Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libcleri-0.12.1/examples/choice/main.c
Examining data/libcleri-0.12.1/examples/hi_iris/main.c
Examining data/libcleri-0.12.1/examples/json/json.c
Examining data/libcleri-0.12.1/examples/json/json.h
Examining data/libcleri-0.12.1/examples/json/main.c
Examining data/libcleri-0.12.1/examples/keyword/main.c
Examining data/libcleri-0.12.1/examples/list/main.c
Examining data/libcleri-0.12.1/examples/optional/main.c
Examining data/libcleri-0.12.1/examples/prio/main.c
Examining data/libcleri-0.12.1/examples/ref/main.c
Examining data/libcleri-0.12.1/examples/repeat/main.c
Examining data/libcleri-0.12.1/examples/sequence/main.c
Examining data/libcleri-0.12.1/examples/token/main.c
Examining data/libcleri-0.12.1/examples/tokens/main.c
Examining data/libcleri-0.12.1/examples/tree_and_expect/buffer.c
Examining data/libcleri-0.12.1/examples/tree_and_expect/buffer.h
Examining data/libcleri-0.12.1/examples/tree_and_expect/expect/expect.c
Examining data/libcleri-0.12.1/examples/tree_and_expect/expect/expect.h
Examining data/libcleri-0.12.1/examples/tree_and_expect/expect/main.c
Examining data/libcleri-0.12.1/examples/tree_and_expect/tree/main.c
Examining data/libcleri-0.12.1/examples/tree_and_expect/tree/tree.c
Examining data/libcleri-0.12.1/examples/tree_and_expect/tree/tree.h
Examining data/libcleri-0.12.1/inc/cleri/children.h
Examining data/libcleri-0.12.1/inc/cleri/choice.h
Examining data/libcleri-0.12.1/inc/cleri/cleri.h
Examining data/libcleri-0.12.1/inc/cleri/dup.h
Examining data/libcleri-0.12.1/inc/cleri/expecting.h
Examining data/libcleri-0.12.1/inc/cleri/grammar.h
Examining data/libcleri-0.12.1/inc/cleri/keyword.h
Examining data/libcleri-0.12.1/inc/cleri/kwcache.h
Examining data/libcleri-0.12.1/inc/cleri/list.h
Examining data/libcleri-0.12.1/inc/cleri/node.h
Examining data/libcleri-0.12.1/inc/cleri/node.inline.h
Examining data/libcleri-0.12.1/inc/cleri/olist.h
Examining data/libcleri-0.12.1/inc/cleri/optional.h
Examining data/libcleri-0.12.1/inc/cleri/parse.h
Examining data/libcleri-0.12.1/inc/cleri/prio.h
Examining data/libcleri-0.12.1/inc/cleri/ref.h
Examining data/libcleri-0.12.1/inc/cleri/regex.h
Examining data/libcleri-0.12.1/inc/cleri/repeat.h
Examining data/libcleri-0.12.1/inc/cleri/rule.h
Examining data/libcleri-0.12.1/inc/cleri/sequence.h
Examining data/libcleri-0.12.1/inc/cleri/this.h
Examining data/libcleri-0.12.1/inc/cleri/token.h
Examining data/libcleri-0.12.1/inc/cleri/tokens.h
Examining data/libcleri-0.12.1/inc/cleri/version.h
Examining data/libcleri-0.12.1/src/children.c
Examining data/libcleri-0.12.1/src/choice.c
Examining data/libcleri-0.12.1/src/cleri.c
Examining data/libcleri-0.12.1/src/dup.c
Examining data/libcleri-0.12.1/src/expecting.c
Examining data/libcleri-0.12.1/src/grammar.c
Examining data/libcleri-0.12.1/src/keyword.c
Examining data/libcleri-0.12.1/src/kwcache.c
Examining data/libcleri-0.12.1/src/list.c
Examining data/libcleri-0.12.1/src/node.c
Examining data/libcleri-0.12.1/src/olist.c
Examining data/libcleri-0.12.1/src/optional.c
Examining data/libcleri-0.12.1/src/parse.c
Examining data/libcleri-0.12.1/src/prio.c
Examining data/libcleri-0.12.1/src/ref.c
Examining data/libcleri-0.12.1/src/regex.c
Examining data/libcleri-0.12.1/src/repeat.c
Examining data/libcleri-0.12.1/src/rule.c
Examining data/libcleri-0.12.1/src/sequence.c
Examining data/libcleri-0.12.1/src/this.c
Examining data/libcleri-0.12.1/src/token.c
Examining data/libcleri-0.12.1/src/tokens.c
Examining data/libcleri-0.12.1/src/version.c
Examining data/libcleri-0.12.1/test/helpers.h
Examining data/libcleri-0.12.1/test/test.h
Examining data/libcleri-0.12.1/test/test_choice/test_choice.c
Examining data/libcleri-0.12.1/test/test_dup/test_dup.c
Examining data/libcleri-0.12.1/test/test_json_lang/test_json_lang.c
Examining data/libcleri-0.12.1/test/test_keyword/test_keyword.c
Examining data/libcleri-0.12.1/test/test_list/test_list.c
Examining data/libcleri-0.12.1/test/test_optional/test_optional.c
Examining data/libcleri-0.12.1/test/test_prio/test_prio.c
Examining data/libcleri-0.12.1/test/test_ref/test_ref.c
Examining data/libcleri-0.12.1/test/test_regex/test_regex.c
Examining data/libcleri-0.12.1/test/test_repeat/test_repeat.c
Examining data/libcleri-0.12.1/test/test_sequence/test_sequence.c
Examining data/libcleri-0.12.1/test/test_thingsdb_lang/test_thingsdb_lang.c
Examining data/libcleri-0.12.1/test/test_token/test_token.c
Examining data/libcleri-0.12.1/test/test_tokens/test_tokens.c
Examining data/libcleri-0.12.1/test/test_version/test_version.c
FINAL RESULTS:
data/libcleri-0.12.1/examples/tree_and_expect/buffer.c:29:17: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int count = vsnprintf(buf->buf + buf->n, rest_sz, fmt, args);
data/libcleri-0.12.1/examples/tree_and_expect/buffer.c:54:17: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
count = vsnprintf(buf->buf + buf->n, buf->sz - buf->n, fmt, args_copy);
data/libcleri-0.12.1/src/parse.c:304:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = snprintf(s+i, m, template, expect);
data/libcleri-0.12.1/examples/tree_and_expect/expect/main.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[30];
data/libcleri-0.12.1/src/tokens.c:227:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, tlist->token, tlist->len);
data/libcleri-0.12.1/src/tokens.c:233:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, tlist->token, tlist->len);
data/libcleri-0.12.1/examples/tree_and_expect/expect/main.c:103:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len=strlen(str);
data/libcleri-0.12.1/src/keyword.c:25:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(keyword);
data/libcleri-0.12.1/src/kwcache.c:24:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(str);
data/libcleri-0.12.1/src/token.c:45:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cl_object->via.token->len = strlen(token);
data/libcleri-0.12.1/src/tokens.c:58:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cl_object->via.tokens->spaced = (char *) malloc(strlen(tokens) + 1);
data/libcleri-0.12.1/test/test.h:27:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int padlen = 60 - strlen(test_name);
data/libcleri-0.12.1/test/test_version/test_version.c:8:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_assert ( strlen(cleri_version()) > 5 );
ANALYSIS SUMMARY:
Hits = 13
Lines analyzed = 6654 in approximately 0.27 seconds (24733 lines/second)
Physical Source Lines of Code (SLOC) = 5019
Hits@level = [0] 47 [1] 7 [2] 3 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 60 [1+] 13 [2+] 6 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 11.9546 [1+] 2.59016 [2+] 1.19546 [3+] 0.597729 [4+] 0.597729 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.