Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libgovirt-0.3.7/examples/list-vms-async.c
Examining data/libgovirt-0.3.7/examples/sync-test.c
Examining data/libgovirt-0.3.7/examples/async-test.c
Examining data/libgovirt-0.3.7/examples/list-vms.c
Examining data/libgovirt-0.3.7/tests/mock-httpd.c
Examining data/libgovirt-0.3.7/tests/mock-httpd.h
Examining data/libgovirt-0.3.7/tests/test-govirt.c
Examining data/libgovirt-0.3.7/govirt/ovirt-vm-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-resource-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-vm-pool.c
Examining data/libgovirt-0.3.7/govirt/ovirt-cdrom.h
Examining data/libgovirt-0.3.7/govirt/ovirt-collection.c
Examining data/libgovirt-0.3.7/govirt/ovirt-cluster.h
Examining data/libgovirt-0.3.7/govirt/ovirt-resource-rest-call.h
Examining data/libgovirt-0.3.7/govirt/ovirt-api-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-vm.h
Examining data/libgovirt-0.3.7/govirt/govirt.h
Examining data/libgovirt-0.3.7/govirt/ovirt-rest-call-error.h
Examining data/libgovirt-0.3.7/govirt/ovirt-vm-display.c
Examining data/libgovirt-0.3.7/govirt/ovirt-data-center-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-storage-domain-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-vm-pool.h
Examining data/libgovirt-0.3.7/govirt/ovirt-proxy.h
Examining data/libgovirt-0.3.7/govirt/ovirt-host-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-rest-call.h
Examining data/libgovirt-0.3.7/govirt/ovirt-vm-display.h
Examining data/libgovirt-0.3.7/govirt/ovirt-action-rest-call.c
Examining data/libgovirt-0.3.7/govirt/ovirt-vm.c
Examining data/libgovirt-0.3.7/govirt/ovirt-data-center.c
Examining data/libgovirt-0.3.7/govirt/ovirt-host.h
Examining data/libgovirt-0.3.7/govirt/ovirt-error.c
Examining data/libgovirt-0.3.7/govirt/ovirt-cluster-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-storage-domain.c
Examining data/libgovirt-0.3.7/govirt/ovirt-cluster.c
Examining data/libgovirt-0.3.7/govirt/ovirt-error.h
Examining data/libgovirt-0.3.7/govirt/ovirt-resource.h
Examining data/libgovirt-0.3.7/govirt/ovirt-api.h
Examining data/libgovirt-0.3.7/govirt/ovirt-host.c
Examining data/libgovirt-0.3.7/govirt/ovirt-types.h
Examining data/libgovirt-0.3.7/govirt/ovirt-utils.h
Examining data/libgovirt-0.3.7/govirt/ovirt-utils.c
Examining data/libgovirt-0.3.7/govirt/ovirt-api.c
Examining data/libgovirt-0.3.7/govirt/ovirt-cdrom.c
Examining data/libgovirt-0.3.7/govirt/ovirt-options.h
Examining data/libgovirt-0.3.7/govirt/ovirt-proxy.c
Examining data/libgovirt-0.3.7/govirt/ovirt-collection.h
Examining data/libgovirt-0.3.7/govirt/ovirt-rest-call.c
Examining data/libgovirt-0.3.7/govirt/ovirt-action-rest-call.h
Examining data/libgovirt-0.3.7/govirt/ovirt-storage-domain.h
Examining data/libgovirt-0.3.7/govirt/ovirt-proxy-deprecated.c
Examining data/libgovirt-0.3.7/govirt/ovirt-collection-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-resource-rest-call.c
Examining data/libgovirt-0.3.7/govirt/ovirt-resource.c
Examining data/libgovirt-0.3.7/govirt/govirt-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-data-center.h
Examining data/libgovirt-0.3.7/govirt/ovirt-proxy-private.h
Examining data/libgovirt-0.3.7/govirt/ovirt-options.c
FINAL RESULTS:
data/libgovirt-0.3.7/govirt/ovirt-options.c:75:33: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
return g_build_filename(g_get_home_dir(), &path[1], NULL);
data/libgovirt-0.3.7/govirt/ovirt-proxy.c:757:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
domain = url + strlen("https://");
data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1011:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suffix_len = strlen("api");
data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1013:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suffix_len = strlen("/api");
data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1015:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
suffix_len = strlen("/api/");
data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1020:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri[strlen(uri) - suffix_len] = '\0';
data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1024:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(uri)-1; i >= 0; i--) {
data/libgovirt-0.3.7/govirt/ovirt-resource-rest-call.c:132:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*content_len = strlen(*content);
data/libgovirt-0.3.7/govirt/ovirt-utils.c:215:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GByteArray *array = g_byte_array_new_take((guchar *)g_strdup(value_str), strlen(value_str));
data/libgovirt-0.3.7/tests/mock-httpd.c:92:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content, strlen(content));
ANALYSIS SUMMARY:
Hits = 10
Lines analyzed = 10413 in approximately 0.29 seconds (35911 lines/second)
Physical Source Lines of Code (SLOC) = 6967
Hits@level = [0] 0 [1] 9 [2] 0 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 10 [1+] 10 [2+] 1 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 1.43534 [1+] 1.43534 [2+] 0.143534 [3+] 0.143534 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.