Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libgovirt-0.3.7/examples/list-vms-async.c Examining data/libgovirt-0.3.7/examples/sync-test.c Examining data/libgovirt-0.3.7/examples/async-test.c Examining data/libgovirt-0.3.7/examples/list-vms.c Examining data/libgovirt-0.3.7/tests/mock-httpd.c Examining data/libgovirt-0.3.7/tests/mock-httpd.h Examining data/libgovirt-0.3.7/tests/test-govirt.c Examining data/libgovirt-0.3.7/govirt/ovirt-vm-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-resource-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-vm-pool.c Examining data/libgovirt-0.3.7/govirt/ovirt-cdrom.h Examining data/libgovirt-0.3.7/govirt/ovirt-collection.c Examining data/libgovirt-0.3.7/govirt/ovirt-cluster.h Examining data/libgovirt-0.3.7/govirt/ovirt-resource-rest-call.h Examining data/libgovirt-0.3.7/govirt/ovirt-api-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-vm.h Examining data/libgovirt-0.3.7/govirt/govirt.h Examining data/libgovirt-0.3.7/govirt/ovirt-rest-call-error.h Examining data/libgovirt-0.3.7/govirt/ovirt-vm-display.c Examining data/libgovirt-0.3.7/govirt/ovirt-data-center-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-storage-domain-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-vm-pool.h Examining data/libgovirt-0.3.7/govirt/ovirt-proxy.h Examining data/libgovirt-0.3.7/govirt/ovirt-host-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-rest-call.h Examining data/libgovirt-0.3.7/govirt/ovirt-vm-display.h Examining data/libgovirt-0.3.7/govirt/ovirt-action-rest-call.c Examining data/libgovirt-0.3.7/govirt/ovirt-vm.c Examining data/libgovirt-0.3.7/govirt/ovirt-data-center.c Examining data/libgovirt-0.3.7/govirt/ovirt-host.h Examining data/libgovirt-0.3.7/govirt/ovirt-error.c Examining data/libgovirt-0.3.7/govirt/ovirt-cluster-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-storage-domain.c Examining data/libgovirt-0.3.7/govirt/ovirt-cluster.c Examining data/libgovirt-0.3.7/govirt/ovirt-error.h Examining data/libgovirt-0.3.7/govirt/ovirt-resource.h Examining data/libgovirt-0.3.7/govirt/ovirt-api.h Examining data/libgovirt-0.3.7/govirt/ovirt-host.c Examining data/libgovirt-0.3.7/govirt/ovirt-types.h Examining data/libgovirt-0.3.7/govirt/ovirt-utils.h Examining data/libgovirt-0.3.7/govirt/ovirt-utils.c Examining data/libgovirt-0.3.7/govirt/ovirt-api.c Examining data/libgovirt-0.3.7/govirt/ovirt-cdrom.c Examining data/libgovirt-0.3.7/govirt/ovirt-options.h Examining data/libgovirt-0.3.7/govirt/ovirt-proxy.c Examining data/libgovirt-0.3.7/govirt/ovirt-collection.h Examining data/libgovirt-0.3.7/govirt/ovirt-rest-call.c Examining data/libgovirt-0.3.7/govirt/ovirt-action-rest-call.h Examining data/libgovirt-0.3.7/govirt/ovirt-storage-domain.h Examining data/libgovirt-0.3.7/govirt/ovirt-proxy-deprecated.c Examining data/libgovirt-0.3.7/govirt/ovirt-collection-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-resource-rest-call.c Examining data/libgovirt-0.3.7/govirt/ovirt-resource.c Examining data/libgovirt-0.3.7/govirt/govirt-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-data-center.h Examining data/libgovirt-0.3.7/govirt/ovirt-proxy-private.h Examining data/libgovirt-0.3.7/govirt/ovirt-options.c FINAL RESULTS: data/libgovirt-0.3.7/govirt/ovirt-options.c:75:33: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. return g_build_filename(g_get_home_dir(), &path[1], NULL); data/libgovirt-0.3.7/govirt/ovirt-proxy.c:757:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). domain = url + strlen("https://"); data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1011:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix_len = strlen("api"); data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1013:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix_len = strlen("/api"); data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1015:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). suffix_len = strlen("/api/"); data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1020:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uri[strlen(uri) - suffix_len] = '\0'; data/libgovirt-0.3.7/govirt/ovirt-proxy.c:1024:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(uri)-1; i >= 0; i--) { data/libgovirt-0.3.7/govirt/ovirt-resource-rest-call.c:132:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *content_len = strlen(*content); data/libgovirt-0.3.7/govirt/ovirt-utils.c:215:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). GByteArray *array = g_byte_array_new_take((guchar *)g_strdup(value_str), strlen(value_str)); data/libgovirt-0.3.7/tests/mock-httpd.c:92:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). content, strlen(content)); ANALYSIS SUMMARY: Hits = 10 Lines analyzed = 10413 in approximately 0.29 seconds (35911 lines/second) Physical Source Lines of Code (SLOC) = 6967 Hits@level = [0] 0 [1] 9 [2] 0 [3] 1 [4] 0 [5] 0 Hits@level+ = [0+] 10 [1+] 10 [2+] 1 [3+] 1 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 1.43534 [1+] 1.43534 [2+] 0.143534 [3+] 0.143534 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.