Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gpart-0.3/src/errmsgs.h Examining data/gpart-0.3/src/gm_beos.c Examining data/gpart-0.3/src/gm_beos.h Examining data/gpart-0.3/src/gm_bsddl.c Examining data/gpart-0.3/src/gm_bsddl.h Examining data/gpart-0.3/src/gm_btrfs.c Examining data/gpart-0.3/src/gm_btrfs.h Examining data/gpart-0.3/src/gm_ext2.c Examining data/gpart-0.3/src/gm_ext2.h Examining data/gpart-0.3/src/gm_fat.c Examining data/gpart-0.3/src/gm_fat.h Examining data/gpart-0.3/src/gm_hmlvm.c Examining data/gpart-0.3/src/gm_hmlvm.h Examining data/gpart-0.3/src/gm_hpfs.c Examining data/gpart-0.3/src/gm_hpfs.h Examining data/gpart-0.3/src/gm_lswap.c Examining data/gpart-0.3/src/gm_lvm2.c Examining data/gpart-0.3/src/gm_lvm2.h Examining data/gpart-0.3/src/gm_minix.c Examining data/gpart-0.3/src/gm_minix.h Examining data/gpart-0.3/src/gm_ntfs.c Examining data/gpart-0.3/src/gm_ntfs.h Examining data/gpart-0.3/src/gm_qnx4.c Examining data/gpart-0.3/src/gm_qnx4.h Examining data/gpart-0.3/src/gm_reiserfs.c Examining data/gpart-0.3/src/gm_reiserfs.h Examining data/gpart-0.3/src/gm_s86dl.c Examining data/gpart-0.3/src/gm_s86dl.h Examining data/gpart-0.3/src/gm_xfs.c Examining data/gpart-0.3/src/gm_xfs.h Examining data/gpart-0.3/src/gmodules.c Examining data/gpart-0.3/src/gmodules.h Examining data/gpart-0.3/src/gpart.c Examining data/gpart-0.3/src/gpart.h Examining data/gpart-0.3/src/l64seek.c Examining data/gpart-0.3/src/l64seek.h Examining data/gpart-0.3/src/disku.c FINAL RESULTS: data/gpart-0.3/src/gpart.c:118:20: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. va_start(vl,fmt); vsnprintf(msg,511,fmt,vl); va_end(vl); msg[511] = 0; data/gpart-0.3/src/gpart.c:123:19: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (! f_quiet) fprintf(stderr,EM_FATALERROR,msg); data/gpart-0.3/src/gpart.c:126:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(logfile,EM_FATALERROR,msg); data/gpart-0.3/src/gpart.c:131:19: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (! f_quiet) fprintf(stderr,EM_SIMPLEERROR,msg); data/gpart-0.3/src/gpart.c:132:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (logfile) fprintf(logfile,EM_SIMPLEERROR,msg); data/gpart-0.3/src/gpart.c:135:19: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (! f_quiet) fprintf(stderr,EM_WARNING,msg); data/gpart-0.3/src/gpart.c:136:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if (logfile) fprintf(logfile,EM_WARNING,msg); data/gpart-0.3/src/gpart.c:1702:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(ac,av,optstr)) != -1) data/gpart-0.3/src/gm_beos.h:83:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[BEOS_NAME_LENGTH]; data/gpart-0.3/src/gm_bsddl.h:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_typename[16]; /* type name, e.g. "eagle" */ data/gpart-0.3/src/gm_bsddl.h:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_packname[16]; /* pack identifier */ data/gpart-0.3/src/gm_bsddl.h:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char un_d_packname[16]; /* pack identifier */ data/gpart-0.3/src/gm_btrfs.h:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[BTRFS_LABEL_SIZE]; data/gpart-0.3/src/gm_ext2.h:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_volume_name[16]; /* volume name */ data/gpart-0.3/src/gm_ext2.h:101:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_last_mounted[64]; /* directory where last mounted */ data/gpart-0.3/src/gm_hpfs.h:43:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char jmp[3]; data/gpart-0.3/src/gm_hpfs.h:44:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char oem_id[8]; data/gpart-0.3/src/gm_hpfs.h:47:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n_reserved_sectors[2]; data/gpart-0.3/src/gm_hpfs.h:49:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n_rootdir_entries[2]; data/gpart-0.3/src/gm_hpfs.h:50:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n_sectors_s[2]; data/gpart-0.3/src/gm_hpfs.h:60:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char vol_serno[4]; data/gpart-0.3/src/gm_hpfs.h:61:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char vol_label[11]; data/gpart-0.3/src/gm_hpfs.h:62:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char sig_hpfs[8]; /* "HPFS " */ data/gpart-0.3/src/gm_hpfs.h:63:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pad[448]; data/gpart-0.3/src/gm_lswap.c:91:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bootbits[1024]; data/gpart-0.3/src/gm_qnx4.c:97:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&bitmap,rootdir,sizeof(struct qnx4_inode_entry)); data/gpart-0.3/src/gm_qnx4.h:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char di_fname[QNX4_SHORT_NAME_MAX]; data/gpart-0.3/src/gm_reiserfs.h:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_magic[12]; /* reiserfs magic string indicates that file system is reiserfs */ data/gpart-0.3/src/gm_reiserfs.h:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_uuid[16]; data/gpart-0.3/src/gm_reiserfs.h:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_label[16]; data/gpart-0.3/src/gm_reiserfs.h:77:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_unused[88]; data/gpart-0.3/src/gm_s86dl.h:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char v_volume[8]; /* volume name */ data/gpart-0.3/src/gm_s86dl.h:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char v_asciilabel[128]; /* for compatibility */ data/gpart-0.3/src/gm_xfs.h:74:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char __u_bits[16]; data/gpart-0.3/src/gm_xfs.h:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sb_fname[12]; /* file system name */ data/gpart-0.3/src/gpart.c:116:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char msg[512]; data/gpart-0.3/src/gpart.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[3]; data/gpart-0.3/src/gpart.c:198:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/gpart-0.3/src/gpart.c:689:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(where,buf,512); data/gpart-0.3/src/gpart.c:793:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((d->d_fd = open(dev,O_RDONLY)) == -1) data/gpart-0.3/src/gpart.c:830:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&d->d_dg,dg,sizeof(struct disk_geom)); data/gpart-0.3/src/gpart.c:882:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&gpt->g_p[cnt-1],&p[cnt-1],sizeof(dos_part_entry)); data/gpart-0.3/src/gpart.c:949:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((d->d_fd = open(d->d_dev,O_RDONLY)) == -1) data/gpart-0.3/src/gpart.c:1185:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ans[32]; data/gpart-0.3/src/gpart.c:1227:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fd = open(bfile, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) < 0) data/gpart-0.3/src/gpart.c:1254:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(dev,O_WRONLY | (doesntexist ? O_CREAT | O_EXCL : 0),0660); data/gpart-0.3/src/gpart.c:1301:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptbl,d->d_pt.t_boot,DOSPARTOFF); data/gpart-0.3/src/gpart.c:1302:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptbl + DOSPARTOFF,d->d_gpt.t_parts,NDOSPARTS * sizeof(dos_part_entry) + 2); data/gpart-0.3/src/gpart.c:1608:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&d->d_gpt.t_parts[n++],&gp->g_p[0],sizeof(dos_part_entry)); data/gpart-0.3/src/gpart.c:1757:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((logfile = fopen(optarg,"w")) == 0) data/gpart-0.3/src/gpart.c:1766:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((sectsize = atoi(optarg)) <= 0) data/gpart-0.3/src/gm_btrfs.c:60:3: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(d->d_fd, &sb_copy, sizeof(sb_copy)); data/gpart-0.3/src/gm_ext2.c:143:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(d->d_fd,sbuf,SUPERBLOCK_SIZE) != SUPERBLOCK_SIZE) data/gpart-0.3/src/gm_hmlvm.c:67:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen((char *)pv->vg_name) > NAME_LEN / 2) data/gpart-0.3/src/gm_hpfs.c:75:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(d->d_fd,sbuf,OS2SECTSIZE) != OS2SECTSIZE) data/gpart-0.3/src/gm_ntfs.c:81:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(d->d_fd,sbuf,NTFS_SECTSIZE) != NTFS_SECTSIZE) data/gpart-0.3/src/gm_qnx4.c:58:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (memcmp(d->d_sbuf + 4,QNX4_BOOTSECT_SIG,strlen(QNX4_BOOTSECT_SIG))) data/gpart-0.3/src/gm_qnx4.c:85:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(d->d_fd,sbuf,QNX4_BLOCK_SIZE) != QNX4_BLOCK_SIZE) data/gpart-0.3/src/gm_qnx4.c:95:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (rootdir->di_fname && !strncmp(rootdir->di_fname,QNX4_BITMAP_NAME,strlen(QNX4_BITMAP_NAME))) data/gpart-0.3/src/gpart.c:170:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((nr = read(fd,buf,ssize)) == -1) ANALYSIS SUMMARY: Hits = 60 Lines analyzed = 5435 in approximately 0.17 seconds (31143 lines/second) Physical Source Lines of Code (SLOC) = 3400 Hits@level = [0] 31 [1] 9 [2] 43 [3] 1 [4] 7 [5] 0 Hits@level+ = [0+] 91 [1+] 60 [2+] 51 [3+] 8 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 26.7647 [1+] 17.6471 [2+] 15 [3+] 2.35294 [4+] 2.05882 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.