Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/hpsockd-0.17/src/sockd/dns.c Examining data/hpsockd-0.17/src/sockd/logging.h Examining data/hpsockd-0.17/src/sockd/sockd.h Examining data/hpsockd-0.17/src/sockd/sdc.c Examining data/hpsockd-0.17/src/sockd/v5command.c Examining data/hpsockd-0.17/src/sockd/methods.c Examining data/hpsockd-0.17/src/sockd/v5.c Examining data/hpsockd-0.17/src/sockd/v4.h Examining data/hpsockd-0.17/src/sockd/log2ascii.c Examining data/hpsockd-0.17/src/sockd/util.c Examining data/hpsockd-0.17/src/sockd/v5udp.c Examining data/hpsockd-0.17/src/sockd/logging.c Examining data/hpsockd-0.17/src/sockd/v5.h Examining data/hpsockd-0.17/src/sockd/v5tcp.c Examining data/hpsockd-0.17/src/sockd/sockd.c Examining data/hpsockd-0.17/src/sockd/userpass.c Examining data/hpsockd-0.17/src/sockd/signal.c Examining data/hpsockd-0.17/src/sockd/usage.c Examining data/hpsockd-0.17/src/sockd/paths.h Examining data/hpsockd-0.17/src/sockd/v4.c Examining data/hpsockd-0.17/src/sockd/listen.c Examining data/hpsockd-0.17/src/util/inet_ntoa.h Examining data/hpsockd-0.17/src/util/inetdsec.c Examining data/hpsockd-0.17/src/util/btree.h Examining data/hpsockd-0.17/src/util/btree.c Examining data/hpsockd-0.17/src/util/inet_ntoa.c FINAL RESULTS: data/hpsockd-0.17/src/sockd/dns.c:330:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(req->req.name,name); data/hpsockd-0.17/src/sockd/dns.c:373:30: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). reply->hostent.h_name=next; strcpy(next,req->req.name); next+=strlen(req->req.name)+1; data/hpsockd-0.17/src/sockd/methods.c:72:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(infoName,"%sInfo",name); data/hpsockd-0.17/src/sockd/sdc.c:127:2: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(SOCKD_PATH,c,(char*)NULL); data/hpsockd-0.17/src/sockd/sdc.c:139:2: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(SOCKD_PATH,c,(char*)NULL); data/hpsockd-0.17/src/sockd/signal.c:104:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s.client.%d",base,negotInfo->pid); data/hpsockd-0.17/src/sockd/signal.c:160:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s.conf.%d",base,negotInfo->pid); data/hpsockd-0.17/src/sockd/signal.c:394:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s.memmap.%d",base,pid); data/hpsockd-0.17/src/sockd/usage.c:169:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(c+strlen(c),b?"%09d":"%d",a); data/hpsockd-0.17/src/sockd/usage.c:170:2: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(c+strlen(c),(a||b)?"%09d":"%d",l); data/hpsockd-0.17/src/sockd/util.c:661:2: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(LOG_ERR,ERRSTR); data/hpsockd-0.17/src/sockd/util.c:855:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s.footprint.%d",base,negotInfo->pid); data/hpsockd-0.17/src/sockd/v5command.c:296:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd,escape), cmd+=strlen(escape); data/hpsockd-0.17/src/sockd/v5command.c:303:2: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(shell,"sh","-c",cmdStart,(char*)NULL); data/hpsockd-0.17/src/sockd/v5command.c:306:2: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(cmdStart); data/hpsockd-0.17/src/sockd/v5udp.c:178:6: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(LOG_ERR,m,inetNtoa(mSin->sin_addr.s_addr),ntohs(mSin->sin_port)); data/hpsockd-0.17/src/sockd/v5udp.c:180:6: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(LOG_ERR,m); data/hpsockd-0.17/src/sockd/v5udp.c:195:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out,"%2s-%05x%c ",tag, num, (i ? '-' : ':')); data/hpsockd-0.17/src/util/btree.c:465:23: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define Fprintf (void)fprintf data/hpsockd-0.17/src/util/inet_ntoa.c:57:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str[v],ADDR_SLEN,fmt,(haddr>>24&0xff),(haddr>>16&0xff),(haddr>>8&0xff),(haddr&0xff)); data/hpsockd-0.17/src/util/inetdsec.c:118:8: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). (void)strcpy(buf, safe.list); data/hpsockd-0.17/src/util/inetdsec.c:378:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cp,p); data/hpsockd-0.17/src/sockd/log2ascii.c:59:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c=getopt(argc,argv,":fs")) != EOF) switch (c) { data/hpsockd-0.17/src/sockd/sdc.c:51:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c=getopt(argc,argv,"c:d:p:"))!=EOF) switch(c) { data/hpsockd-0.17/src/sockd/sockd.c:75:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c=getopt(argc,argv,":c:d:l:vw:"))!=EOF) switch(c) { data/hpsockd-0.17/src/sockd/usage.c:194:12: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c=getopt(argc,argv,"D:sdvn:h:")) != EOF) switch (c) { data/hpsockd-0.17/src/sockd/dns.c:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/hpsockd-0.17/src/sockd/dns.c:54:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[248]; data/hpsockd-0.17/src/sockd/dns.c:386:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(next,hent->h_addr_list[j],hent->h_length); data/hpsockd-0.17/src/sockd/listen.c:325:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdLine[256]; data/hpsockd-0.17/src/sockd/log2ascii.c:79:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ((in=open(argv[optind],O_RDONLY,0))<0) { data/hpsockd-0.17/src/sockd/log2ascii.c:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chars[65536]; data/hpsockd-0.17/src/sockd/log2ascii.c:101:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char uchars[65536]; data/hpsockd-0.17/src/sockd/log2ascii.c:188:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; data/hpsockd-0.17/src/sockd/log2ascii.c:208:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin.sin_addr,c+1,4); data/hpsockd-0.17/src/sockd/log2ascii.c:220:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/hpsockd-0.17/src/sockd/log2ascii.c:221:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(name,c+1,*c); data/hpsockd-0.17/src/sockd/logging.c:46:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logFd=open(config.log.logFile,O_WRONLY|O_APPEND); data/hpsockd-0.17/src/sockd/logging.c:48:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logFd=open(config.log.logFile,O_WRONLY|O_APPEND|O_CREAT|O_EXCL,0644); data/hpsockd-0.17/src/sockd/logging.c:50:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logFd=open(config.log.logFile,O_WRONLY|O_APPEND); data/hpsockd-0.17/src/sockd/logging.c:93:37: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. tmp=htonl(now-conn->startTime); memcpy(p,&tmp,sizeof(tmp)); p+=sizeof(tmp); data/hpsockd-0.17/src/sockd/logging.c:96:28: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. case AF_INET: *p=ATYP_V4; memcpy(p+1,&srcSin->sin_addr,4); p+=5; break; data/hpsockd-0.17/src/sockd/logging.c:98:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. case AF_INET6: *p=ATYP_V6; memcpy(p+1,&srcSin->sin_addr,16); p+=17; break; data/hpsockd-0.17/src/sockd/logging.c:106:37: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. i=strlen(conn->user)&0xff; *p++=i; memcpy(p,conn->user,i); p+=i; /* name limited to 255 octets */ data/hpsockd-0.17/src/sockd/logging.c:120:28: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. case AF_INET: *p=ATYP_V4; memcpy(p+1,&destSin->sin_addr,4); p+=5; break; data/hpsockd-0.17/src/sockd/logging.c:122:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. case AF_INET6: *p=ATYP_V6; memcpy(p+1,&destSin->sin_addr,16); p+=17; break; data/hpsockd-0.17/src/sockd/logging.c:125:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p,&destSin->sin_port,sizeof(u_short)); p+=sizeof(u_short); data/hpsockd-0.17/src/sockd/logging.c:129:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p,&tmp,sizeof(tmp)), p+=sizeof(tmp); data/hpsockd-0.17/src/sockd/logging.c:131:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p,&tmp,sizeof(tmp)), p+=sizeof(tmp); data/hpsockd-0.17/src/sockd/logging.c:132:24: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. tmp=htonl(reason); memcpy(p,&tmp,sizeof(tmp)), p+=sizeof(tmp); data/hpsockd-0.17/src/sockd/logging.c:162:4: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). i=open(config.log.logFile,O_WRONLY|O_APPEND); data/hpsockd-0.17/src/sockd/logging.h:37:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char chars[256*3+256]; /* more than enough */ data/hpsockd-0.17/src/sockd/sdc.c:38:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char syslogName[20]; data/hpsockd-0.17/src/sockd/sdc.c:73:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). negotFd=open(config.daemon.negotFile,O_RDONLY); data/hpsockd-0.17/src/sockd/sdc.c:94:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(negot,negotTmp,NEGOT_SIZE); data/hpsockd-0.17/src/sockd/sdc.c:159:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[12]; data/hpsockd-0.17/src/sockd/signal.c:37:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[20]; data/hpsockd-0.17/src/sockd/signal.c:42:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",i); data/hpsockd-0.17/src/sockd/signal.c:62:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char result[sizeof("255.255.255.255")*2+8]; data/hpsockd-0.17/src/sockd/signal.c:107:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600); data/hpsockd-0.17/src/sockd/signal.c:163:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600); data/hpsockd-0.17/src/sockd/signal.c:297:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c2[sizeof("unknown-")+10],d2[sizeof(" unknown-")+10]; data/hpsockd-0.17/src/sockd/signal.c:303:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default: c=c2; sprintf(c,"unknown-%d",config.clients.list[i].action); break; data/hpsockd-0.17/src/sockd/signal.c:312:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default: d=d2; sprintf(d," unknown-%d",config.clients.list[i].request); break; data/hpsockd-0.17/src/sockd/signal.c:401:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600); data/hpsockd-0.17/src/sockd/sockd.c:51:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char syslogName[20]; data/hpsockd-0.17/src/sockd/sockd.c:272:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[65536]; data/hpsockd-0.17/src/sockd/sockd.c:328:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32768],*cplim; data/hpsockd-0.17/src/sockd/usage.c:139:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[80]; data/hpsockd-0.17/src/sockd/usage.c:167:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(c,"%d",b); data/hpsockd-0.17/src/sockd/usage.c:217:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ((in=fopen(argv[optind],"r"))==NULL) { data/hpsockd-0.17/src/sockd/usage.c:285:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[256]; data/hpsockd-0.17/src/sockd/usage.c:308:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(user,utmp+1,*utmp); data/hpsockd-0.17/src/sockd/usage.c:329:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[256]; data/hpsockd-0.17/src/sockd/usage.c:336:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(user,utmp+1,*utmp); data/hpsockd-0.17/src/sockd/usage.c:460:33: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. key->src=malloc(ADDRLEN(src)); memcpy(key->src,src,ADDRLEN(src)); data/hpsockd-0.17/src/sockd/usage.c:481:34: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. key->dest=malloc(ADDRLEN(dst)); memcpy(key->dest,dst,ADDRLEN(dst)); data/hpsockd-0.17/src/sockd/usage.c:625:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[256]; data/hpsockd-0.17/src/sockd/usage.c:629:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&in,addr+1,4); data/hpsockd-0.17/src/sockd/usage.c:632:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"v6 addr"); /* XXX */ data/hpsockd-0.17/src/sockd/usage.c:637:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf,addr+1,*addr); data/hpsockd-0.17/src/sockd/usage.c:640:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"unknown_address_type %d",*addr); data/hpsockd-0.17/src/sockd/util.c:115:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inf->dataStart+inf->dataLen,buf,len); data/hpsockd-0.17/src/sockd/util.c:126:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf,inf->dataStart,len); data/hpsockd-0.17/src/sockd/util.c:467:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdLine[256]; data/hpsockd-0.17/src/sockd/util.c:623:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blank[NEGOT_SIZE]; data/hpsockd-0.17/src/sockd/util.c:627:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). negotFd=open(config.daemon.negotFile,O_RDWR); data/hpsockd-0.17/src/sockd/util.c:629:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((negotFd=open(config.daemon.negotFile,O_WRONLY|O_CREAT|O_EXCL,0644))>=0) { data/hpsockd-0.17/src/sockd/util.c:633:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). negotFd=open(config.daemon.negotFile,O_RDWR); data/hpsockd-0.17/src/sockd/util.c:857:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd=open(name,O_WRONLY|O_CREAT|O_EXCL,0600); data/hpsockd-0.17/src/sockd/v4.c:103:20: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. *dest=ATYP_V4; memcpy(dest+1,&req->destIP,4); data/hpsockd-0.17/src/sockd/v4.c:332:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&v5->destAddr,&req->destIP,4); data/hpsockd-0.17/src/sockd/v4.c:333:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v5+1,&req->port,sizeof(req->port)); data/hpsockd-0.17/src/sockd/v4.h:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[4]; /* actually whatever it takes... */ data/hpsockd-0.17/src/sockd/v5.c:89:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(reply->destAddr,&sin->sin_addr,4); data/hpsockd-0.17/src/sockd/v5.c:90:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(reply->destAddr+4,&sin->sin_port,sizeof(sin->sin_port)); data/hpsockd-0.17/src/sockd/v5.c:95:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(reply->destAddr,&sin->sin_addr,16); data/hpsockd-0.17/src/sockd/v5.c:96:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(reply->destAddr+16,&sin->sin_port,sizeof(sin->sin_port)); data/hpsockd-0.17/src/sockd/v5.c:107:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin->sin_addr,req->destAddr,4); data/hpsockd-0.17/src/sockd/v5.c:108:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin->sin_port,req->destAddr+4,sizeof(short)); data/hpsockd-0.17/src/sockd/v5.c:115:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin->sin_addr,req->destAddr,16); data/hpsockd-0.17/src/sockd/v5.c:116:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin->sin_port,req->destAddr+16,sizeof(short)); data/hpsockd-0.17/src/sockd/v5.c:201:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[16]; data/hpsockd-0.17/src/sockd/v5.c:202:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name,"COMMAND_%d",conn->req->cmd); data/hpsockd-0.17/src/sockd/v5.c:267:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain[256]; data/hpsockd-0.17/src/sockd/v5.c:293:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(domain,req->destAddr+1,*req->destAddr); data/hpsockd-0.17/src/sockd/v5.c:314:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->destAddr,hent->h_addr_list[0],hent->h_length); data/hpsockd-0.17/src/sockd/v5.c:315:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->destAddr+hent->h_length,&port,sizeof(port)); data/hpsockd-0.17/src/sockd/v5command.c:159:20: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. c+=ADDRLEN(c); memcpy(&portNum,c,sizeof(u_short)); data/hpsockd-0.17/src/sockd/v5command.c:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char escapeBuf[256]; data/hpsockd-0.17/src/sockd/v5command.c:206:36: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default: escape=escapeBuf; sprintf(escapeBuf,"%d",conn->req->cmd); break; data/hpsockd-0.17/src/sockd/v5command.c:211:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(escapeBuf,"%d", getpid()); data/hpsockd-0.17/src/sockd/v5command.c:219:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(escapeBuf,"%d",ntohs(portNum)); data/hpsockd-0.17/src/sockd/v5command.c:227:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(escapeBuf,"%d",ntohs(portNum)); data/hpsockd-0.17/src/sockd/v5udp.c:62:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&src,req->destAddr,4); data/hpsockd-0.17/src/sockd/v5udp.c:69:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(req->destAddr,&client->sin.sin_addr.s_addr,4); data/hpsockd-0.17/src/sockd/v5udp.c:190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out[2048]; data/hpsockd-0.17/src/sockd/v5udp.c:247:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vfBuf,info->in.dataStart,fromLen); data/hpsockd-0.17/src/sockd/v5udp.c:283:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(validateReq,req,headLen); data/hpsockd-0.17/src/sockd/v5udp.c:292:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(info->in.dataStart,vfrom,fromLen); data/hpsockd-0.17/src/sockd/v5udp.c:336:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c,buf,len), c+=len; data/hpsockd-0.17/src/util/btree.c:221:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void)memcpy(newNode->e,pn->e+pn->nel,newNode->nel*sizeof(elem_t)); data/hpsockd-0.17/src/util/btree.c:533:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char indent[300]; data/hpsockd-0.17/src/util/inet_ntoa.c:42:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[NUM_ADDR][ADDR_SLEN]; data/hpsockd-0.17/src/util/inet_ntoa.c:67:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char str[NUM_ADDR][ADDR_SLEN]; data/hpsockd-0.17/src/util/inetdsec.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/hpsockd-0.17/src/util/inetdsec.c:88:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). securep = fopen(security_file, "r"); data/hpsockd-0.17/src/util/inetdsec.c:191:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char store[100]; /*** internet specifies 60 chars, + some ***/ data/hpsockd-0.17/src/util/inetdsec.c:192:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *list[4]; data/hpsockd-0.17/src/util/inetdsec.c:245:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). low = (byte)atoi(list[i]); data/hpsockd-0.17/src/util/inetdsec.c:246:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). high = (byte)atoi(cp); data/hpsockd-0.17/src/util/inetdsec.c:268:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num = (byte)atoi(list[i]); data/hpsockd-0.17/src/sockd/dns.c:328:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name)>255) data/hpsockd-0.17/src/sockd/dns.c:373:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). reply->hostent.h_name=next; strcpy(next,req->req.name); next+=strlen(req->req.name)+1; data/hpsockd-0.17/src/sockd/log2ascii.c:38:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r=read(fd,buf,size); data/hpsockd-0.17/src/sockd/logging.c:106:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i=strlen(conn->user)&0xff; *p++=i; memcpy(p,conn->user,i); p+=i; /* name limited to 255 octets */ data/hpsockd-0.17/src/sockd/methods.c:67:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). infoName=malloc(strlen(name)+5); data/hpsockd-0.17/src/sockd/signal.c:95:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/signal.c:98:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/signal.c:151:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/signal.c:154:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/signal.c:177:52: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). fprintf(f,"\tumask\t\t0o%03o;\n",config.daemon.umask); data/hpsockd-0.17/src/sockd/signal.c:392:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/sockd.c:499:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(syslogName,config.daemon.name,sizeof(syslogName)); data/hpsockd-0.17/src/sockd/sockd.c:502:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(config.daemon.umask); data/hpsockd-0.17/src/sockd/sockd.c:502:22: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(config.daemon.umask); data/hpsockd-0.17/src/sockd/sockd.h:278:10: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). int umask; data/hpsockd-0.17/src/sockd/usage.c:169:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(c+strlen(c),b?"%09d":"%d",a); data/hpsockd-0.17/src/sockd/usage.c:170:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf(c+strlen(c),(a||b)?"%09d":"%d",l); data/hpsockd-0.17/src/sockd/usage.c:245:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r=read(fd,buf,size); data/hpsockd-0.17/src/sockd/userpass.c:72:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key.size = strlen(user); data/hpsockd-0.17/src/sockd/userpass.c:79:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (data.size==strlen(pass) && memcmp(data.data,pass,data.size)==0) { data/hpsockd-0.17/src/sockd/util.c:786:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). register int len=strlen(name); data/hpsockd-0.17/src/sockd/util.c:846:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/util.c:849:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=malloc(strlen(base)+30); data/hpsockd-0.17/src/sockd/v5command.c:72:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). client->peer->TCP_RECV=(recvFunc*)read; data/hpsockd-0.17/src/sockd/v5command.c:177:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len= (c) ? (c-srcCmd) : strlen(srcCmd); data/hpsockd-0.17/src/sockd/v5command.c:191:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(srcName)>255) data/hpsockd-0.17/src/sockd/v5command.c:249:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(destName)>255) data/hpsockd-0.17/src/sockd/v5command.c:272:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). need=len+strlen(escape); data/hpsockd-0.17/src/sockd/v5command.c:285:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cmd,srcCmd,len), srcCmd+=len+2, cmd+=len; data/hpsockd-0.17/src/sockd/v5command.c:296:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(cmd,escape), cmd+=strlen(escape); data/hpsockd-0.17/src/util/inetdsec.c:119:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lastp = &buf[strlen(buf)]; data/hpsockd-0.17/src/util/inetdsec.c:151:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = &p[strlen(p)]; data/hpsockd-0.17/src/util/inetdsec.c:197:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strspn(string,"0123456789-*.") != strlen(string) ) data/hpsockd-0.17/src/util/inetdsec.c:201:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(store,string,sizeof(store)); data/hpsockd-0.17/src/util/inetdsec.c:342:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lensafe = strlen(safe.list); data/hpsockd-0.17/src/util/inetdsec.c:374:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newlen = strlen(p); data/hpsockd-0.17/src/util/inetdsec.c:411:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cp) == strspn(cp, " \t\f\r\n")) ANALYSIS SUMMARY: Hits = 169 Lines analyzed = 8104 in approximately 0.28 seconds (28672 lines/second) Physical Source Lines of Code (SLOC) = 6142 Hits@level = [0] 289 [1] 37 [2] 106 [3] 4 [4] 22 [5] 0 Hits@level+ = [0+] 458 [1+] 169 [2+] 132 [3+] 26 [4+] 22 [5+] 0 Hits/KSLOC@level+ = [0+] 74.5685 [1+] 27.5155 [2+] 21.4914 [3+] 4.23315 [4+] 3.5819 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.