Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/haskell-zlib-0.6.2.2/cbits/adler32.c
Examining data/haskell-zlib-0.6.2.2/cbits/compress.c
Examining data/haskell-zlib-0.6.2.2/cbits/crc32.c
Examining data/haskell-zlib-0.6.2.2/cbits/crc32.h
Examining data/haskell-zlib-0.6.2.2/cbits/deflate.c
Examining data/haskell-zlib-0.6.2.2/cbits/deflate.h
Examining data/haskell-zlib-0.6.2.2/cbits/gzguts.h
Examining data/haskell-zlib-0.6.2.2/cbits/infback.c
Examining data/haskell-zlib-0.6.2.2/cbits/inffast.c
Examining data/haskell-zlib-0.6.2.2/cbits/inffast.h
Examining data/haskell-zlib-0.6.2.2/cbits/inffixed.h
Examining data/haskell-zlib-0.6.2.2/cbits/inflate.c
Examining data/haskell-zlib-0.6.2.2/cbits/inflate.h
Examining data/haskell-zlib-0.6.2.2/cbits/inftrees.c
Examining data/haskell-zlib-0.6.2.2/cbits/inftrees.h
Examining data/haskell-zlib-0.6.2.2/cbits/trees.c
Examining data/haskell-zlib-0.6.2.2/cbits/trees.h
Examining data/haskell-zlib-0.6.2.2/cbits/uncompr.c
Examining data/haskell-zlib-0.6.2.2/cbits/zconf.h
Examining data/haskell-zlib-0.6.2.2/cbits/zlib.h
Examining data/haskell-zlib-0.6.2.2/cbits/zutil.c
Examining data/haskell-zlib-0.6.2.2/cbits/zutil.h
FINAL RESULTS:
data/haskell-zlib-0.6.2.2/cbits/gzguts.h:86:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# if !defined(vsnprintf) && !defined(NO_vsnprintf)
data/haskell-zlib-0.6.2.2/cbits/gzguts.h:88:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf _vsnprintf
data/haskell-zlib-0.6.2.2/cbits/gzguts.h:110:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/haskell-zlib-0.6.2.2/cbits/gzguts.h:110:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/haskell-zlib-0.6.2.2/cbits/zutil.h:242:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Trace(x) {if (z_verbose>=0) fprintf x ;}
data/haskell-zlib-0.6.2.2/cbits/zutil.h:243:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracev(x) {if (z_verbose>0) fprintf x ;}
data/haskell-zlib-0.6.2.2/cbits/zutil.h:244:40: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
data/haskell-zlib-0.6.2.2/cbits/zutil.h:245:48: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
data/haskell-zlib-0.6.2.2/cbits/zutil.h:246:49: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
data/haskell-zlib-0.6.2.2/cbits/crc32.c:143:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("crc32.h", "w");
data/haskell-zlib-0.6.2.2/cbits/gzguts.h:47:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define open _open
data/haskell-zlib-0.6.2.2/cbits/inflate.c:640:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
data/haskell-zlib-0.6.2.2/cbits/inflate.c:1405:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4]; /* to restore bit buffer to byte string */
data/haskell-zlib-0.6.2.2/cbits/trees.c:328:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header = fopen("trees.h", "w");
data/haskell-zlib-0.6.2.2/cbits/zutil.c:13:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
z_const char * const z_errmsg[10] = {
data/haskell-zlib-0.6.2.2/cbits/zutil.h:49:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
data/haskell-zlib-0.6.2.2/cbits/zutil.h:109:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
data/haskell-zlib-0.6.2.2/cbits/zutil.h:202:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define F_OPEN(name, mode) fopen((name), (mode))
data/haskell-zlib-0.6.2.2/cbits/zutil.h:226:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define zmemcpy memcpy
data/haskell-zlib-0.6.2.2/cbits/gzguts.h:48:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define read _read
ANALYSIS SUMMARY:
Hits = 20
Lines analyzed = 11471 in approximately 0.40 seconds (28419 lines/second)
Physical Source Lines of Code (SLOC) = 7082
Hits@level = [0] 34 [1] 1 [2] 10 [3] 0 [4] 9 [5] 0
Hits@level+ = [0+] 54 [1+] 20 [2+] 19 [3+] 9 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 7.62496 [1+] 2.82406 [2+] 2.68286 [3+] 1.27083 [4+] 1.27083 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.