Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/hawknl-1.6.8+dfsg2/include/nl.h
Examining data/hawknl-1.6.8+dfsg2/samples/async.c
Examining data/hawknl-1.6.8+dfsg2/samples/broadcast.c
Examining data/hawknl-1.6.8+dfsg2/samples/buffer.c
Examining data/hawknl-1.6.8+dfsg2/samples/clientserver.c
Examining data/hawknl-1.6.8+dfsg2/samples/eqtest.c
Examining data/hawknl-1.6.8+dfsg2/samples/getfile.c
Examining data/hawknl-1.6.8+dfsg2/samples/mac/test.c
Examining data/hawknl-1.6.8+dfsg2/samples/max.c
Examining data/hawknl-1.6.8+dfsg2/samples/multicast.c
Examining data/hawknl-1.6.8+dfsg2/samples/overrun.c
Examining data/hawknl-1.6.8+dfsg2/samples/test.c
Examining data/hawknl-1.6.8+dfsg2/samples/threadpool.c
Examining data/hawknl-1.6.8+dfsg2/samples/timer.c
Examining data/hawknl-1.6.8+dfsg2/src/condition.c
Examining data/hawknl-1.6.8+dfsg2/src/crc.c
Examining data/hawknl-1.6.8+dfsg2/src/err.c
Examining data/hawknl-1.6.8+dfsg2/src/errorstr.c
Examining data/hawknl-1.6.8+dfsg2/src/group.c
Examining data/hawknl-1.6.8+dfsg2/src/ipx.c
Examining data/hawknl-1.6.8+dfsg2/src/ipx.h
Examining data/hawknl-1.6.8+dfsg2/src/loopback.c
Examining data/hawknl-1.6.8+dfsg2/src/loopback.h
Examining data/hawknl-1.6.8+dfsg2/src/mutex.c
Examining data/hawknl-1.6.8+dfsg2/src/nl.c
Examining data/hawknl-1.6.8+dfsg2/src/nlinternal.h
Examining data/hawknl-1.6.8+dfsg2/src/nltime.c
Examining data/hawknl-1.6.8+dfsg2/src/parallel.h
Examining data/hawknl-1.6.8+dfsg2/src/serial.h
Examining data/hawknl-1.6.8+dfsg2/src/sock.c
Examining data/hawknl-1.6.8+dfsg2/src/sock.h
Examining data/hawknl-1.6.8+dfsg2/src/thread.c
Examining data/hawknl-1.6.8+dfsg2/src/wsock.h
FINAL RESULTS:
data/hawknl-1.6.8+dfsg2/samples/mac/test.c:89:9: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(buffer);
data/hawknl-1.6.8+dfsg2/samples/test.c:89:9: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
gets(buffer);
data/hawknl-1.6.8+dfsg2/include/nl.h:536:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define writeString(x, y, z) {strcpy((char *)&x[y], (char *)z); y += (strlen((char *)z) + 1);}
data/hawknl-1.6.8+dfsg2/include/nl.h:537:34: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define readString(x, y, z) {strcpy((char *)z, (char *)&x[y]); y += (strlen((char *)z) + 1);}
data/hawknl-1.6.8+dfsg2/samples/async.c:34:21: [4] (format) wprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _tprintf wprintf
data/hawknl-1.6.8+dfsg2/samples/async.c:35:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/samples/async.c:35:21: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/samples/async.c:45:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _tprintf printf
data/hawknl-1.6.8+dfsg2/samples/async.c:46:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/samples/async.c:46:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/samples/buffer.c:31:21: [4] (format) wprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _tprintf wprintf
data/hawknl-1.6.8+dfsg2/samples/buffer.c:32:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/samples/buffer.c:32:21: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/samples/buffer.c:42:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _tprintf printf
data/hawknl-1.6.8+dfsg2/samples/buffer.c:43:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/samples/buffer.c:43:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/samples/getfile.c:107:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "GET %s HTTP/1.1\r\nHost:%s\nAccept: */*\r\nAccept-Encoding: gzip\r\nUser-Agent: HawkNL sample program Getfile\r\n\r\n"
data/hawknl-1.6.8+dfsg2/samples/getfile.c:110:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "GET %s HTTP/1.0\r\nHost:%s\nAccept: */*\r\nUser-Agent: HawkNL sample program Getfile\r\n\r\n"
data/hawknl-1.6.8+dfsg2/samples/getfile.c:174:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(buffer);
data/hawknl-1.6.8+dfsg2/samples/getfile.c:186:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(buffer);
data/hawknl-1.6.8+dfsg2/samples/overrun.c:31:21: [4] (format) wprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _tprintf wprintf
data/hawknl-1.6.8+dfsg2/samples/overrun.c:32:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/samples/overrun.c:32:21: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/samples/overrun.c:42:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _tprintf printf
data/hawknl-1.6.8+dfsg2/samples/overrun.c:43:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/samples/overrun.c:43:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/src/ipx.c:945:5: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(string, TEXT("%02x%02x%02x%02x:%02x%02x%02x%02x%02x%02x:%u"),
data/hawknl-1.6.8+dfsg2/src/ipx.c:1040:9: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(buffer, TEXT("00000000:%s:%d"), name, ipxport);
data/hawknl-1.6.8+dfsg2/src/ipx.c:1045:9: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(buffer, TEXT("%s:%d"), name, ipxport);
data/hawknl-1.6.8+dfsg2/src/loopback.c:659:5: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(string, TEXT("127.0.0.1:%u"), loopback_GetPortFromAddr(address));
data/hawknl-1.6.8+dfsg2/src/loopback.c:718:5: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(name, TEXT("%s:%u"), TEXT("localhost"), loopback_GetPortFromAddr(address));
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:71:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:71:21: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf swprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:72:9: [4] (format) _sntprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define _sntprintf snwprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:87:9: [4] (buffer) _stprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:87:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define _stprintf sprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:88:9: [4] (format) _sntprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define _sntprintf snprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:88:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define _sntprintf snprintf
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:89:21: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
#define _stscanf sscanf
data/hawknl-1.6.8+dfsg2/src/sock.c:1759:9: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(string, TEXT("%lu.%lu.%lu.%lu"), (addr >> 24) & 0xff, (addr >> 16)
data/hawknl-1.6.8+dfsg2/src/sock.c:1764:9: [4] (format) _stprintf:
Potential format string problem (CWE-134). Make format string constant.
_stprintf(string, TEXT("%lu.%lu.%lu.%lu:%u"), (addr >> 24) & 0xff, (addr >> 16)
data/hawknl-1.6.8+dfsg2/src/sock.c:1923:13: [4] (format) _sntprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
_sntprintf(tempname, (size_t)(NL_MAX_STRING_LENGTH), (const NLchar *)TEXT("%s:%hu"), (const NLchar *)temp, port);
data/hawknl-1.6.8+dfsg2/src/mutex.c:64:9: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&mx->mutex);
data/hawknl-1.6.8+dfsg2/src/mutex.c:120:9: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&mx->mutex);
data/hawknl-1.6.8+dfsg2/include/nl.h:465:66: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define writeShort(x, y, z) {NLushort nl_temps = nlSwaps(z); memcpy((char *)&x[y], (char *)&nl_temps, 2); y += 2;}
data/hawknl-1.6.8+dfsg2/include/nl.h:466:66: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define writeLong(x, y, z) {NLulong nl_templ = nlSwapl(z); memcpy((char *)&x[y], (char *)&nl_templ, 4); y += 4;}
data/hawknl-1.6.8+dfsg2/include/nl.h:467:66: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define writeFloat(x, y, z) {NLfloat nl_tempf = nlSwapf(z); memcpy((char *)&x[y], (char *)&nl_tempf, 4); y += 4;}
data/hawknl-1.6.8+dfsg2/include/nl.h:468:66: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define writeDouble(x, y, z) {NLdouble nl_tempd = nlSwapd(z); memcpy((char *)&x[y], (char *)&nl_tempd, 8); y += 8;}
data/hawknl-1.6.8+dfsg2/include/nl.h:469:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define readShort(x, y, z) {memcpy((char *)&z, (char *)&x[y], 2); z = nlSwaps(z); y += 2;}
data/hawknl-1.6.8+dfsg2/include/nl.h:470:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define readLong(x, y, z) {memcpy((char *)&z, (char *)&x[y], 4); z = nlSwapl(z); y += 4;}
data/hawknl-1.6.8+dfsg2/include/nl.h:471:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define readFloat(x, y, z) {memcpy((char *)&z, (char *)&x[y], 4); z = nlSwapf(z); y += 4;}
data/hawknl-1.6.8+dfsg2/include/nl.h:472:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define readDouble(x, y, z) {memcpy((char *)&z, (char *)&x[y], 8); z = nlSwapd(z); y += 8;}
data/hawknl-1.6.8+dfsg2/include/nl.h:486:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define writeBlock(x, y, z, a) {memcpy((char *)&x[y], (char *)z, a);y += a;}
data/hawknl-1.6.8+dfsg2/include/nl.h:488:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define readBlock(x, y, z, a) {memcpy((char *)z, (char *)&x[y], a);y += a;}
data/hawknl-1.6.8+dfsg2/samples/async.c:38:21: [2] (integer) _wtoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define _ttoi _wtoi
data/hawknl-1.6.8+dfsg2/samples/buffer.c:35:21: [2] (integer) _wtoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define _ttoi _wtoi
data/hawknl-1.6.8+dfsg2/samples/clientserver.c:189:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Client %d says hello, hello", i);
data/hawknl-1.6.8+dfsg2/samples/clientserver.c:191:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "... client %d out.", i);
data/hawknl-1.6.8+dfsg2/samples/getfile.c:23:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open _open
data/hawknl-1.6.8+dfsg2/samples/getfile.c:97:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open(argv[3], O_BINARY|O_CREAT|O_TRUNC|O_RDWR, S_IWRITE | S_IREAD);
data/hawknl-1.6.8+dfsg2/samples/multicast.c:58:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return(atoi(ParamData[i+1]));
data/hawknl-1.6.8+dfsg2/samples/overrun.c:35:21: [2] (integer) _wtoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define _ttoi _wtoi
data/hawknl-1.6.8+dfsg2/samples/threadpool.c:88:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printf("SERVER: thread %d, processed client thread %d\n", thread, atoi(string));
data/hawknl-1.6.8+dfsg2/samples/threadpool.c:146:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d Client thread says hello", thread);
data/hawknl-1.6.8+dfsg2/src/group.c:169:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fd, pgroup->fdset, sizeof(fd_set));
data/hawknl-1.6.8+dfsg2/src/ipx.c:472:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&newsock->addressin, (char *)&newaddr, sizeof(struct sockaddr_ipx));
data/hawknl-1.6.8+dfsg2/src/ipx.c:733:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&sock->addressin, (char *)address, sizeof(struct sockaddr_ipx));
data/hawknl-1.6.8+dfsg2/src/ipx.c:999:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(address, &ipx_ouraddress, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/ipx.c:1008:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipx_ouraddress_copy, &ipx_ouraddress, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/ipx.c:1015:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipx_ouraddress, address, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/loopback.c:470:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, sock->ext->inpacket[sock->ext->nextinused] + 2, (size_t)len);
data/hawknl-1.6.8+dfsg2/src/loopback.c:545:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sock->ext->inpacket[sock->ext->nextinfree] + 2, buffer, (size_t)nbytes);
data/hawknl-1.6.8+dfsg2/src/nl.c:1035:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(address, &sock->addressin, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/nl.c:1074:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sock->addressout, address, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:80:21: [2] (integer) _wtoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define _ttoi _wtoi
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:94:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define _ttoi atoi
data/hawknl-1.6.8+dfsg2/src/sock.c:490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAXHOSTNAMELEN];
data/hawknl-1.6.8+dfsg2/src/sock.c:753:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&newsock->addressin, (char *)&newaddr, sizeof(struct sockaddr_in));
data/hawknl-1.6.8+dfsg2/src/sock.c:1015:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&sock->addressin, (char *)address, sizeof(struct sockaddr_in));
data/hawknl-1.6.8+dfsg2/src/sock.c:1016:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&sock->addressout, (char *)address, sizeof(struct sockaddr_in));
data/hawknl-1.6.8+dfsg2/src/sock.c:1038:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&sock->addressin, (char *)address, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/sock.c:1351:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, (sock->inbuf + c), (size_t)len);
data/hawknl-1.6.8+dfsg2/src/sock.c:1594:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((sock->outbuf + sock->sendlen), (temp + count), (size_t)(dif));
data/hawknl-1.6.8+dfsg2/src/sock.c:1596:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((sock->outbuf + sock->sendlen), ((NLbyte *)buffer), (size_t)(nbytes));
data/hawknl-1.6.8+dfsg2/src/sock.c:1625:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((sock->outbuf + sock->sendlen), ((NLbyte *)buffer + count), (size_t)(dif));
data/hawknl-1.6.8+dfsg2/src/sock.c:1833:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAXHOSTNAMELEN];
data/hawknl-1.6.8+dfsg2/src/sock.c:1977:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr->address, address, sizeof(NLaddress));
data/hawknl-1.6.8+dfsg2/src/wsock.h:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sa_netnum[4];
data/hawknl-1.6.8+dfsg2/src/wsock.h:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sa_nodenum[6];
data/hawknl-1.6.8+dfsg2/include/nl.h:532:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*y += (strlen((char *)&x[*y]) + 1);
data/hawknl-1.6.8+dfsg2/include/nl.h:536:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define writeString(x, y, z) {strcpy((char *)&x[y], (char *)z); y += (strlen((char *)z) + 1);}
data/hawknl-1.6.8+dfsg2/include/nl.h:537:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define readString(x, y, z) {strcpy((char *)z, (char *)&x[y]); y += (strlen((char *)z) + 1);}
data/hawknl-1.6.8+dfsg2/samples/async.c:36:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/samples/async.c:36:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/samples/async.c:47:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/samples/async.c:47:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/samples/async.c:164:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(_tcslen(name1) > 0)
data/hawknl-1.6.8+dfsg2/samples/async.c:169:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(_tcslen(name2) > 0)
data/hawknl-1.6.8+dfsg2/samples/async.c:174:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(_tcslen(name3) > 0)
data/hawknl-1.6.8+dfsg2/samples/async.c:179:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(_tcslen(name4) > 0)
data/hawknl-1.6.8+dfsg2/samples/async.c:184:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(_tcslen(name5) > 0)
data/hawknl-1.6.8+dfsg2/samples/buffer.c:33:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/samples/buffer.c:33:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/samples/buffer.c:44:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/samples/buffer.c:44:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/samples/clientserver.c:135:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(group, buffer, strlen(buffer) + 1);
data/hawknl-1.6.8+dfsg2/samples/clientserver.c:190:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(sock[i], str, strlen(str) + 1);
data/hawknl-1.6.8+dfsg2/samples/clientserver.c:192:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(sock[i], str, strlen(str) + 1);
data/hawknl-1.6.8+dfsg2/samples/getfile.c:113:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(nlWrite(sock, (NLvoid *)buffer, (NLint)strlen(buffer)) < 0)
data/hawknl-1.6.8+dfsg2/samples/mac/test.c:74:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(client[j], buffer, strlen(buffer));
data/hawknl-1.6.8+dfsg2/samples/mac/test.c:90:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(sock, buffer, strlen(buffer) + 1);
data/hawknl-1.6.8+dfsg2/samples/multicast.c:45:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(ParamData[i]);
data/hawknl-1.6.8+dfsg2/samples/multicast.c:132:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)nlWrite(sock, (NLvoid *)buffer, (NLint)strlen(buffer));
data/hawknl-1.6.8+dfsg2/samples/overrun.c:33:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/samples/overrun.c:33:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/samples/overrun.c:44:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/samples/overrun.c:44:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/samples/test.c:74:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(client[j], buffer, strlen(buffer));
data/hawknl-1.6.8+dfsg2/samples/test.c:90:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(sock, buffer, strlen(buffer) + 1);
data/hawknl-1.6.8+dfsg2/samples/threadpool.c:89:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(s, string, strlen(string) + 1);
data/hawknl-1.6.8+dfsg2/samples/threadpool.c:147:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlWrite(sock, str, strlen(str) + 1);
data/hawknl-1.6.8+dfsg2/src/ipx.c:52:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define readsocket read
data/hawknl-1.6.8+dfsg2/src/ipx.c:1036:16: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (NLint)_tcslen(name);
data/hawknl-1.6.8+dfsg2/src/nl.c:204:16: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)_tcslen(dest);
data/hawknl-1.6.8+dfsg2/src/nl.c:207:9: [1] (buffer) _tcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
_tcsncat(dest, src, (size_t)(NL_MAX_STRING_LENGTH - len));
data/hawknl-1.6.8+dfsg2/src/nl.c:1361:5: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(vstring, (NLchar *)TEXT(NL_VERSION_STRING), (size_t)NL_MAX_STRING_LENGTH);
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:70:9: [1] (buffer) _tcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
#define _tcsncat wcsncat
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:70:21: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
#define _tcsncat wcsncat
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:74:9: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define _tcsncpy wcsncpy
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:74:21: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define _tcsncpy wcsncpy
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:77:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:77:21: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen wcslen
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:86:9: [1] (buffer) _tcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
#define _tcsncat strncat
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:86:21: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
#define _tcsncat strncat
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:90:9: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define _tcsncpy strncpy
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:90:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define _tcsncpy strncpy
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:93:9: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/src/nlinternal.h:93:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define _tcslen strlen
data/hawknl-1.6.8+dfsg2/src/sock.c:1927:13: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(tempname, (const NLchar *)temp, (size_t)(NL_MAX_STRING_LENGTH));
data/hawknl-1.6.8+dfsg2/src/sock.c:1935:13: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(tempname, (const NLchar *)TEXT("Bad address"), (size_t)(NL_MAX_STRING_LENGTH));
data/hawknl-1.6.8+dfsg2/src/sock.c:1944:5: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(&name[1], (const NLchar *)&tempname[1], (size_t)(NL_MAX_STRING_LENGTH - 1));
data/hawknl-1.6.8+dfsg2/src/sock.c:2012:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp, name, NL_MAX_STRING_LENGTH);
data/hawknl-1.6.8+dfsg2/src/sock.c:2072:5: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(addr->name, name, (size_t)NL_MAX_STRING_LENGTH);
ANALYSIS SUMMARY:
Hits = 143
Lines analyzed = 11971 in approximately 0.33 seconds (35766 lines/second)
Physical Source Lines of Code (SLOC) = 9447
Hits@level = [0] 147 [1] 54 [2] 45 [3] 2 [4] 40 [5] 2
Hits@level+ = [0+] 290 [1+] 143 [2+] 89 [3+] 44 [4+] 42 [5+] 2
Hits/KSLOC@level+ = [0+] 30.6976 [1+] 15.1371 [2+] 9.42098 [3+] 4.65756 [4+] 4.44586 [5+] 0.211707
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.