Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/librsync-2.3.1/src/base64.c Examining data/librsync-2.3.1/src/blake2/blake2-impl.h Examining data/librsync-2.3.1/src/blake2/blake2.h Examining data/librsync-2.3.1/src/blake2/blake2b-ref.c Examining data/librsync-2.3.1/src/buf.c Examining data/librsync-2.3.1/src/buf.h Examining data/librsync-2.3.1/src/checksum.c Examining data/librsync-2.3.1/src/checksum.h Examining data/librsync-2.3.1/src/command.c Examining data/librsync-2.3.1/src/command.h Examining data/librsync-2.3.1/src/delta.c Examining data/librsync-2.3.1/src/emit.c Examining data/librsync-2.3.1/src/emit.h Examining data/librsync-2.3.1/src/fileutil.c Examining data/librsync-2.3.1/src/hashtable.c Examining data/librsync-2.3.1/src/hashtable.h Examining data/librsync-2.3.1/src/hex.c Examining data/librsync-2.3.1/src/isprefix.c Examining data/librsync-2.3.1/src/isprefix.h Examining data/librsync-2.3.1/src/job.c Examining data/librsync-2.3.1/src/job.h Examining data/librsync-2.3.1/src/librsync.h Examining data/librsync-2.3.1/src/librsync_export.h Examining data/librsync-2.3.1/src/mdfour.c Examining data/librsync-2.3.1/src/mdfour.h Examining data/librsync-2.3.1/src/mksum.c Examining data/librsync-2.3.1/src/msg.c Examining data/librsync-2.3.1/src/netint.c Examining data/librsync-2.3.1/src/netint.h Examining data/librsync-2.3.1/src/patch.c Examining data/librsync-2.3.1/src/prototab.c Examining data/librsync-2.3.1/src/prototab.h Examining data/librsync-2.3.1/src/rabinkarp.c Examining data/librsync-2.3.1/src/rabinkarp.h Examining data/librsync-2.3.1/src/readsums.c Examining data/librsync-2.3.1/src/rollsum.c Examining data/librsync-2.3.1/src/rollsum.h Examining data/librsync-2.3.1/src/scoop.c Examining data/librsync-2.3.1/src/stats.c Examining data/librsync-2.3.1/src/stream.c Examining data/librsync-2.3.1/src/stream.h Examining data/librsync-2.3.1/src/sumset.c Examining data/librsync-2.3.1/src/sumset.h Examining data/librsync-2.3.1/src/trace.c Examining data/librsync-2.3.1/src/trace.h Examining data/librsync-2.3.1/src/tube.c Examining data/librsync-2.3.1/src/util.c Examining data/librsync-2.3.1/src/util.h Examining data/librsync-2.3.1/src/version.c Examining data/librsync-2.3.1/src/whole.c Examining data/librsync-2.3.1/src/whole.h Examining data/librsync-2.3.1/src/rdiff.c Examining data/librsync-2.3.1/tests/checksum_test.c Examining data/librsync-2.3.1/tests/hashtable_test.c Examining data/librsync-2.3.1/tests/isprefix.h Examining data/librsync-2.3.1/tests/isprefix_test.c Examining data/librsync-2.3.1/tests/netint_test.c Examining data/librsync-2.3.1/tests/rabinkarp_perf.c Examining data/librsync-2.3.1/tests/rabinkarp_test.c Examining data/librsync-2.3.1/tests/rollsum_test.c Examining data/librsync-2.3.1/tests/sumset_test.c FINAL RESULTS: data/librsync-2.3.1/src/rdiff.c:76:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf), error, va); data/librsync-2.3.1/src/trace.c:83:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf), fmt, va); data/librsync-2.3.1/src/trace.h:61:27: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__((format(printf, 3, 4))); data/librsync-2.3.1/src/blake2/blake2-impl.h:42:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&w, src, sizeof w); data/librsync-2.3.1/src/blake2/blake2-impl.h:57:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&w, src, sizeof w); data/librsync-2.3.1/src/blake2/blake2-impl.h:76:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&w, src, sizeof w); data/librsync-2.3.1/src/blake2/blake2-impl.h:88:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &w, sizeof w); data/librsync-2.3.1/src/blake2/blake2-impl.h:99:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &w, sizeof w); data/librsync-2.3.1/src/blake2/blake2-impl.h:112:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, &w, sizeof w); data/librsync-2.3.1/src/blake2/blake2b-ref.c:146:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( block, key, keylen ); data/librsync-2.3.1/src/blake2/blake2b-ref.c:231:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( S->buf + left, in, fill ); /* Fill buffer */ data/librsync-2.3.1/src/blake2/blake2b-ref.c:242:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( S->buf + S->buflen, in, inlen ); data/librsync-2.3.1/src/blake2/blake2b-ref.c:267:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( out, buffer, S->outlen ); data/librsync-2.3.1/src/fileutil.c:49:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define fopen(f, m) fopen64((f), (m)) data/librsync-2.3.1/src/fileutil.c:98:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(filename, "rb"))) { data/librsync-2.3.1/src/fileutil.c:106:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(f = fopen(filename, mode))) { data/librsync-2.3.1/src/librsync.h:243:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef unsigned char rs_strong_sum_t[RS_MAX_STRONG_SUM_LENGTH]; data/librsync-2.3.1/src/mdfour.c:59:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char PADDING[64] = { data/librsync-2.3.1/src/mdfour.c:231:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(M, p, 16 * sizeof(uint32_t)); data/librsync-2.3.1/src/mdfour.c:269:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[8]; data/librsync-2.3.1/src/mdfour.c:307:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&md->tail[md->tail_len], in, tail_gap); data/librsync-2.3.1/src/mdfour.c:322:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&md->tail[md->tail_len], in, n); data/librsync-2.3.1/src/mdfour.h:32:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tail[64]; data/librsync-2.3.1/src/mksum.c:79:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strong_sum_hex[RS_MAX_STRONG_SUM_LENGTH * 2 + 1]; data/librsync-2.3.1/src/patch.c:214:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffs->next_out, ptr, len); data/librsync-2.3.1/src/rdiff.c:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/librsync-2.3.1/src/rdiff.c:170:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int l = atoi(a); data/librsync-2.3.1/src/readsums.c:46:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hexbuf[RS_MAX_STRONG_SUM_LENGTH * 2 + 2]; data/librsync-2.3.1/src/scoop.c:81:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newbuf, job->scoop_next, job->scoop_avail); data/librsync-2.3.1/src/scoop.c:102:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job->scoop_next + job->scoop_avail, stream->next_in, tocopy); data/librsync-2.3.1/src/stats.c:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1000]; data/librsync-2.3.1/src/stream.c:118:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stream->next_out, stream->next_in, len); data/librsync-2.3.1/src/sumset.c:37:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sig->strong_sum, strong_sum, strong_len); data/librsync-2.3.1/src/sumset.c:308:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strong_hex[RS_MAX_STRONG_SUM_LENGTH * 3]; data/librsync-2.3.1/src/trace.c:80:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1000]; data/librsync-2.3.1/src/trace.c:81:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_buf[1040]; data/librsync-2.3.1/src/tube.c:75:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stream->next_out, job->write_buf, len); data/librsync-2.3.1/src/tube.c:99:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stream->next_out, job->scoop_next, len); data/librsync-2.3.1/src/tube.c:197:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(job->write_buf + job->write_len, buf, len); data/librsync-2.3.1/src/whole.c:100:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stats, &job->stats, sizeof *stats); data/librsync-2.3.1/src/whole.c:118:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stats, &job->stats, sizeof *stats); data/librsync-2.3.1/src/whole.c:135:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stats, &job->stats, sizeof *stats); data/librsync-2.3.1/src/whole.c:150:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stats, &job->stats, sizeof *stats); data/librsync-2.3.1/tests/checksum_test.c:34:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/librsync-2.3.1/tests/checksum_test.c:142:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char md4[16] = { data/librsync-2.3.1/tests/checksum_test.c:146:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char bk2[32] = { data/librsync-2.3.1/tests/rabinkarp_test.c:33:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/librsync-2.3.1/tests/rollsum_test.c:34:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; data/librsync-2.3.1/tests/sumset_test.c:38:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[256]; ANALYSIS SUMMARY: Hits = 49 Lines analyzed = 8598 in approximately 0.28 seconds (30315 lines/second) Physical Source Lines of Code (SLOC) = 4934 Hits@level = [0] 17 [1] 0 [2] 46 [3] 0 [4] 3 [5] 0 Hits@level+ = [0+] 66 [1+] 49 [2+] 49 [3+] 3 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 13.3766 [1+] 9.93109 [2+] 9.93109 [3+] 0.608026 [4+] 0.608026 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.