Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/manpages-tr-1.0.5.1/source/xml2man.c Examining data/manpages-tr-1.0.5.1/isutf8.c FINAL RESULTS: data/manpages-tr-1.0.5.1/source/xml2man.c:523:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp("xsltproc", "xsltproc", "--stringparam", "sostr", sostr, "-", NULL); data/manpages-tr-1.0.5.1/source/xml2man.c:391:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffer); data/manpages-tr-1.0.5.1/source/xml2man.c:419:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffer) - (t - buffer); data/manpages-tr-1.0.5.1/source/xml2man.c:421:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf2, t, len); data/manpages-tr-1.0.5.1/source/xml2man.c:450:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffer) - (src - buffer) - 2; data/manpages-tr-1.0.5.1/source/xml2man.c:452:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, src + 2, len); data/manpages-tr-1.0.5.1/source/xml2man.c:453:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(src, "\n ", 3); /* linefeed + nobreakspace */ data/manpages-tr-1.0.5.1/source/xml2man.c:454:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(src + 3, tmp, len); data/manpages-tr-1.0.5.1/source/xml2man.c:459:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tgt, tags[k].end, tags[k].leneo); data/manpages-tr-1.0.5.1/source/xml2man.c:477:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(tgt, " \n\0", 3); data/manpages-tr-1.0.5.1/source/xml2man.c:485:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer = xmalloc (strlen(buf2) + 100000); data/manpages-tr-1.0.5.1/source/xml2man.c:486:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset (buffer, 0, strlen(buffer) + 100000); data/manpages-tr-1.0.5.1/source/xml2man.c:487:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(xslss[0].str); data/manpages-tr-1.0.5.1/source/xml2man.c:488:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer, xslss[0].str, len); data/manpages-tr-1.0.5.1/source/xml2man.c:489:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pos = len; len = strlen(buf2); data/manpages-tr-1.0.5.1/source/xml2man.c:490:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer + pos, buf2, len); data/manpages-tr-1.0.5.1/source/xml2man.c:491:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pos +=len; len = strlen(xslss[1].str); data/manpages-tr-1.0.5.1/source/xml2man.c:492:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer + pos, xslss[1].str, len); data/manpages-tr-1.0.5.1/source/xml2man.c:528:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write(fdw[1], buffer, strlen(buffer)); data/manpages-tr-1.0.5.1/source/xml2man.c:538:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(fdr[0], buf2[k], size - 4); data/manpages-tr-1.0.5.1/source/xml2man.c:553:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(buf2[i]); data/manpages-tr-1.0.5.1/source/xml2man.c:559:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf2[i]); data/manpages-tr-1.0.5.1/source/xml2man.c:560:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buffer + pos, buf2[i], len); data/manpages-tr-1.0.5.1/source/xml2man.c:589:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(table[i].xml); ANALYSIS SUMMARY: Hits = 24 Lines analyzed = 677 in approximately 0.05 seconds (12713 lines/second) Physical Source Lines of Code (SLOC) = 559 Hits@level = [0] 4 [1] 23 [2] 0 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 28 [1+] 24 [2+] 1 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 50.0894 [1+] 42.9338 [2+] 1.78891 [3+] 1.78891 [4+] 1.78891 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.