Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/netlabel-tools-0.30.0/netlabelctl/cipso.c
Examining data/netlabel-tools-0.30.0/netlabelctl/calipso.c
Examining data/netlabel-tools-0.30.0/netlabelctl/mgmt.c
Examining data/netlabel-tools-0.30.0/netlabelctl/unlabeled.c
Examining data/netlabel-tools-0.30.0/netlabelctl/map.c
Examining data/netlabel-tools-0.30.0/netlabelctl/main.c
Examining data/netlabel-tools-0.30.0/netlabelctl/netlabelctl.h
Examining data/netlabel-tools-0.30.0/include/libnetlabel.h
Examining data/netlabel-tools-0.30.0/include/netlabel.h
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_calipso.c
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_cipso.h
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_calipso.h
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c
Examining data/netlabel-tools-0.30.0/libnetlabel/netlabel_internal.h
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.c
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.h
Examining data/netlabel-tools-0.30.0/libnetlabel/netlabel_init.c
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_cipso.c
Examining data/netlabel-tools-0.30.0/libnetlabel/netlabel_msg.c
Examining data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.h
Examining data/netlabel-tools-0.30.0/libnetlabel/netlabel_comm.c
FINAL RESULTS:
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:64:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,
data/netlabel-tools-0.30.0/netlabelctl/main.c:371:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,
data/netlabel-tools-0.30.0/netlabelctl/main.c:390:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,
data/netlabel-tools-0.30.0/netlabelctl/main.c:398:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, MSG_ERR("%s\n"), nlctl_strerror(-rc));
data/netlabel-tools-0.30.0/netlabelctl/mgmt.c:53:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(MSG("NetLabel protocols : "));
data/netlabel-tools-0.30.0/netlabelctl/main.c:332:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
arg_iter = getopt(argc, argv, "hvt:pV");
data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.c:180:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_iter->addr.addr.v4,
data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.c:188:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_iter->addr.mask.v4,
data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.c:213:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_iter->addr.addr.v6,
data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.c:221:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_iter->addr.mask.v6,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:867:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.addr.v4,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:877:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.mask.v4,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:891:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.addr.v6,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:901:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.mask.v6,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:1051:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.addr.v4,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:1061:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.mask.v4,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:1075:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.addr.v6,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:1085:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_array[addr_count].addr.mask.v6,
data/netlabel-tools-0.30.0/netlabelctl/calipso.c:63:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doi = atoi(argv[iter] + 4);
data/netlabel-tools-0.30.0/netlabelctl/calipso.c:103:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doi = atoi(argv[iter] + 4);
data/netlabel-tools-0.30.0/netlabelctl/calipso.c:232:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doi = atoi(argv[iter] + 4);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:73:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doi = atoi(argv[iter] + 4);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:85:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tags.array[tags.size++] = atoi(token_ptr);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:100:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lvls.array[lvls.size * 2] = atoi(token_ptr);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:102:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lvls.array[lvls.size * 2 + 1] = atoi(token_ptr);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:118:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cats.array[cats.size * 2] = atoi(token_ptr);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:120:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cats.array[cats.size * 2 + 1] = atoi(token_ptr);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:178:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doi = atoi(argv[iter] + 4);
data/netlabel-tools-0.30.0/netlabelctl/cipso.c:386:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
doi = atoi(argv[iter] + 4);
data/netlabel-tools-0.30.0/netlabelctl/main.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_s[80];
data/netlabel-tools-0.30.0/netlabelctl/main.c:236:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*num = atoi(str);
data/netlabel-tools-0.30.0/netlabelctl/main.c:349:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(optarg) < 0) {
data/netlabel-tools-0.30.0/netlabelctl/main.c:353:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_timeout = atoi(optarg);
data/netlabel-tools-0.30.0/netlabelctl/map.c:97:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
domain.proto.cip_doi = atoi(domain_proto_extra);
data/netlabel-tools-0.30.0/netlabelctl/map.c:102:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
domain.proto.clp_doi = atoi(domain_proto_extra);
data/netlabel-tools-0.30.0/netlabelctl/map.c:106:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int family = atoi(domain_proto_extra);
data/netlabel-tools-0.30.0/netlabelctl/unlabeled.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_p[count], addrdef_p, sizeof(*addr_p) * rc);
data/netlabel-tools-0.30.0/libnetlabel/mod_mgmt.c:1101:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dmns[dmns_count].domain, nla_data(nla),
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:847:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr_array[addr_count].dev,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:856:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr_array[addr_count].label,
data/netlabel-tools-0.30.0/libnetlabel/mod_unlabeled.c:1040:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr_array[addr_count].label,
ANALYSIS SUMMARY:
Hits = 41
Lines analyzed = 7096 in approximately 0.17 seconds (40674 lines/second)
Physical Source Lines of Code (SLOC) = 4343
Hits@level = [0] 121 [1] 4 [2] 31 [3] 1 [4] 5 [5] 0
Hits@level+ = [0+] 162 [1+] 41 [2+] 37 [3+] 6 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 37.3014 [1+] 9.44048 [2+] 8.51946 [3+] 1.38153 [4+] 1.15128 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.