Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libmaa-1.4.7/maa/alloca.c
Examining data/libmaa-1.4.7/maa/arg.c
Examining data/libmaa-1.4.7/maa/base26.c
Examining data/libmaa-1.4.7/maa/base64.c
Examining data/libmaa-1.4.7/maa/bit.c
Examining data/libmaa-1.4.7/maa/debug.c
Examining data/libmaa-1.4.7/maa/error.c
Examining data/libmaa-1.4.7/maa/flags.c
Examining data/libmaa-1.4.7/maa/hash.c
Examining data/libmaa-1.4.7/maa/list.c
Examining data/libmaa-1.4.7/maa/log.c
Examining data/libmaa-1.4.7/maa/maa.c
Examining data/libmaa-1.4.7/maa/maa.h
Examining data/libmaa-1.4.7/maa/maaP.h
Examining data/libmaa-1.4.7/maa/memory.c
Examining data/libmaa-1.4.7/maa/mkrnd.c
Examining data/libmaa-1.4.7/maa/parse-concrete.c
Examining data/libmaa-1.4.7/maa/pr.c
Examining data/libmaa-1.4.7/maa/prime.c
Examining data/libmaa-1.4.7/maa/rnd.c
Examining data/libmaa-1.4.7/maa/set.c
Examining data/libmaa-1.4.7/maa/sl.c
Examining data/libmaa-1.4.7/maa/source.c
Examining data/libmaa-1.4.7/maa/stack.c
Examining data/libmaa-1.4.7/maa/string.c
Examining data/libmaa-1.4.7/maa/text.c
Examining data/libmaa-1.4.7/maa/timer.c
Examining data/libmaa-1.4.7/maa/xmalloc.c
Examining data/libmaa-1.4.7/tests/arg/argtest.c
Examining data/libmaa-1.4.7/tests/base/basetest.c
Examining data/libmaa-1.4.7/tests/basics/basicstest.c
Examining data/libmaa-1.4.7/tests/bit/bittest.c
Examining data/libmaa-1.4.7/tests/debug/debugtest.c
Examining data/libmaa-1.4.7/tests/err/errtest.c
Examining data/libmaa-1.4.7/tests/hash/hashtest.c
Examining data/libmaa-1.4.7/tests/list/listtest.c
Examining data/libmaa-1.4.7/tests/log/logtest.c
Examining data/libmaa-1.4.7/tests/memobj/memobjtest.c
Examining data/libmaa-1.4.7/tests/memstr/memstrtest.c
Examining data/libmaa-1.4.7/tests/pr/prtest.c
Examining data/libmaa-1.4.7/tests/prime/primetest.c
Examining data/libmaa-1.4.7/tests/prm/prmtest.c
Examining data/libmaa-1.4.7/tests/set/settest.c
Examining data/libmaa-1.4.7/tests/sl/sltest.c
Examining data/libmaa-1.4.7/tests/stack/stacktest.c
Examining data/libmaa-1.4.7/tests/string/stringtest.c
FINAL RESULTS:
data/libmaa-1.4.7/maa/error.c:89:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/libmaa-1.4.7/maa/error.c:124:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/libmaa-1.4.7/maa/error.c:160:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/libmaa-1.4.7/maa/error.c:191:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/libmaa-1.4.7/maa/log.c:213:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logFilename, logFilenameTmp);
data/libmaa-1.4.7/maa/log.c:325:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf (buf_main, sizeof (buf_main), format, ap);
data/libmaa-1.4.7/maa/maa.h:313:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((noreturn,format(printf, 2, 3)));
data/libmaa-1.4.7/maa/maa.h:316:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((noreturn,format(printf, 2, 3)));
data/libmaa-1.4.7/maa/maa.h:319:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)));
data/libmaa-1.4.7/maa/maa.h:322:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((noreturn,format(printf, 2, 3)));
data/libmaa-1.4.7/maa/pr.c:188:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], argv);
data/libmaa-1.4.7/maa/pr.c:406:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], argv);
data/libmaa-1.4.7/maa/source.c:418:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(str, format, ap);
data/libmaa-1.4.7/maa/source.c:440:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(str, format, ap);
data/libmaa-1.4.7/maa/string.c:374:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( buf, "%s%d", prefix, i++ );
data/libmaa-1.4.7/maa/mkrnd.c:41:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
printf( "%f, ", (double)random()/(double)INT_MAX);
data/libmaa-1.4.7/maa/sl.c:257:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while ((random() & 0x80) && level < _sl_MaxLevel) ++level;
data/libmaa-1.4.7/tests/debug/debugtest.c:42:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:")) != -1) {
data/libmaa-1.4.7/tests/pr/prtest.c:40:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "D")) != EOF)
data/libmaa-1.4.7/maa/alloca.c:144:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char align[ALIGN_SIZE]; /* To force sizeof(header). */
data/libmaa-1.4.7/maa/base26.c:64:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[8] = { 'a', 'a', 'a', 'a', 'a', 'a', 'a', '\0'};
data/libmaa-1.4.7/maa/base64.c:84:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[7];
data/libmaa-1.4.7/maa/log.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char logHostname[MAXHOSTNAMELEN];
data/libmaa-1.4.7/maa/log.c:216:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((logFd = open(logFilename, O_WRONLY|O_CREAT|O_APPEND, 0644)) < 0)
data/libmaa-1.4.7/maa/log.c:301:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf [8192] = "";
data/libmaa-1.4.7/maa/log.c:302:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf_main [4096] = "";
data/libmaa-1.4.7/maa/log.c:303:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf_preamble [256] = "";
data/libmaa-1.4.7/maa/maa.c:89:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[80];
data/libmaa-1.4.7/maa/maa.c:91:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Libmaa %d.%d.%d", MAA_MAJOR, MAA_MINOR, MAA_TEENY);
data/libmaa-1.4.7/maa/memory.c:154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, string, len + 1);
data/libmaa-1.4.7/maa/memory.c:181:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)p + i->growing_size, string, len);
data/libmaa-1.4.7/maa/mkrnd.c:39:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi( argv[1] );
data/libmaa-1.4.7/maa/pr.c:166:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((null = open("/dev/null", flag)) >= 0) { \
data/libmaa-1.4.7/maa/sl.c:263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/libmaa-1.4.7/maa/sl.c:265:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%p", datum);
data/libmaa-1.4.7/maa/source.c:142:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((lineno = atoi(arg_get(args, 1))) > 0) --lineno;
data/libmaa-1.4.7/maa/source.c:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libmaa-1.4.7/maa/text.c:52:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, "Z000");
data/libmaa-1.4.7/maa/text.c:74:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf [5];
data/libmaa-1.4.7/maa/xmalloc.c:76:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pt, s, len + 1);
data/libmaa-1.4.7/tests/arg/argtest.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [2000];
data/libmaa-1.4.7/tests/arg/argtest.c:44:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv [0], "r");
data/libmaa-1.4.7/tests/arg/argtest.c:46:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("argtest.in", "r");
data/libmaa-1.4.7/tests/err/errtest.c:13:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(argv[1]);
data/libmaa-1.4.7/tests/hash/hashtest.c:40:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[20];
data/libmaa-1.4.7/tests/hash/hashtest.c:47:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[20];
data/libmaa-1.4.7/tests/hash/hashtest.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ret[20];
data/libmaa-1.4.7/tests/hash/hashtest.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ret[20];
data/libmaa-1.4.7/tests/hash/hashtest.c:275:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[1]);
data/libmaa-1.4.7/tests/pr/prtest.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/libmaa-1.4.7/tests/set/settest.c:66:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[1]);
data/libmaa-1.4.7/tests/set/settest.c:77:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "key%d", i);
data/libmaa-1.4.7/tests/set/settest.c:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[100];
data/libmaa-1.4.7/tests/set/settest.c:84:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "key%d", i);
data/libmaa-1.4.7/tests/sl/sltest.c:67:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[1]);
data/libmaa-1.4.7/tests/string/stringtest.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/libmaa-1.4.7/tests/string/stringtest.c:45:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[1]);
data/libmaa-1.4.7/tests/string/stringtest.c:53:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "key%d", i);
data/libmaa-1.4.7/tests/string/stringtest.c:60:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "key%d", i);
data/libmaa-1.4.7/maa/base26.c:86:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(val);
data/libmaa-1.4.7/maa/base64.c:121:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return b64_decode_buf(val, strlen(val));
data/libmaa-1.4.7/maa/hash.c:402:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((i += strlen(s)+2) >= 60) { i=0; printf("\n"); }
data/libmaa-1.4.7/maa/log.c:232:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logFilenameLen = strlen(filename)*3+1024;
data/libmaa-1.4.7/maa/log.c:339:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (-1 == write (logFd, buf, strlen (buf)) && errno == EINTR);
data/libmaa-1.4.7/maa/memory.c:122:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/libmaa-1.4.7/maa/pr.c:352:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((count = read(out, outPt, outMaxLen)) <= 0) {
data/libmaa-1.4.7/maa/source.c:137:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, line, length);
data/libmaa-1.4.7/maa/string.c:314:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( tmp, s, length);
data/libmaa-1.4.7/maa/string.c:371:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = alloca( strlen( prefix ) + 100 );
data/libmaa-1.4.7/maa/xmalloc.c:70:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (s);
data/libmaa-1.4.7/tests/err/errtest.c:32:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(100, NULL, 0);
data/libmaa-1.4.7/tests/err/errtest.c:59:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(100, NULL, 0);
data/libmaa-1.4.7/tests/memstr/memstrtest.c:56:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_grow(strings, names[2], strlen(names[2]));
data/libmaa-1.4.7/tests/memstr/memstrtest.c:57:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_grow(strings, names[3], strlen(names[3]));
data/libmaa-1.4.7/tests/memstr/memstrtest.c:58:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_grow(strings, names[4], strlen(names[4]));
data/libmaa-1.4.7/tests/memstr/memstrtest.c:59:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_grow(strings, names[5], strlen(names[5]));
data/libmaa-1.4.7/tests/memstr/memstrtest.c:62:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("str4=%s\n", mem_strncpy(strings, names[6], strlen(names[6])));
data/libmaa-1.4.7/tests/pr/prtest.c:57:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (cnt = read(fdout, buf, BUFSIZ-1), cnt > 0){
ANALYSIS SUMMARY:
Hits = 78
Lines analyzed = 10056 in approximately 0.39 seconds (25740 lines/second)
Physical Source Lines of Code (SLOC) = 6364
Hits@level = [0] 257 [1] 19 [2] 40 [3] 4 [4] 15 [5] 0
Hits@level+ = [0+] 335 [1+] 78 [2+] 59 [3+] 19 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 52.6398 [1+] 12.2564 [2+] 9.2709 [3+] 2.98554 [4+] 2.35701 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.