Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gnubiff-2.2.17/src/gui.cc
Examining data/gnubiff-2.2.17/src/apop.h
Examining data/gnubiff-2.2.17/src/gtk_image_animation.cc
Examining data/gnubiff-2.2.17/src/ui-applet.h
Examining data/gnubiff-2.2.17/src/ui-preferences.cc
Examining data/gnubiff-2.2.17/src/pop.cc
Examining data/gnubiff-2.2.17/src/header.h
Examining data/gnubiff-2.2.17/src/eggtrayicon.c
Examining data/gnubiff-2.2.17/src/mh_sylpheed.cc
Examining data/gnubiff-2.2.17/src/ui-applet-systray.cc
Examining data/gnubiff-2.2.17/src/ui-applet-gtk.cc
Examining data/gnubiff-2.2.17/src/local.cc
Examining data/gnubiff-2.2.17/src/pop3.h
Examining data/gnubiff-2.2.17/src/ui-popup.h
Examining data/gnubiff-2.2.17/src/socket.h
Examining data/gnubiff-2.2.17/src/ui-applet-systray.h
Examining data/gnubiff-2.2.17/src/ui-certificate.cc
Examining data/gnubiff-2.2.17/src/ui-authentication.cc
Examining data/gnubiff-2.2.17/src/socket.cc
Examining data/gnubiff-2.2.17/src/mailbox.cc
Examining data/gnubiff-2.2.17/src/nls.h
Examining data/gnubiff-2.2.17/src/imap4.cc
Examining data/gnubiff-2.2.17/src/gtk_image_animation.h
Examining data/gnubiff-2.2.17/src/ui-applet-gtk.h
Examining data/gnubiff-2.2.17/src/ui-properties.h
Examining data/gnubiff-2.2.17/src/ui-properties.cc
Examining data/gnubiff-2.2.17/src/option.h
Examining data/gnubiff-2.2.17/src/mh.cc
Examining data/gnubiff-2.2.17/src/ui-preferences.h
Examining data/gnubiff-2.2.17/src/biff.cc
Examining data/gnubiff-2.2.17/src/file.cc
Examining data/gnubiff-2.2.17/src/mh.h
Examining data/gnubiff-2.2.17/src/ui-popup.cc
Examining data/gnubiff-2.2.17/src/ui-authentication.h
Examining data/gnubiff-2.2.17/src/support.h
Examining data/gnubiff-2.2.17/src/options.h
Examining data/gnubiff-2.2.17/src/ui-applet.cc
Examining data/gnubiff-2.2.17/src/mh_basic.cc
Examining data/gnubiff-2.2.17/src/ui-applet-gnome.h
Examining data/gnubiff-2.2.17/src/imap4.h
Examining data/gnubiff-2.2.17/src/file.h
Examining data/gnubiff-2.2.17/src/decoding.h
Examining data/gnubiff-2.2.17/src/pop3.cc
Examining data/gnubiff-2.2.17/src/mh_sylpheed.h
Examining data/gnubiff-2.2.17/src/maildir.cc
Examining data/gnubiff-2.2.17/src/signals.cc
Examining data/gnubiff-2.2.17/src/mailbox.h
Examining data/gnubiff-2.2.17/src/local.h
Examining data/gnubiff-2.2.17/src/ui-applet-gui.h
Examining data/gnubiff-2.2.17/src/header.cc
Examining data/gnubiff-2.2.17/src/maildir.h
Examining data/gnubiff-2.2.17/src/ui-certificate.h
Examining data/gnubiff-2.2.17/src/decoding.cc
Examining data/gnubiff-2.2.17/src/option.cc
Examining data/gnubiff-2.2.17/src/ui-applet-gui.cc
Examining data/gnubiff-2.2.17/src/gui.h
Examining data/gnubiff-2.2.17/src/support.cc
Examining data/gnubiff-2.2.17/src/signals.h
Examining data/gnubiff-2.2.17/src/pop.h
Examining data/gnubiff-2.2.17/src/mh_basic.h
Examining data/gnubiff-2.2.17/src/biff.h
Examining data/gnubiff-2.2.17/src/gnubiff_options.h
Examining data/gnubiff-2.2.17/src/gnubiff_options.cc
Examining data/gnubiff-2.2.17/src/eggtrayicon.h
Examining data/gnubiff-2.2.17/src/apop.cc
Examining data/gnubiff-2.2.17/src/options.cc
Examining data/gnubiff-2.2.17/src/gnubiff.cc
Examining data/gnubiff-2.2.17/src/ui-applet-gnome.cc
FINAL RESULTS:
data/gnubiff-2.2.17/src/ui-applet.cc:146:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int result = system (command.c_str ());
data/gnubiff-2.2.17/src/gnubiff_options.cc:188:38: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
gchar *filename = g_build_filename (g_get_home_dir (),".gnubiffrc", NULL);
data/gnubiff-2.2.17/src/apop.cc:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_response[33];
data/gnubiff-2.2.17/src/apop.cc:112:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char response[16];
data/gnubiff-2.2.17/src/apop.cc:119:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&hex_response[i*2], "%02x", response[i]);
data/gnubiff-2.2.17/src/biff.cc:119:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open (configfile.c_str());
data/gnubiff-2.2.17/src/biff.cc:773:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open (configfile.c_str(), O_WRONLY | O_CREAT | O_TRUNC,
data/gnubiff-2.2.17/src/biff.cc:803:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open (configfile.c_str());
data/gnubiff-2.2.17/src/eggtrayicon.c:377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/gnubiff-2.2.17/src/eggtrayicon.c:473:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&ev.data, message, 20);
data/gnubiff-2.2.17/src/eggtrayicon.c:479:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&ev.data, message, len);
data/gnubiff-2.2.17/src/file.cc:95:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open (address().c_str());
data/gnubiff-2.2.17/src/gtk_image_animation.cc:174:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
GtkImageAnimation::open (std::string filename)
data/gnubiff-2.2.17/src/gtk_image_animation.h:70:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gboolean open (std::string filename);
data/gnubiff-2.2.17/src/gui.cc:391:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
have_preview = preview_animation->open (filename);
data/gnubiff-2.2.17/src/imap4.cc:226:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!socket_->open (address(), prt, AUTH_SSL)) {
data/gnubiff-2.2.17/src/imap4.cc:229:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!socket_->open (address(), prt, AUTH_USER_PASS))
data/gnubiff-2.2.17/src/imap4.cc:245:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!socket_->open (address(), port(), authentication(), certificate(), 3))
data/gnubiff-2.2.17/src/local.cc:160:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open (filename.c_str());
data/gnubiff-2.2.17/src/mailbox.cc:465:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (prt[i] && s.open (address(), prt[i],
data/gnubiff-2.2.17/src/mh.cc:94:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open (filename.c_str ());
data/gnubiff-2.2.17/src/mh_sylpheed.cc:95:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open (filename.c_str ());
data/gnubiff-2.2.17/src/pop.cc:237:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!socket_->open (address(), prt, AUTH_SSL)) {
data/gnubiff-2.2.17/src/pop.cc:240:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!socket_->open (address(), prt, AUTH_USER_PASS))
data/gnubiff-2.2.17/src/pop.cc:256:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!socket_->open (address(), port(), authentication(), certificate(), 3))
data/gnubiff-2.2.17/src/socket.cc:189:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Socket::open (std::string hostname, gushort port, guint authentication,
data/gnubiff-2.2.17/src/socket.h:88:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gint open (std::string hostname = "",
data/gnubiff-2.2.17/src/ui-applet-gui.cc:58:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
anim->open (biff_->value_string ("newmail_image"));
data/gnubiff-2.2.17/src/ui-applet-gui.cc:290:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
anim->open (image);
data/gnubiff-2.2.17/src/ui-certificate.cc:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char common_name[100];
data/gnubiff-2.2.17/src/ui-certificate.cc:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[100];
data/gnubiff-2.2.17/src/ui-certificate.cc:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[100];
data/gnubiff-2.2.17/src/ui-certificate.cc:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locality[100];
data/gnubiff-2.2.17/src/ui-certificate.cc:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char org[100];
data/gnubiff-2.2.17/src/ui-certificate.cc:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[100];
data/gnubiff-2.2.17/src/biff.cc:714:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
28-strlen(name)-save_blocks.size()*2,
data/gnubiff-2.2.17/src/eggtrayicon.c:447:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (message);
data/gnubiff-2.2.17/src/imap4.cc:1564:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gint status = socket_->read (line, print, check);
data/gnubiff-2.2.17/src/mailbox.cc:472:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
s.read (line, true);
data/gnubiff-2.2.17/src/mh_sylpheed.cc:100:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.read ((char *)&version, sizeof(version));
data/gnubiff-2.2.17/src/mh_sylpheed.cc:111:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.read ((char *)&mn, sizeof(mn)).read ((char *)&flags, sizeof(mn));
data/gnubiff-2.2.17/src/mh_sylpheed.cc:111:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.read ((char *)&mn, sizeof(mn)).read ((char *)&flags, sizeof(mn));
data/gnubiff-2.2.17/src/pop.cc:502:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gint status=socket_->read(line, print, check);
data/gnubiff-2.2.17/src/socket.cc:293:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read (line, false, false);
data/gnubiff-2.2.17/src/socket.cc:350:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Socket::read (std::string &line, gboolean print, gboolean check)
data/gnubiff-2.2.17/src/socket.cc:379:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&& ((status=TEMP_FAILURE_RETRY(::read (sd_, &buffer, 1))) > 0)
data/gnubiff-2.2.17/src/socket.h:95:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gint read (std::string &line,
ANALYSIS SUMMARY:
Hits = 47
Lines analyzed = 19190 in approximately 0.48 seconds (39582 lines/second)
Physical Source Lines of Code (SLOC) = 10861
Hits@level = [0] 1 [1] 12 [2] 33 [3] 1 [4] 1 [5] 0
Hits@level+ = [0+] 48 [1+] 47 [2+] 35 [3+] 2 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 4.41948 [1+] 4.32741 [2+] 3.22254 [3+] 0.184145 [4+] 0.0920726 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.