Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/lua-apr-0.23.2.dfsg/etc/apreq_standalone.c
Examining data/lua-apr-0.23.2.dfsg/src/base64.c
Examining data/lua-apr-0.23.2.dfsg/src/buffer.c
Examining data/lua-apr-0.23.2.dfsg/src/crypt.c
Examining data/lua-apr-0.23.2.dfsg/src/date.c
Examining data/lua-apr-0.23.2.dfsg/src/dbd.c
Examining data/lua-apr-0.23.2.dfsg/src/dbm.c
Examining data/lua-apr-0.23.2.dfsg/src/env.c
Examining data/lua-apr-0.23.2.dfsg/src/errno.c
Examining data/lua-apr-0.23.2.dfsg/src/filepath.c
Examining data/lua-apr-0.23.2.dfsg/src/fnmatch.c
Examining data/lua-apr-0.23.2.dfsg/src/getopt.c
Examining data/lua-apr-0.23.2.dfsg/src/http.c
Examining data/lua-apr-0.23.2.dfsg/src/io_dir.c
Examining data/lua-apr-0.23.2.dfsg/src/io_file.c
Examining data/lua-apr-0.23.2.dfsg/src/io_net.c
Examining data/lua-apr-0.23.2.dfsg/src/io_pipe.c
Examining data/lua-apr-0.23.2.dfsg/src/ldap.c
Examining data/lua-apr-0.23.2.dfsg/src/lua_apr.c
Examining data/lua-apr-0.23.2.dfsg/src/lua_apr.h
Examining data/lua-apr-0.23.2.dfsg/src/memcache.c
Examining data/lua-apr-0.23.2.dfsg/src/memory_pool.c
Examining data/lua-apr-0.23.2.dfsg/src/object.c
Examining data/lua-apr-0.23.2.dfsg/src/permissions.c
Examining data/lua-apr-0.23.2.dfsg/src/pollset.c
Examining data/lua-apr-0.23.2.dfsg/src/proc.c
Examining data/lua-apr-0.23.2.dfsg/src/serialize.c
Examining data/lua-apr-0.23.2.dfsg/src/shm.c
Examining data/lua-apr-0.23.2.dfsg/src/signal.c
Examining data/lua-apr-0.23.2.dfsg/src/stat.c
Examining data/lua-apr-0.23.2.dfsg/src/str.c
Examining data/lua-apr-0.23.2.dfsg/src/thread.c
Examining data/lua-apr-0.23.2.dfsg/src/thread_queue.c
Examining data/lua-apr-0.23.2.dfsg/src/time.c
Examining data/lua-apr-0.23.2.dfsg/src/uri.c
Examining data/lua-apr-0.23.2.dfsg/src/user.c
Examining data/lua-apr-0.23.2.dfsg/src/uuid.c
Examining data/lua-apr-0.23.2.dfsg/src/xlate.c
Examining data/lua-apr-0.23.2.dfsg/src/xml.c
FINAL RESULTS:
data/lua-apr-0.23.2.dfsg/etc/apreq_standalone.c:26:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/buffer.c:199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[LUA_APR_MAXSTR2NUM + 1];
data/lua-apr-0.23.2.dfsg/src/buffer.c:219:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, CURSOR(B) + offset, test);
data/lua-apr-0.23.2.dfsg/src/buffer.c:481:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&B->data[B->limit], data, size);
data/lua-apr-0.23.2.dfsg/src/buffer.c:487:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&B->data[B->limit], "\r\n", 2);
data/lua-apr-0.23.2.dfsg/src/crypt.c:69:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (2 != sprintf(&formatted[i*2], "%02x", digest[i]))
data/lua-apr-0.23.2.dfsg/src/crypt.c:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest[120];
data/lua-apr-0.23.2.dfsg/src/crypt.c:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[256]; /* arbitrary limit */
data/lua-apr-0.23.2.dfsg/src/crypt.c:255:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[APR_MD5_DIGESTSIZE];
data/lua-apr-0.23.2.dfsg/src/crypt.c:256:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatted[APR_MD5_DIGESTSIZE*2 + 1];
data/lua-apr-0.23.2.dfsg/src/crypt.c:374:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[APR_SHA1_DIGESTSIZE];
data/lua-apr-0.23.2.dfsg/src/crypt.c:375:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatted[APR_SHA1_DIGESTSIZE*2 + 1];
data/lua-apr-0.23.2.dfsg/src/dbm.c:45:56: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static lua_apr_dbm *dbm_check(lua_State *L, int i, int open)
data/lua-apr-0.23.2.dfsg/src/dbm.c:48:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open && dbm->handle == NULL)
data/lua-apr-0.23.2.dfsg/src/getopt.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2] = { '\0', '\0' };
data/lua-apr-0.23.2.dfsg/src/http.c:113:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/http.c:489:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, encoded, enclen);
data/lua-apr-0.23.2.dfsg/src/io_file.c:52:51: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lua_apr_file *file_check(lua_State *L, int i, int open)
data/lua-apr-0.23.2.dfsg/src/io_file.c:55:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open && file->handle == NULL)
data/lua-apr-0.23.2.dfsg/src/io_file.c:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/io_net.c:64:62: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static lua_apr_socket* socket_check(lua_State *L, int i, int open)
data/lua-apr-0.23.2.dfsg/src/io_net.c:67:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open && object->handle == NULL)
data/lua-apr-0.23.2.dfsg/src/io_net.c:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[APRMAXHOSTLEN + 1];
data/lua-apr-0.23.2.dfsg/src/io_net.c:385:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024], ip_addr[APRMAXHOSTLEN];
data/lua-apr-0.23.2.dfsg/src/lua_apr.c:420:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/object.c:52:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clone, object, T->objsize);
data/lua-apr-0.23.2.dfsg/src/permissions.c:73:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[9], *p = str;
data/lua-apr-0.23.2.dfsg/src/pollset.c:43:73: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static lua_apr_pollset_object* check_pollset(lua_State *L, int idx, int open) {
data/lua-apr-0.23.2.dfsg/src/pollset.c:45:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open && object->pollset == NULL)
data/lua-apr-0.23.2.dfsg/src/serialize.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[APR_UUID_FORMATTED_LENGTH + 1];
data/lua-apr-0.23.2.dfsg/src/str.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5];
data/lua-apr-0.23.2.dfsg/src/thread.c:325:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/time.c:254:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatted[1024];
data/lua-apr-0.23.2.dfsg/src/uri.c:115:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
components.port = (apr_port_t) atoi(components.port_str);
data/lua-apr-0.23.2.dfsg/src/uuid.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatted[APR_UUID_FORMATTED_LENGTH + 1];
data/lua-apr-0.23.2.dfsg/src/xml.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/xml.c:254:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LUA_APR_MSGSIZE];
data/lua-apr-0.23.2.dfsg/src/buffer.c:149:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
status = input->read(input->object, &B->data[B->limit], &len);
data/lua-apr-0.23.2.dfsg/src/buffer.c:318:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
lua_apr_buf_rf read,
data/lua-apr-0.23.2.dfsg/src/buffer.c:328:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
input->read = read;
data/lua-apr-0.23.2.dfsg/src/filepath.c:107:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(buffer);
data/lua-apr-0.23.2.dfsg/src/filepath.c:165:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext = name + strlen(name);
data/lua-apr-0.23.2.dfsg/src/http.c:482:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
apr_size_t strlen;
data/lua-apr-0.23.2.dfsg/src/http.c:491:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status = apreq_decode(string, &strlen, encoded, enclen);
data/lua-apr-0.23.2.dfsg/src/http.c:495:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lua_pushlstring(L, string, strlen);
data/lua-apr-0.23.2.dfsg/src/lua_apr.c:423:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(message);
data/lua-apr-0.23.2.dfsg/src/lua_apr.h:180:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
lua_apr_buf_rf read;
data/lua-apr-0.23.2.dfsg/src/memcache.c:445:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(value);
ANALYSIS SUMMARY:
Hits = 48
Lines analyzed = 15195 in approximately 0.41 seconds (37224 lines/second)
Physical Source Lines of Code (SLOC) = 8836
Hits@level = [0] 4 [1] 11 [2] 37 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 52 [1+] 48 [2+] 37 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.88502 [1+] 5.43232 [2+] 4.18742 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.