Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/net-acct-0.71/src/config.c Examining data/net-acct-0.71/src/utils.c Examining data/net-acct-0.71/src/capture-linux.c Examining data/net-acct-0.71/src/capture-pcap.c Examining data/net-acct-0.71/src/daemon.c Examining data/net-acct-0.71/src/main.c Examining data/net-acct-0.71/src/netacct.h Examining data/net-acct-0.71/src/process.c FINAL RESULTS: data/net-acct-0.71/src/capture-linux.c:65:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (p -> oldifr.ifr_name, p -> name); data/net-acct-0.71/src/capture-linux.c:84:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_MISC, sprintf(dbg, "%s set to promiscous mode\n", p -> name)); data/net-acct-0.71/src/capture-linux.c:211:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_UTMP, sprintf(dbg, "%d: did a stat of %s\n",(int) now,_PATH_UTMP)); data/net-acct-0.71/src/capture-linux.c:220:23: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_UTMP, sprintf(dbg, "%d: wading through utmp %s\n",(int) now, _PATH_UTMP)); data/net-acct-0.71/src/capture-linux.c:235:27: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_DYNAMIC, sprintf(dbg, "found %s for %s\n",dd->user, line)); data/net-acct-0.71/src/capture-linux.c:261:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ANNOYING, sprintf(dbg, "check_user_dynamicip(%s)\n", intoa(addr))); data/net-acct-0.71/src/capture-linux.c:289:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_DYNAMIC, sprintf(dbg, "added entry for %s to dynadat list\n", intoa(addr))); data/net-acct-0.71/src/capture-linux.c:304:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_DYNAMIC, sprintf(dbg, "%d: did a stat of %s, last_stat was %d, mtime was %d\n",(int) now, cfg->dynamicip, (int) dd->last_stat, (int) dd -> mtime)); data/net-acct-0.71/src/capture-linux.c:316:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s, cfg->dynamicip); data/net-acct-0.71/src/capture-linux.c:318:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(s, intoa(addr)); data/net-acct-0.71/src/capture-linux.c:320:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_DYNAMIC, sprintf(dbg, "%d: reading %s\n",(int) now, s)); data/net-acct-0.71/src/capture-linux.c:331:26: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_DYNAMIC, sprintf(dbg, "%d: couldn't fopen %s: %s\n",(int) now, s, strerror(errno))); data/net-acct-0.71/src/capture-linux.c:342:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_DYNAMIC, sprintf(dbg, "found %s for %s\n",dd->user, intoa(addr))); data/net-acct-0.71/src/capture-linux.c:386:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_SYSCALL, sprintf(dbg, "recvfrom: %s\n", strerror(errno))); data/net-acct-0.71/src/capture-linux.c:486:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, intoa(tmp_iphdr->saddr)); data/net-acct-0.71/src/capture-linux.c:487:27: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_IGNORE, sprintf(dbg, "netignored: %s -> %s\n", data/net-acct-0.71/src/capture-linux.c:508:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ANNOYING, sprintf(dbg, "source %s is on dynamicnet\n", intoa(dynamicaddr))); data/net-acct-0.71/src/capture-linux.c:515:25: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ANNOYING, sprintf(dbg, "destination %s is on dynamicnet\n", intoa(dynamicaddr))); data/net-acct-0.71/src/capture-linux.c:522:29: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ANNOYING, sprintf(dbg, "BUT: %s is excluded from name lookup\n", intoa(dynamicaddr))); data/net-acct-0.71/src/capture-linux.c:528:26: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ANNOYING, sprintf(dbg, "prev. bug: %s is excluded from name lookup, too\n", intoa(dynamicaddr))); data/net-acct-0.71/src/capture-linux.c:605:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"error opening %s: %s", PATH_PROCNET_TCP,strerror(errno))); data/net-acct-0.71/src/capture-pcap.c:44:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_MISC, sprintf(dbg, "%s set to promiscous mode\n", p -> name)); data/net-acct-0.71/src/capture-pcap.c:86:19: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"pcap_dispatch: %s\n", pcap_geterr(pcap))); data/net-acct-0.71/src/capture-pcap.c:139:23: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp, intoa(tmp_iphdr.ip_src.s_addr)); data/net-acct-0.71/src/capture-pcap.c:140:41: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_IGNORE, sprintf(dbg, "netignored: %s -> %s\n", data/net-acct-0.71/src/main.c:84:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if(access(PID_FILE,F_OK)==0) data/net-acct-0.71/src/main.c:167:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if(access(fname,F_OK)==0) data/net-acct-0.71/src/main.c:171:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s, fname); data/net-acct-0.71/src/netacct.h:105:58: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). for(DBGi=1; DBGi<=30; DBGi++) if((1 << DBGi) & level) {strcpy(DBGtype, DBG_TYPE_STRING[DBGi]);break;}\ data/net-acct-0.71/src/process.c:309:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"pipe error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:318:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"pipe close error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:324:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"pipe close error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:330:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"pipe close error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:336:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"pipe close error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:345:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"write error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:359:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"read error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:373:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"write error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:387:22: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_ERR, sprintf(dbg,"read error: %s\n", strerror(errno))); data/net-acct-0.71/src/process.c:501:26: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. DEBUG(DBG_SIGNAL, sprintf(dbg, "waitpid: signaled error: %s\n", strerror(errno))); data/net-acct-0.71/src/main.c:45:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt( argc, argv, "c:dD" )) != EOF) data/net-acct-0.71/src/capture-linux.c:326:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(s, "r"); data/net-acct-0.71/src/capture-linux.c:360:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buff[1600]; data/net-acct-0.71/src/capture-linux.c:485:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[18]; data/net-acct-0.71/src/capture-linux.c:596:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/net-acct-0.71/src/capture-linux.c:602:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((procinfo = fopen(PATH_PROCNET_TCP, "r")) == NULL) data/net-acct-0.71/src/capture-pcap.c:18:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuff[PCAP_ERRBUF_SIZE]; data/net-acct-0.71/src/capture-pcap.c:138:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[18]; data/net-acct-0.71/src/config.c:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[1024]; data/net-acct-0.71/src/config.c:53:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f=fopen(fname,"r"); data/net-acct-0.71/src/config.c:97:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg->flush = atoi(value); data/net-acct-0.71/src/config.c:102:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg->fdelay = atoi(value); data/net-acct-0.71/src/config.c:133:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). debug_level = atoi(value); data/net-acct-0.71/src/config.c:139:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). field = atoi(value); data/net-acct-0.71/src/config.c:263:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp -> offset = atoi(offset); data/net-acct-0.71/src/config.c:264:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp -> type = atoi(type); data/net-acct-0.71/src/config.c:307:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cfg->err_delay = atoi(value); data/net-acct-0.71/src/daemon.c:44:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "entering daemon_stop\n")); data/net-acct-0.71/src/daemon.c:48:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "wrote final log\n")); data/net-acct-0.71/src/daemon.c:52:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "unlinked PID_FILE\n")); data/net-acct-0.71/src/daemon.c:56:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "did syslog message\n")); data/net-acct-0.71/src/daemon.c:60:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "cleaned up capture\n")); data/net-acct-0.71/src/daemon.c:64:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "closed syslog\n")); data/net-acct-0.71/src/main.c:86:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[80]; data/net-acct-0.71/src/main.c:90:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(PID_FILE, "r"); data/net-acct-0.71/src/main.c:94:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pid = atoi(buff); data/net-acct-0.71/src/main.c:110:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(PID_FILE, "w"); data/net-acct-0.71/src/main.c:172:6: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(s, ".o"); data/net-acct-0.71/src/main.c:233:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). dbg_file = fopen(cfg->debugname, "a"); data/net-acct-0.71/src/netacct.h:98:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *DBG_TYPE_STRING[31] = {"NONE ", "CONF ", "STATE", "UTMP ", "DYNA ", "SYS ", "IGN ", "MISC ", "STATS", "SIG ", /* 10 */ "ERROR", "", "", "", "", "", "", "", "", "", /* 20 */ "", "", "", "" ,"", "", "", "", "", "", "ANNOY"}; data/net-acct-0.71/src/netacct.h:103:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dbg[255], DBGtmp[255], DBGtype[255]; int DBGi;\ data/net-acct-0.71/src/process.c:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[257]; data/net-acct-0.71/src/process.c:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char searchtext[20]; data/net-acct-0.71/src/process.c:73:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(searchtext, "%08lX:%04X %04X",ntohl(p->dst), data/net-acct-0.71/src/process.c:75:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fd=fopen(PROC_MASQ_FILENAME,"r")) == NULL) data/net-acct-0.71/src/process.c:158:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ANNOYING, sprintf(dbg, "lck = 1\n")); data/net-acct-0.71/src/process.c:176:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ANNOYING, sprintf(dbg, "lck = 0\n")); data/net-acct-0.71/src/process.c:186:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ERR, sprintf(dbg, "out of memory\n")); data/net-acct-0.71/src/process.c:187:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ANNOYING, sprintf(dbg, "lck = 0\n")); data/net-acct-0.71/src/process.c:219:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[16]; data/net-acct-0.71/src/process.c:220:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "<%d>", uid); data/net-acct-0.71/src/process.c:227:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ANNOYING, sprintf(dbg, "lck = 0\n")); data/net-acct-0.71/src/process.c:364:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ERR, sprintf(dbg,"WAIT_PARENT: incorrect data\n")); data/net-acct-0.71/src/process.c:392:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_ERR, sprintf(dbg,"WAIT_CHILD: incorrect data\n")); data/net-acct-0.71/src/process.c:410:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "write child: synchronized with parent\n")); data/net-acct-0.71/src/process.c:414:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "* write process %d forked\n", (int) getpid())); data/net-acct-0.71/src/process.c:416:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(cfg->filename, "a"); data/net-acct-0.71/src/process.c:433:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "* write finished, count = %ld\n", olistsize)); data/net-acct-0.71/src/process.c:449:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "dump child: synchronized with parent\n")); data/net-acct-0.71/src/process.c:455:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "* dump process %d forked\n", (int) getpid())); data/net-acct-0.71/src/process.c:460:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "* dump finished, dump empty\n")); data/net-acct-0.71/src/process.c:464:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(cfg->dumpname, "w"); data/net-acct-0.71/src/process.c:480:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "* dump finished, count = %ld\n", plistsize)); data/net-acct-0.71/src/process.c:491:37: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, "-> got signal %d, handling\n", sig)); data/net-acct-0.71/src/process.c:495:22: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_SIGNAL, sprintf(dbg, " waitpid returned %d, status = %d, errno = %d\n", pid, status, errno)); data/net-acct-0.71/src/process.c:513:38: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, " set writing to 0\n")); data/net-acct-0.71/src/process.c:518:38: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, " set dumping to 0\n")); data/net-acct-0.71/src/process.c:530:38: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, " set writing to 0, setting err_delay\n")); data/net-acct-0.71/src/process.c:535:38: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, " set dumping to 0, ignored error condition\n")); data/net-acct-0.71/src/process.c:548:41: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, " set writing to 0, ignored return code\n")); data/net-acct-0.71/src/process.c:553:41: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, " set dumping to 0, ignored return code\n")); data/net-acct-0.71/src/process.c:560:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, " unexpected child %d signaled return (writepid = %d, dumppid = %d\n",(int) pid, writepid, dumppid)); data/net-acct-0.71/src/process.c:563:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, " child %d signaled return\n",(int) pid)); data/net-acct-0.71/src/process.c:565:37: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG((DBG_SIGNAL | DBG_STATE), sprintf(dbg, "<- got signal %d, done handling\n", sig)); data/net-acct-0.71/src/process.c:573:74: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG( ((sig == SIGALRM) ? DBG_ANNOYING : (DBG_SIGNAL | DBG_STATE)), sprintf(dbg, "got signal %d, handling\n", sig)); data/net-acct-0.71/src/process.c:586:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_MISC, sprintf(dbg, "internal clock corrected (off by %d seconds)\n",(int) (nnow-now))); data/net-acct-0.71/src/process.c:608:20: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "write_log called\n")); data/net-acct-0.71/src/process.c:614:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "flushing delayed due to error\n")); data/net-acct-0.71/src/process.c:618:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATISTICS, sprintf(dbg, "ignored: %ld netignored: %ld local:%ld ip:%ld unenc:%ld notdev:%ld dropped:%ld\n", data/net-acct-0.71/src/process.c:621:29: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATISTICS, sprintf(dbg, "udp: %ld tcp:%ld icmp:%ld other:%ld\n", data/net-acct-0.71/src/process.c:626:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATISTICS, sprintf(dbg, "lookups:%d compares:%d compares/lookup:%f\n", data/net-acct-0.71/src/process.c:630:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "lck = 1\n")); data/net-acct-0.71/src/process.c:633:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_MISC, sprintf(dbg, "Total of %ld entries\n", plistsize)); data/net-acct-0.71/src/process.c:679:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "parent: synchronized with dump child\n")); data/net-acct-0.71/src/process.c:683:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "dumppid is %d\n", (int) dumppid)); data/net-acct-0.71/src/process.c:689:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "lck = 0\n")); data/net-acct-0.71/src/process.c:691:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_MISC, sprintf(dbg, "Split into %ld [hold] and %ld [write] = %ld [total] entries\n", plistsize, olistsize, plistsize + olistsize)); data/net-acct-0.71/src/process.c:700:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "parent: synchronized with write child\n")); data/net-acct-0.71/src/process.c:704:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "writepid is %d\n", (int) writepid)); data/net-acct-0.71/src/process.c:720:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "done freeing\n")); data/net-acct-0.71/src/process.c:724:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "flushing delayed (writing == %d, lck == %d, may_write == %d)\n",writing,lck,may_write)); data/net-acct-0.71/src/process.c:730:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_SIGNAL, sprintf(dbg, "got signal %d, handling\n", sig)); data/net-acct-0.71/src/process.c:749:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "received SIGTSTP\n")); data/net-acct-0.71/src/process.c:754:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "received SIGCONT\n")); data/net-acct-0.71/src/process.c:759:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "reopening socket\n")); data/net-acct-0.71/src/process.c:768:24: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_STATE, sprintf(dbg, "received SIGHUP, rereading config\n")); data/net-acct-0.71/src/process.c:813:25: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_SIGNAL, sprintf(dbg, "signal_debug received signal %d, this can't happen\n", sig)); data/net-acct-0.71/src/process.c:820:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. DEBUG(DBG_SIGNAL, sprintf(dbg, "got signal %d, ignoring\n", sig)); data/net-acct-0.71/src/utils.c:14:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buff[18]; data/net-acct-0.71/src/utils.c:18:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buff, "%d.%d.%d.%d", data/net-acct-0.71/src/capture-linux.c:232:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dd -> user, ut_rec->ut_user, 8); data/net-acct-0.71/src/capture-linux.c:314:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s = malloc(strlen(cfg->dynamicip) + 1 + 15 + 1 ); data/net-acct-0.71/src/capture-linux.c:317:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(s, "/"); data/net-acct-0.71/src/capture-linux.c:338:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(dd->user[strlen(dd->user)-1]=='\n') dd->user[strlen(dd->user)-1]='\0'; data/net-acct-0.71/src/capture-linux.c:338:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(dd->user[strlen(dd->user)-1]=='\n') dd->user[strlen(dd->user)-1]='\0'; data/net-acct-0.71/src/config.c:71:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(buff,buff+1,strlen(buff)); data/net-acct-0.71/src/config.c:122:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(value[strlen(value)-1]=='/') value[strlen(value)-1]='\0'; data/net-acct-0.71/src/config.c:122:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(value[strlen(value)-1]=='/') value[strlen(value)-1]='\0'; data/net-acct-0.71/src/config.c:262:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp -> l = strlen(value); data/net-acct-0.71/src/main.c:170:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s = malloc(strlen(fname)+3); data/net-acct-0.71/src/process.c:72:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen(protocol); data/net-acct-0.71/src/process.c:355:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if((n = read(pfd1[0], &c, 1)) != 1) data/net-acct-0.71/src/process.c:383:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if((n = read(pfd2[0], &c, 1)) != 1) ANALYSIS SUMMARY: Hits = 142 Lines analyzed = 2702 in approximately 0.11 seconds (25570 lines/second) Physical Source Lines of Code (SLOC) = 2106 Hits@level = [0] 107 [1] 13 [2] 89 [3] 1 [4] 39 [5] 0 Hits@level+ = [0+] 249 [1+] 142 [2+] 129 [3+] 40 [4+] 39 [5+] 0 Hits/KSLOC@level+ = [0+] 118.234 [1+] 67.4264 [2+] 61.2536 [3+] 18.9934 [4+] 18.5185 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.