Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libdbd-firebird-perl-1.32/Firebird.h
Examining data/libdbd-firebird-perl-1.32/dbdimp.h
Examining data/libdbd-firebird-perl-1.32/dbdimp.c
FINAL RESULTS:
data/libdbd-firebird-perl-1.32/dbdimp.c:33:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(frmt, buf); \
data/libdbd-firebird-perl-1.32/dbdimp.c:1449:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "%"DBD_IB_INT64f, i);
data/libdbd-firebird-perl-1.32/dbdimp.c:1459:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf+1, sizeof(buf)-1,
data/libdbd-firebird-perl-1.32/dbdimp.c:2369:22: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &p, &q, &r))
data/libdbd-firebird-perl-1.32/dbdimp.c:2373:26: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &q, &r) && DBIc_WARN(imp_sth))
data/libdbd-firebird-perl-1.32/dbdimp.c:2400:22: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &p, &r))
data/libdbd-firebird-perl-1.32/dbdimp.c:2403:26: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &r) && DBIc_WARN(imp_sth))
data/libdbd-firebird-perl-1.32/dbdimp.c:2490:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(format, sizeof(format), S_INT64_FULL, -ivar->sqlscale);
data/libdbd-firebird-perl-1.32/dbdimp.c:2500:22: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &p, &q, &r))
data/libdbd-firebird-perl-1.32/dbdimp.c:2503:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(format, sizeof(format), S_INT64_DEC_FULL, -ivar->sqlscale);
data/libdbd-firebird-perl-1.32/dbdimp.c:2504:26: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &q, &r) && DBIc_WARN(imp_sth))
data/libdbd-firebird-perl-1.32/dbdimp.c:2529:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(format, sizeof(format), S_INT64_NOSCALE);
data/libdbd-firebird-perl-1.32/dbdimp.c:2531:22: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &p, &r))
data/libdbd-firebird-perl-1.32/dbdimp.c:2533:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(format, sizeof(format), S_INT64_DEC_NOSCALE);
data/libdbd-firebird-perl-1.32/dbdimp.c:2534:26: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (!sscanf(svalue, format, &r) && DBIc_WARN(imp_sth))
data/libdbd-firebird-perl-1.32/dbdimp.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/libdbd-firebird-perl-1.32/dbdimp.c:327:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(imp_dbh->dateformat, "%x");
data/libdbd-firebird-perl-1.32/dbdimp.c:330:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(imp_dbh->timeformat, "%X");
data/libdbd-firebird-perl-1.32/dbdimp.c:333:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(imp_dbh->timestampformat, "%c");
data/libdbd-firebird-perl-1.32/dbdimp.c:523:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/libdbd-firebird-perl-1.32/dbdimp.c:809:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char stmt_info[1];
data/libdbd-firebird-perl-1.32/dbdimp.c:810:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info_buffer[20], count_item;
data/libdbd-firebird-perl-1.32/dbdimp.c:1431:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[22]; /* NUMERIC(18,2) = -92233720368547758.08 + '\0' */
data/libdbd-firebird-perl-1.32/dbdimp.c:1654:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)×) + 9*sizeof(int),
data/libdbd-firebird-perl-1.32/dbdimp.c:1669:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blob_info_buffer[32], *p,
data/libdbd-firebird-perl-1.32/dbdimp.c:2024:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/libdbd-firebird-perl-1.32/dbdimp.c:2248:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[ERRBUFSIZE];
data/libdbd-firebird-perl-1.32/dbdimp.c:2289:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[ERRBUFSIZE];
data/libdbd-firebird-perl-1.32/dbdimp.c:2312:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[ERRBUFSIZE];
data/libdbd-firebird-perl-1.32/dbdimp.c:2333:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/libdbd-firebird-perl-1.32/dbdimp.c:2433:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/libdbd-firebird-perl-1.32/dbdimp.c:2919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count_info[1], count_buffer[33];
data/libdbd-firebird-perl-1.32/dbdimp.h:284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vary_string [1];
data/libdbd-firebird-perl-1.32/dbdimp.c:59:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const U8* const send = s + (len ? len : strlen((const char *)s));
data/libdbd-firebird-perl-1.32/dbdimp.c:146:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CALC_AVAILABLE(buff) sizeof(buff) - strlen(buff) - 1
data/libdbd-firebird-perl-1.32/dbdimp.c:391:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(imp_dbh->ib_charset, p, len);
data/libdbd-firebird-perl-1.32/dbdimp.c:735:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = newSVpvn(imp_dbh->dateformat, strlen(imp_dbh->dateformat));
data/libdbd-firebird-perl-1.32/dbdimp.c:737:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = newSVpvn(imp_dbh->timeformat, strlen(imp_dbh->timeformat));
data/libdbd-firebird-perl-1.32/dbdimp.c:740:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(imp_dbh->timestampformat));
data/libdbd-firebird-perl-1.32/dbdimp.c:1450:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_setpvn(sv, buf, strlen(buf));
data/libdbd-firebird-perl-1.32/dbdimp.c:1466:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_setpvn(sv, buf, strlen(buf));
data/libdbd-firebird-perl-1.32/dbdimp.c:1469:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_setpvn(sv, buf+1, strlen(buf+1));
data/libdbd-firebird-perl-1.32/dbdimp.c:1615:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_setpvn(sv, buf, strlen(buf));
data/libdbd-firebird-perl-1.32/dbdimp.c:1661:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sv_setpvn(sv, buf, strlen(buf));
data/libdbd-firebird-perl-1.32/dbdimp.c:2026:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
av_store(av, i, newSVpvn(s, strlen(s)));
data/libdbd-firebird-perl-1.32/dbdimp.c:2048:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = newSVpv(imp_sth->cursor_name, strlen(imp_sth->cursor_name));
data/libdbd-firebird-perl-1.32/dbdimp.c:2366:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(svalue);
data/libdbd-firebird-perl-1.32/dbdimp.c:2497:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(svalue);
data/libdbd-firebird-perl-1.32/dbdimp.h:129:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DPB_FILL_STRING_LEN(dpb, code, string, strlen(string) )
data/libdbd-firebird-perl-1.32/dbdimp.h:137:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dpb, string, (size_t) len); \
data/libdbd-firebird-perl-1.32/dbdimp.h:147:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DPB_PREP_STRING_LEN(buflen, strlen(string))
ANALYSIS SUMMARY:
Hits = 51
Lines analyzed = 3399 in approximately 0.13 seconds (25190 lines/second)
Physical Source Lines of Code (SLOC) = 2370
Hits@level = [0] 13 [1] 18 [2] 18 [3] 0 [4] 15 [5] 0
Hits@level+ = [0+] 64 [1+] 51 [2+] 33 [3+] 15 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 27.0042 [1+] 21.519 [2+] 13.9241 [3+] 6.32911 [4+] 6.32911 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.