Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mig-1.8+git20200618/string.c
Examining data/mig-1.8+git20200618/parser.h
Examining data/mig-1.8+git20200618/header.c
Examining data/mig-1.8+git20200618/user.c
Examining data/mig-1.8+git20200618/routine.h
Examining data/mig-1.8+git20200618/tests/includes/types.h
Examining data/mig-1.8+git20200618/tests/includes/mach/mig_support.h
Examining data/mig-1.8+git20200618/tests/includes/user.h
Examining data/mig-1.8+git20200618/tests/includes/server.h
Examining data/mig-1.8+git20200618/tests/includes/all.h
Examining data/mig-1.8+git20200618/type.h
Examining data/mig-1.8+git20200618/type.c
Examining data/mig-1.8+git20200618/migcom.c
Examining data/mig-1.8+git20200618/lexxer.h
Examining data/mig-1.8+git20200618/boolean.h
Examining data/mig-1.8+git20200618/parser.c
Examining data/mig-1.8+git20200618/server.c
Examining data/mig-1.8+git20200618/global.h
Examining data/mig-1.8+git20200618/lexxer.c
Examining data/mig-1.8+git20200618/routine.c
Examining data/mig-1.8+git20200618/mig_string.h
Examining data/mig-1.8+git20200618/error.c
Examining data/mig-1.8+git20200618/statement.c
Examining data/mig-1.8+git20200618/utils.h
Examining data/mig-1.8+git20200618/utils.c
Examining data/mig-1.8+git20200618/error.h
Examining data/mig-1.8+git20200618/vprint.c
Examining data/mig-1.8+git20200618/write.h
Examining data/mig-1.8+git20200618/message.h
Examining data/mig-1.8+git20200618/statement.h
Examining data/mig-1.8+git20200618/global.c
FINAL RESULTS:
data/mig-1.8+git20200618/error.c:44:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stderr, format, pvar);
data/mig-1.8+git20200618/error.c:58:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stderr, format, pvar);
data/mig-1.8+git20200618/error.c:70:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(stderr, format, pvar);
data/mig-1.8+git20200618/error.c:84:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s (%d)", error_mess, error_num);
data/mig-1.8+git20200618/error.h:36:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2),
data/mig-1.8+git20200618/error.h:42:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)))
data/mig-1.8+git20200618/error.h:47:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 1, 2)))
data/mig-1.8+git20200618/parser.c:899:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/mig-1.8+git20200618/server.c:575:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "(ipc_port_t) In%dP->%s",
data/mig-1.8+git20200618/server.c:578:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "In%dP->%s",
data/mig-1.8+git20200618/string.c:42:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(saved, string);
data/mig-1.8+git20200618/string.c:54:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
return strcat(strcpy(saved, left), right);
data/mig-1.8+git20200618/string.c:54:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcat(strcpy(saved, left), right);
data/mig-1.8+git20200618/utils.c:405:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) vfprintf(file, fmt, pvar);
data/mig-1.8+git20200618/vprint.c:43:1: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(const char *fmt, va_list args)
data/mig-1.8+git20200618/vprint.c:50:1: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(FILE *f, const char *fmt, va_list args)
data/mig-1.8+git20200618/vprint.c:57:1: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(char *s, const char *fmt, va_list args)
data/mig-1.8+git20200618/vprint.c:70:1: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(char *s, int n, const char *fmt, va_list args)
data/mig-1.8+git20200618/error.c:79:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[256];
data/mig-1.8+git20200618/lexxer.c:1670:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
{ yylval.number = atoi(yytext); RETURN(syNumber); }
data/mig-1.8+git20200618/lexxer.c:2762:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lineno = atoi(body);
data/mig-1.8+git20200618/migcom.c:320:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(realname, mode);
data/mig-1.8+git20200618/parser.c:1145:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/mig-1.8+git20200618/parser.c:1332:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/mig-1.8+git20200618/server.c:564:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100];
data/mig-1.8+git20200618/type.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/mig-1.8+git20200618/type.c:144:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buffer, "%u", name);
data/mig-1.8+git20200618/user.c:275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SendSize[24];
data/mig-1.8+git20200618/user.c:278:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SendSize, "%d", rt->rtRequestSize);
data/mig-1.8+git20200618/user.c:280:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(SendSize, "msgh_size");
data/mig-1.8+git20200618/user.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SendSize[24];
data/mig-1.8+git20200618/user.c:342:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SendSize, "%d", rt->rtRequestSize);
data/mig-1.8+git20200618/user.c:344:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(SendSize, "msgh_size");
data/mig-1.8+git20200618/user.c:1259:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "w");
data/mig-1.8+git20200618/vprint.c:184:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char char_buf[2];
data/mig-1.8+git20200618/vprint.c:370:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXBUF]; /* build number here */
data/mig-1.8+git20200618/lexxer.c:1065:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/mig-1.8+git20200618/lexxer.c:2476:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,(int) strlen(yystr) );
data/mig-1.8+git20200618/parser.c:1045:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/mig-1.8+git20200618/string.c:39:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
saved = malloc(strlen(string) + 1);
data/mig-1.8+git20200618/string.c:50:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
saved = malloc(strlen(left) + strlen(right) + 1);
data/mig-1.8+git20200618/string.c:50:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
saved = malloc(strlen(left) + strlen(right) + 1);
data/mig-1.8+git20200618/vprint.c:66:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(s));
data/mig-1.8+git20200618/vprint.c:391:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length -= strlen(prefix);
ANALYSIS SUMMARY:
Hits = 44
Lines analyzed = 13372 in approximately 0.39 seconds (34556 lines/second)
Physical Source Lines of Code (SLOC) = 9158
Hits@level = [0] 655 [1] 8 [2] 18 [3] 0 [4] 18 [5] 0
Hits@level+ = [0+] 699 [1+] 44 [2+] 36 [3+] 18 [4+] 18 [5+] 0
Hits/KSLOC@level+ = [0+] 76.3267 [1+] 4.80454 [2+] 3.93099 [3+] 1.96549 [4+] 1.96549 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.