.0.9/inc/x86_64/efisetjmp_arch.h Examining data/gnu-efi-3.0.9/inc/x86_64/pe.h Examining data/gnu-efi-3.0.9/lib/aarch64/initplat.c Examining data/gnu-efi-3.0.9/lib/aarch64/math.c Examining data/gnu-efi-3.0.9/lib/arm/edk2asm.h Examining data/gnu-efi-3.0.9/lib/arm/initplat.c Examining data/gnu-efi-3.0.9/lib/arm/math.c Examining data/gnu-efi-3.0.9/lib/boxdraw.c Examining data/gnu-efi-3.0.9/lib/cmdline.c Examining data/gnu-efi-3.0.9/lib/console.c Examining data/gnu-efi-3.0.9/lib/crc.c Examining data/gnu-efi-3.0.9/lib/data.c Examining data/gnu-efi-3.0.9/lib/debug.c Examining data/gnu-efi-3.0.9/lib/dpath.c Examining data/gnu-efi-3.0.9/lib/error.c Examining data/gnu-efi-3.0.9/lib/event.c Examining data/gnu-efi-3.0.9/lib/exit.c Examining data/gnu-efi-3.0.9/lib/guid.c Examining data/gnu-efi-3.0.9/lib/hand.c Examining data/gnu-efi-3.0.9/lib/hw.c Examining data/gnu-efi-3.0.9/lib/ia32/initplat.c Examining data/gnu-efi-3.0.9/lib/ia32/math.c Examining data/gnu-efi-3.0.9/lib/ia64/initplat.c Examining data/gnu-efi-3.0.9/lib/ia64/math.c Examining data/gnu-efi-3.0.9/lib/ia64/palproc.h Examining data/gnu-efi-3.0.9/lib/ia64/salpal.c Examining data/gnu-efi-3.0.9/lib/init.c Examining data/gnu-efi-3.0.9/lib/lib.h Examining data/gnu-efi-3.0.9/lib/lock.c Examining data/gnu-efi-3.0.9/lib/mips64el/initplat.c Examining data/gnu-efi-3.0.9/lib/mips64el/math.c Examining data/gnu-efi-3.0.9/lib/misc.c Examining data/gnu-efi-3.0.9/lib/print.c Examining data/gnu-efi-3.0.9/lib/runtime/efirtlib.c Examining data/gnu-efi-3.0.9/lib/runtime/rtdata.c Examining data/gnu-efi-3.0.9/lib/runtime/rtlock.c Examining data/gnu-efi-3.0.9/lib/runtime/rtstr.c Examining data/gnu-efi-3.0.9/lib/runtime/vm.c Examining data/gnu-efi-3.0.9/lib/smbios.c Examining data/gnu-efi-3.0.9/lib/sread.c Examining data/gnu-efi-3.0.9/lib/str.c Examining data/gnu-efi-3.0.9/lib/x86_64/callwrap.c Examining data/gnu-efi-3.0.9/lib/x86_64/initplat.c Examining data/gnu-efi-3.0.9/lib/x86_64/math.c FINAL RESULTS: data/gnu-efi-3.0.9/apps/printenv.c:20:2: [4] (buffer) StrCpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). StrCpy(fmt, L"%.-35g %.-20s %s\n"); data/gnu-efi-3.0.9/inc/efilib.h:311:1: [4] (buffer) StrCpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). StrCpy ( data/gnu-efi-3.0.9/inc/efilib.h:337:1: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). StrCat ( data/gnu-efi-3.0.9/lib/error.c:77:6: [4] (buffer) StrCpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). StrCpy (Buffer, ErrorCodeTable[Index].Desc); data/gnu-efi-3.0.9/lib/str.c:107:1: [4] (buffer) StrCpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). StrCpy ( data/gnu-efi-3.0.9/lib/str.c:149:1: [4] (buffer) StrCat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). StrCat ( data/gnu-efi-3.0.9/apps/route80h.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pad[0xEB]; /* 04-EF */ data/gnu-efi-3.0.9/lib/init.c:205:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. void *memcpy(void *dest, const void *src, __SIZE_TYPE__ n) ANALYSIS SUMMARY: Hits = 8 Lines analyzed = 27007 in approximately 0.49 seconds (55217 lines/second) Physical Source Lines of Code (SLOC) = 17035 Hits@level = [0] 0 [1] 0 [2] 2 [3] 0 [4] 6 [5] 0 Hits@level+ = [0+] 8 [1+] 8 [2+] 8 [3+] 6 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 0.469621 [1+] 0.469621 [2+] 0.469621 [3+] 0.352216 [4+] 0.352216 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.