Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libnss-cache-0.17/compat/getgrent_r.c Examining data/libnss-cache-0.17/compat/getpwent_r.c Examining data/libnss-cache-0.17/gen_getent.c Examining data/libnss-cache-0.17/lookup.c Examining data/libnss-cache-0.17/nss_cache.c Examining data/libnss-cache-0.17/nss_cache.h Examining data/libnss-cache-0.17/nss_test.h Examining data/libnss-cache-0.17/test/last_pw_errno_test.c Examining data/libnss-cache-0.17/bsdnss.c FINAL RESULTS: data/libnss-cache-0.17/nss_cache.h:43:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, fmt, ##__VA_ARGS__); \ data/libnss-cache-0.17/lookup.c:439:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "c:f:")) != -1) { data/libnss-cache-0.17/gen_getent.c:188:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/gen_getent.c:194:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output = fopen(filename, "w"); data/libnss-cache-0.17/gen_getent.c:212:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/gen_getent.c:218:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output = fopen(filename, "w"); data/libnss-cache-0.17/gen_getent.c:237:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/gen_getent.c:243:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output = fopen(filename, "w"); data/libnss-cache-0.17/lookup.c:253:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[255]; data/libnss-cache-0.17/lookup.c:283:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[255]; data/libnss-cache-0.17/lookup.c:292:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ret = getpwuid_wrapper(atoi(line)); data/libnss-cache-0.17/lookup.c:313:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[255]; data/libnss-cache-0.17/lookup.c:343:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[255]; data/libnss-cache-0.17/lookup.c:352:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ret = getgrgid_wrapper(atoi(line)); data/libnss-cache-0.17/lookup.c:374:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[255]; data/libnss-cache-0.17/lookup.c:455:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen(filename, "r"); data/libnss-cache-0.17/nss_cache.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char p_filename[NSS_CACHE_PATH_LENGTH] = "/etc/passwd.cache"; data/libnss-cache-0.17/nss_cache.c:42:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char g_filename[NSS_CACHE_PATH_LENGTH] = "/etc/group.cache"; data/libnss-cache-0.17/nss_cache.c:45:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char s_filename[NSS_CACHE_PATH_LENGTH] = "/etc/shadow.cache"; data/libnss-cache-0.17/nss_cache.c:97:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(args->sorted_filename, "r"); data/libnss-cache-0.17/nss_cache.c:153:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). system_file_stream = fopen(args->system_filename, "r"); data/libnss-cache-0.17/nss_cache.c:251:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). p_file = fopen(p_filename, "r"); data/libnss-cache-0.17/nss_cache.c:341:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/nss_cache.c:359:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uid_text[11]; data/libnss-cache-0.17/nss_cache.c:393:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/nss_cache.c:464:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). g_file = fopen(g_filename, "r"); data/libnss-cache-0.17/nss_cache.c:616:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/nss_cache.c:642:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gid_text[11]; data/libnss-cache-0.17/nss_cache.c:676:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/nss_cache.c:751:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). s_file = fopen(s_filename, "r"); data/libnss-cache-0.17/nss_cache.c:868:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[NSS_CACHE_PATH_LENGTH]; data/libnss-cache-0.17/gen_getent.c:192:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, PASSWD_FILE, NSS_CACHE_PATH_LENGTH - 4); data/libnss-cache-0.17/gen_getent.c:193:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".out", 4); data/libnss-cache-0.17/gen_getent.c:216:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, GROUP_FILE, NSS_CACHE_PATH_LENGTH - 4); data/libnss-cache-0.17/gen_getent.c:217:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".out", 4); data/libnss-cache-0.17/gen_getent.c:241:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, SHADOW_FILE, NSS_CACHE_PATH_LENGTH - 4); data/libnss-cache-0.17/gen_getent.c:242:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".out", 4); data/libnss-cache-0.17/lookup.c:259:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (line[strlen(line) - 1] == '\n') { data/libnss-cache-0.17/lookup.c:260:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). line[strlen(line) - 1] = '\0'; data/libnss-cache-0.17/lookup.c:289:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (line[strlen(line) - 1] == '\n') { data/libnss-cache-0.17/lookup.c:290:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). line[strlen(line) - 1] = '\0'; data/libnss-cache-0.17/lookup.c:319:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (line[strlen(line) - 1] == '\n') { data/libnss-cache-0.17/lookup.c:320:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). line[strlen(line) - 1] = '\0'; data/libnss-cache-0.17/lookup.c:349:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (line[strlen(line) - 1] == '\n') { data/libnss-cache-0.17/lookup.c:350:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). line[strlen(line) - 1] = '\0'; data/libnss-cache-0.17/lookup.c:380:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (line[strlen(line) - 1] == '\n') { data/libnss-cache-0.17/lookup.c:381:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). line[strlen(line) - 1] = '\0'; data/libnss-cache-0.17/nss_cache.c:141:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sscanf(entry_text + strlen(entry_text) + 1, "%ld", &offset); data/libnss-cache-0.17/nss_cache.c:193:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). return strncpy(p_filename, path, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:345:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, p_filename, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:346:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > NSS_CACHE_PATH_LENGTH - 7) { data/libnss-cache-0.17/nss_cache.c:350:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".ixuid", 6); data/libnss-cache-0.17/nss_cache.c:362:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args.lookup_key_length = strlen(uid_text); data/libnss-cache-0.17/nss_cache.c:400:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pw_name = malloc(strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:405:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pw_name, name, strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:405:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(pw_name, name, strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:407:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, p_filename, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:408:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > NSS_CACHE_PATH_LENGTH - 8) { data/libnss-cache-0.17/nss_cache.c:413:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".ixname", 7); data/libnss-cache-0.17/nss_cache.c:423:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args.lookup_key_length = strlen(pw_name); data/libnss-cache-0.17/nss_cache.c:456:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). return strncpy(g_filename, path, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:628:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, g_filename, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:629:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > NSS_CACHE_PATH_LENGTH - 7) { data/libnss-cache-0.17/nss_cache.c:633:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".ixgid", 6); data/libnss-cache-0.17/nss_cache.c:645:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args.lookup_key_length = strlen(gid_text); data/libnss-cache-0.17/nss_cache.c:683:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gr_name = malloc(strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:688:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(gr_name, name, strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:688:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(gr_name, name, strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:690:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, g_filename, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:691:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > NSS_CACHE_PATH_LENGTH - 8) { data/libnss-cache-0.17/nss_cache.c:696:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".ixname", 7); data/libnss-cache-0.17/nss_cache.c:706:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args.lookup_key_length = strlen(gr_name); data/libnss-cache-0.17/nss_cache.c:743:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). return strncpy(s_filename, path, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:875:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sp_namp = malloc(strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:880:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sp_namp, name, strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:880:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(sp_namp, name, strlen(name) + 1); data/libnss-cache-0.17/nss_cache.c:882:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, s_filename, NSS_CACHE_PATH_LENGTH - 1); data/libnss-cache-0.17/nss_cache.c:883:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > NSS_CACHE_PATH_LENGTH - 8) { data/libnss-cache-0.17/nss_cache.c:888:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant string. strncat(filename, ".ixname", 7); data/libnss-cache-0.17/nss_cache.c:898:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). args.lookup_key_length = strlen(sp_namp); ANALYSIS SUMMARY: Hits = 80 Lines analyzed = 2085 in approximately 0.12 seconds (17879 lines/second) Physical Source Lines of Code (SLOC) = 1420 Hits@level = [0] 51 [1] 49 [2] 29 [3] 1 [4] 1 [5] 0 Hits@level+ = [0+] 131 [1+] 80 [2+] 31 [3+] 2 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 92.2535 [1+] 56.338 [2+] 21.831 [3+] 1.40845 [4+] 0.704225 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.