Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/netkit-rwho-0.17/rwho/rwho.c Examining data/netkit-rwho-0.17/version.h Examining data/netkit-rwho-0.17/include/protocols/rwhod.h Examining data/netkit-rwho-0.17/ruptime/ruptime.c Examining data/netkit-rwho-0.17/rwhod/daemon.c Examining data/netkit-rwho-0.17/rwhod/daemon.h Examining data/netkit-rwho-0.17/rwhod/rwhod.c FINAL RESULTS: data/netkit-rwho-0.17/rwhod/rwhod.c:235:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(wn->w_ifname, optarg); data/netkit-rwho-0.17/rwhod/rwhod.c:718:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(np->n_name, ifr->ifr_name); data/netkit-rwho-0.17/ruptime/ruptime.c:99:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((ch = getopt(argc, argv, "alrut")) != -1) data/netkit-rwho-0.17/rwho/rwho.c:95:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((ch = getopt(argc, argv, "a")) != EOF) { data/netkit-rwho-0.17/rwhod/rwhod.c:195:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "bpai:h?fu:")) != EOF) { data/netkit-rwho-0.17/include/protocols/rwhod.h:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_line[8]; /* tty name */ data/netkit-rwho-0.17/include/protocols/rwhod.h:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_name[8]; /* user id */ data/netkit-rwho-0.17/include/protocols/rwhod.h:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wd_pad[2]; data/netkit-rwho-0.17/include/protocols/rwhod.h:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wd_hostname[32]; /* hosts's name */ data/netkit-rwho-0.17/ruptime/ruptime.c:58:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hs_hostname[MAXHOSTNAMELEN]; data/netkit-rwho-0.17/ruptime/ruptime.c:94:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(struct whod)]; data/netkit-rwho-0.17/ruptime/ruptime.c:132:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = open(dp->d_name, O_RDONLY, 0)) < 0) { data/netkit-rwho-0.17/ruptime/ruptime.c:212:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char resbuf[32]; data/netkit-rwho-0.17/rwho/rwho.c:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myhost[MAXHOSTNAMELEN]; data/netkit-rwho-0.17/rwho/rwho.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myline[PATH_MAX]; data/netkit-rwho-0.17/rwho/rwho.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myname[16]; data/netkit-rwho-0.17/rwho/rwho.c:116:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = open(dp->d_name, O_RDONLY); data/netkit-rwho-0.17/rwho/rwho.c:208:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/netkit-rwho-0.17/rwhod/daemon.c:63:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(_PATH_DEVNULL, O_RDWR, 0); data/netkit-rwho-0.17/rwhod/rwhod.c:165:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[64]; data/netkit-rwho-0.17/rwhod/rwhod.c:360:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). whod = open(path, O_WRONLY | O_CREAT, 0644); data/netkit-rwho-0.17/rwhod/rwhod.c:420:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myname[MAXHOSTNAMELEN], *cp; data/netkit-rwho-0.17/rwhod/rwhod.c:588:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("/proc/loadavg", "r"); data/netkit-rwho-0.17/rwhod/rwhod.c:608:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen("/proc/uptime", "r"); data/netkit-rwho-0.17/rwhod/rwhod.c:642:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). kmemf = open(_PATH_KMEM, O_RDONLY, 0); data/netkit-rwho-0.17/rwhod/rwhod.c:661:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ], *cp, *cplim; data/netkit-rwho-0.17/rwhod/rwhod.c:752:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(&ifr->ifr_addr, np->n_dstaddr, np->n_addrlen); data/netkit-rwho-0.17/rwhod/rwhod.c:753:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(&ifr->ifr_addr, np->n_myaddr, np->n_addrlen); data/netkit-rwho-0.17/rwhod/rwhod.c:826:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(&ifreq.ifr_dstaddr, np->n_dstaddr, np->n_addrlen); data/netkit-rwho-0.17/rwhod/rwhod.c:847:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(&ifreq.ifr_broadaddr, np->n_dstaddr, np->n_addrlen); data/netkit-rwho-0.17/rwhod/rwhod.c:859:4: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy((char*)&ifreq.ifr_netmask, data/netkit-rwho-0.17/rwhod/rwhod.c:935:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char resbuf[32]; data/netkit-rwho-0.17/ruptime/ruptime.c:137:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(f, buf, sizeof(struct whod)); data/netkit-rwho-0.17/rwho/rwho.c:120:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc = read(f, (char *)&wd, sizeof (struct whod)); data/netkit-rwho-0.17/rwho/rwho.c:170:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mp->myhost, w->wd_hostname, size); data/netkit-rwho-0.17/rwho/rwho.c:183:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mp->myline, we->we_utmp.out_line, data/netkit-rwho-0.17/rwho/rwho.c:186:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mp->myname, we->we_utmp.out_name, data/netkit-rwho-0.17/rwho/rwho.c:201:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int j = strlen(mp->myhost) + 1 + strlen(mp->myline); data/netkit-rwho-0.17/rwho/rwho.c:201:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int j = strlen(mp->myhost) + 1 + strlen(mp->myline); data/netkit-rwho-0.17/rwhod/rwhod.c:229:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). wn->w_ifname = malloc(strlen(optarg)+1); data/netkit-rwho-0.17/rwhod/rwhod.c:272:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). (void) umask(022); data/netkit-rwho-0.17/rwhod/rwhod.c:433:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mynamelen = strlen(myname) + 1; data/netkit-rwho-0.17/rwhod/rwhod.c:436:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mywd.wd_hostname, myname, mynamelen); data/netkit-rwho-0.17/rwhod/rwhod.c:648:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void) read(kmemf, &wd->wd_boottime, data/netkit-rwho-0.17/rwhod/rwhod.c:713:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). np->n_name = malloc(strlen(ifr->ifr_name) + 1); ANALYSIS SUMMARY: Hits = 45 Lines analyzed = 1710 in approximately 0.07 seconds (24459 lines/second) Physical Source Lines of Code (SLOC) = 1252 Hits@level = [0] 70 [1] 13 [2] 27 [3] 3 [4] 2 [5] 0 Hits@level+ = [0+] 115 [1+] 45 [2+] 32 [3+] 5 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 91.853 [1+] 35.9425 [2+] 25.5591 [3+] 3.99361 [4+] 1.59744 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.