Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mtree-netbsd-20180822/compare.c
Examining data/mtree-netbsd-20180822/crc.c
Examining data/mtree-netbsd-20180822/create.c
Examining data/mtree-netbsd-20180822/excludes.c
Examining data/mtree-netbsd-20180822/extern.h
Examining data/mtree-netbsd-20180822/getid.c
Examining data/mtree-netbsd-20180822/misc.c
Examining data/mtree-netbsd-20180822/mtree.c
Examining data/mtree-netbsd-20180822/mtree.h
Examining data/mtree-netbsd-20180822/pack_dev.h
Examining data/mtree-netbsd-20180822/stat_flags.c
Examining data/mtree-netbsd-20180822/stat_flags.h
Examining data/mtree-netbsd-20180822/verify.c
Examining data/mtree-netbsd-20180822/pack_dev.c
Examining data/mtree-netbsd-20180822/spec.c
FINAL RESULTS:
data/mtree-netbsd-20180822/compare.c:537:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if ((len = readlink(name, lbuf, sizeof(lbuf) - 1)) == -1)
data/mtree-netbsd-20180822/create.c:151:6: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
getlogin(), host, fullpath, ctime(&clocktime));
data/mtree-netbsd-20180822/create.c:433:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/mtree-netbsd-20180822/spec.c:241:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(centry->name, p);
data/mtree-netbsd-20180822/verify.c:199:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tail, p->name);
data/mtree-netbsd-20180822/mtree.c:100:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "cCdDeE:f:I:ik:K:lLmMN:p:PrR:s:tuUWxX:"))
data/mtree-netbsd-20180822/compare.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digestbuf[MAXHASHLEN + 1];
data/mtree-netbsd-20180822/compare.c:395:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(p->fts_accpath, O_RDONLY, 0)) < 0) {
data/mtree-netbsd-20180822/compare.c:534:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lbuf[MAXPATHLEN];
data/mtree-netbsd-20180822/create.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAXHOSTNAMELEN + 1];
data/mtree-netbsd-20180822/create.c:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/mtree-netbsd-20180822/create.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digestbuf[MAXHASHLEN + 1];
data/mtree-netbsd-20180822/create.c:241:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(p->fts_accpath, O_RDONLY, 0)) < 0 ||
data/mtree-netbsd-20180822/create.c:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/mtree-netbsd-20180822/excludes.c:103:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name, "r");
data/mtree-netbsd-20180822/getid.c:137:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char grfile[MAXPATHLEN];
data/mtree-netbsd-20180822/getid.c:138:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pwfile[MAXPATHLEN];
data/mtree-netbsd-20180822/getid.c:140:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *members[MAXGRP];
data/mtree-netbsd-20180822/getid.c:141:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char grline[MAXLINELENGTH];
data/mtree-netbsd-20180822/getid.c:142:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pwline[MAXLINELENGTH];
data/mtree-netbsd-20180822/getid.c:235:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (_gr_fp = fopen(grfile, "r")) ? 1 : 0;
data/mtree-netbsd-20180822/getid.c:376:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (_pw_fp = fopen(pwfile, "r")) ? 1 : 0;
data/mtree-netbsd-20180822/mtree.c:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[MAXPATHLEN];
data/mtree-netbsd-20180822/mtree.h:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1]; /* file name (must be last) */
data/mtree-netbsd-20180822/spec.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/mtree-netbsd-20180822/spec.c:430:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathbuf[4*MAXPATHLEN + 1];
data/mtree-netbsd-20180822/stat_flags.c:88:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[128];
data/mtree-netbsd-20180822/verify.c:83:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[MAXPATHLEN];
data/mtree-netbsd-20180822/verify.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[2];
data/mtree-netbsd-20180822/crc.c:148:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((nr = read(fd, buf, sizeof(buf))) > 0)
data/mtree-netbsd-20180822/create.c:436:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*offset + strlen(buf) > MAXLINELEN - 3) {
data/mtree-netbsd-20180822/getid.c:255:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(_gr_fp)) != '\n' && ch != EOF)
data/mtree-netbsd-20180822/getid.c:396:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(_pw_fp)) != '\n' && ch != EOF)
data/mtree-netbsd-20180822/misc.c:224:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p) + 3; /* "," + p + ",\0" */
data/mtree-netbsd-20180822/spec.c:201:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen(p) + 1;
data/mtree-netbsd-20180822/spec.c:237:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((centry = calloc(1, sizeof(NODE) + strlen(p))) == NULL)
data/mtree-netbsd-20180822/spec.c:628:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(val) + 3; /* "," + str + ",\0" */
ANALYSIS SUMMARY:
Hits = 37
Lines analyzed = 4202 in approximately 0.13 seconds (32659 lines/second)
Physical Source Lines of Code (SLOC) = 3151
Hits@level = [0] 116 [1] 8 [2] 23 [3] 1 [4] 4 [5] 1
Hits@level+ = [0+] 153 [1+] 37 [2+] 29 [3+] 6 [4+] 5 [5+] 1
Hits/KSLOC@level+ = [0+] 48.556 [1+] 11.7423 [2+] 9.20343 [3+] 1.90416 [4+] 1.5868 [5+] 0.31736
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.