Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/netkit-rwho-0.17/rwho/rwho.c
Examining data/netkit-rwho-0.17/version.h
Examining data/netkit-rwho-0.17/include/protocols/rwhod.h
Examining data/netkit-rwho-0.17/ruptime/ruptime.c
Examining data/netkit-rwho-0.17/rwhod/daemon.c
Examining data/netkit-rwho-0.17/rwhod/daemon.h
Examining data/netkit-rwho-0.17/rwhod/rwhod.c
FINAL RESULTS:
data/netkit-rwho-0.17/rwhod/rwhod.c:235:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wn->w_ifname, optarg);
data/netkit-rwho-0.17/rwhod/rwhod.c:718:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(np->n_name, ifr->ifr_name);
data/netkit-rwho-0.17/ruptime/ruptime.c:99:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "alrut")) != -1)
data/netkit-rwho-0.17/rwho/rwho.c:95:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "a")) != EOF) {
data/netkit-rwho-0.17/rwhod/rwhod.c:195:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "bpai:h?fu:")) != EOF) {
data/netkit-rwho-0.17/include/protocols/rwhod.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_line[8]; /* tty name */
data/netkit-rwho-0.17/include/protocols/rwhod.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_name[8]; /* user id */
data/netkit-rwho-0.17/include/protocols/rwhod.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wd_pad[2];
data/netkit-rwho-0.17/include/protocols/rwhod.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wd_hostname[32]; /* hosts's name */
data/netkit-rwho-0.17/ruptime/ruptime.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hs_hostname[MAXHOSTNAMELEN];
data/netkit-rwho-0.17/ruptime/ruptime.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(struct whod)];
data/netkit-rwho-0.17/ruptime/ruptime.c:132:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = open(dp->d_name, O_RDONLY, 0)) < 0) {
data/netkit-rwho-0.17/ruptime/ruptime.c:212:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char resbuf[32];
data/netkit-rwho-0.17/rwho/rwho.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myhost[MAXHOSTNAMELEN];
data/netkit-rwho-0.17/rwho/rwho.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myline[PATH_MAX];
data/netkit-rwho-0.17/rwho/rwho.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myname[16];
data/netkit-rwho-0.17/rwho/rwho.c:116:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open(dp->d_name, O_RDONLY);
data/netkit-rwho-0.17/rwho/rwho.c:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/netkit-rwho-0.17/rwhod/daemon.c:63:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(_PATH_DEVNULL, O_RDWR, 0);
data/netkit-rwho-0.17/rwhod/rwhod.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[64];
data/netkit-rwho-0.17/rwhod/rwhod.c:360:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
whod = open(path, O_WRONLY | O_CREAT, 0644);
data/netkit-rwho-0.17/rwhod/rwhod.c:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myname[MAXHOSTNAMELEN], *cp;
data/netkit-rwho-0.17/rwhod/rwhod.c:588:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("/proc/loadavg", "r");
data/netkit-rwho-0.17/rwhod/rwhod.c:608:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("/proc/uptime", "r");
data/netkit-rwho-0.17/rwhod/rwhod.c:642:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
kmemf = open(_PATH_KMEM, O_RDONLY, 0);
data/netkit-rwho-0.17/rwhod/rwhod.c:661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ], *cp, *cplim;
data/netkit-rwho-0.17/rwhod/rwhod.c:752:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&ifr->ifr_addr, np->n_dstaddr, np->n_addrlen);
data/netkit-rwho-0.17/rwhod/rwhod.c:753:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&ifr->ifr_addr, np->n_myaddr, np->n_addrlen);
data/netkit-rwho-0.17/rwhod/rwhod.c:826:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&ifreq.ifr_dstaddr, np->n_dstaddr, np->n_addrlen);
data/netkit-rwho-0.17/rwhod/rwhod.c:847:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&ifreq.ifr_broadaddr, np->n_dstaddr, np->n_addrlen);
data/netkit-rwho-0.17/rwhod/rwhod.c:859:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((char*)&ifreq.ifr_netmask,
data/netkit-rwho-0.17/rwhod/rwhod.c:935:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char resbuf[32];
data/netkit-rwho-0.17/ruptime/ruptime.c:137:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = read(f, buf, sizeof(struct whod));
data/netkit-rwho-0.17/rwho/rwho.c:120:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cc = read(f, (char *)&wd, sizeof (struct whod));
data/netkit-rwho-0.17/rwho/rwho.c:170:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mp->myhost, w->wd_hostname, size);
data/netkit-rwho-0.17/rwho/rwho.c:183:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mp->myline, we->we_utmp.out_line,
data/netkit-rwho-0.17/rwho/rwho.c:186:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mp->myname, we->we_utmp.out_name,
data/netkit-rwho-0.17/rwho/rwho.c:201:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int j = strlen(mp->myhost) + 1 + strlen(mp->myline);
data/netkit-rwho-0.17/rwho/rwho.c:201:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int j = strlen(mp->myhost) + 1 + strlen(mp->myline);
data/netkit-rwho-0.17/rwhod/rwhod.c:229:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wn->w_ifname = malloc(strlen(optarg)+1);
data/netkit-rwho-0.17/rwhod/rwhod.c:272:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
(void) umask(022);
data/netkit-rwho-0.17/rwhod/rwhod.c:433:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mynamelen = strlen(myname) + 1;
data/netkit-rwho-0.17/rwhod/rwhod.c:436:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mywd.wd_hostname, myname, mynamelen);
data/netkit-rwho-0.17/rwhod/rwhod.c:648:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(kmemf, &wd->wd_boottime,
data/netkit-rwho-0.17/rwhod/rwhod.c:713:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
np->n_name = malloc(strlen(ifr->ifr_name) + 1);
ANALYSIS SUMMARY:
Hits = 45
Lines analyzed = 1710 in approximately 0.07 seconds (24459 lines/second)
Physical Source Lines of Code (SLOC) = 1252
Hits@level = [0] 70 [1] 13 [2] 27 [3] 3 [4] 2 [5] 0
Hits@level+ = [0+] 115 [1+] 45 [2+] 32 [3+] 5 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 91.853 [1+] 35.9425 [2+] 25.5591 [3+] 3.99361 [4+] 1.59744 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.