Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c
Examining data/libreadline-java-0.8.0.1+dfsg/src/native/getline.h
Examining data/libreadline-java-0.8.0.1+dfsg/src/native/org_gnu_readline_Readline.c
FINAL RESULTS:
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:491:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, hist_next());
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:499:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, hist_prev());
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:519:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, hist_prev());
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:525:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, hist_next());
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:699:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_killbuf, gl_buf + pos);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:774:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_prompt, prompt);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:781:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_prompt, prompt);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:995:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, p);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:1057:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, hist_buf[hist_pos]);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:1105:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, p);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:1139:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gl_buf, p);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gl_buf[BUF_SIZE]; /* input buffer */
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gl_killbuf[BUF_SIZE]=""; /* killed text */
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:760:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_prompt[80] = "";
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:901:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *hist_buf[HIST_SIZE];
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:1005:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char search_prompt[101]; /* prompt includes search string */
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:1006:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char search_string[100];
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:77:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
static size_t (*gl_strlen)() = (size_t(*)())strlen;
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:137:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int read();
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:222:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
descrip.dsc$w_length = strlen("tt:");
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:293:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = read(0, &ch, 1)) == -1) {
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:366:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:375:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:607:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(gl_killbuf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:663:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(gl_buf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:791:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gl_cnt = strlen(gl_buf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:873:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:927:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:930:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prev == 0 || strlen(prev) != len ||
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:985:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(p);
data/libreadline-java-0.8.0.1+dfsg/src/native/getline.c:990:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, p, len-1);
data/libreadline-java-0.8.0.1+dfsg/src/native/org_gnu_readline_Readline.c:316:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (appName && strlen(appName))
data/libreadline-java-0.8.0.1+dfsg/src/native/org_gnu_readline_Readline.c:892:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(utf8);
data/libreadline-java-0.8.0.1+dfsg/src/native/org_gnu_readline_Readline.c:929:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(ucs);
ANALYSIS SUMMARY:
Hits = 34
Lines analyzed = 2166 in approximately 0.08 seconds (28276 lines/second)
Physical Source Lines of Code (SLOC) = 1703
Hits@level = [0] 0 [1] 17 [2] 6 [3] 0 [4] 11 [5] 0
Hits@level+ = [0+] 34 [1+] 34 [2+] 17 [3+] 11 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 19.9648 [1+] 19.9648 [2+] 9.98238 [3+] 6.45919 [4+] 6.45919 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.