Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/netstat-nat-1.4.10/netstat-nat.c Examining data/netstat-nat-1.4.10/netstat-nat.h FINAL RESULTS: data/netstat-nat-1.4.10/netstat-nat.c:734:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gen_buffer, split); data/netstat-nat-1.4.10/netstat-nat.c:230:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, args)) != -1) { data/netstat-nat-1.4.10/netstat-nat.c:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip[16]; data/netstat-nat-1.4.10/netstat-nat.c:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dev[16]; data/netstat-nat-1.4.10/netstat-nat.c:185:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char SRC_IP[50]; data/netstat-nat-1.4.10/netstat-nat.c:186:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char DST_IP[50]; data/netstat-nat-1.4.10/netstat-nat.c:191:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char PROTOCOL[4]; data/netstat-nat-1.4.10/netstat-nat.c:206:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[350]; data/netstat-nat-1.4.10/netstat-nat.c:207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char src[50]; data/netstat-nat-1.4.10/netstat-nat.c:208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dst[50]; data/netstat-nat-1.4.10/netstat-nat.c:209:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[50]; data/netstat-nat-1.4.10/netstat-nat.c:210:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/netstat-nat-1.4.10/netstat-nat.c:211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[100]; data/netstat-nat-1.4.10/netstat-nat.c:212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char from[50] = "NATed Address"; data/netstat-nat-1.4.10/netstat-nat.c:213:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nathost[50] = "NAT-host Address"; data/netstat-nat-1.4.10/netstat-nat.c:214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dest[50] = "Destination Address"; data/netstat-nat-1.4.10/netstat-nat.c:346:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(NF_CONNTRACK_LOCATION, "r")) == NULL) { data/netstat-nat-1.4.10/netstat-nat.c:347:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(IP_CONNTRACK_LOCATION, "r")) == NULL) { data/netstat-nat-1.4.10/netstat-nat.c:527:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char protocol_name[11] = ""; data/netstat-nat-1.4.10/netstat-nat.c:528:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char protocol_raw[6] = ""; data/netstat-nat-1.4.10/netstat-nat.c:531:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(protocol, "tcp", 3); data/netstat-nat-1.4.10/netstat-nat.c:534:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(protocol, "udp", 3); data/netstat-nat-1.4.10/netstat-nat.c:537:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(protocol, "icmp", 4); data/netstat-nat-1.4.10/netstat-nat.c:550:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). protocol_nr = atoi(protocol_raw); data/netstat-nat-1.4.10/netstat-nat.c:552:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(protocol, protocol_name, 5); data/netstat-nat-1.4.10/netstat-nat.c:566:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "ESTABLISHED", 11); data/netstat-nat-1.4.10/netstat-nat.c:569:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "TIME_WAIT", 9); data/netstat-nat-1.4.10/netstat-nat.c:572:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "FIN_WAIT", 8); data/netstat-nat-1.4.10/netstat-nat.c:575:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "SYN_RECV", 8); data/netstat-nat-1.4.10/netstat-nat.c:578:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "SYN_SENT", 8); data/netstat-nat-1.4.10/netstat-nat.c:581:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "UNREPLIED", 9); data/netstat-nat-1.4.10/netstat-nat.c:584:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "CLOSE", 5); data/netstat-nat-1.4.10/netstat-nat.c:587:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "ASSURED", 7); data/netstat-nat-1.4.10/netstat-nat.c:591:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, "UNREPLIED", 9); data/netstat-nat-1.4.10/netstat-nat.c:594:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state, " ", 1); data/netstat-nat-1.4.10/netstat-nat.c:604:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcip_f[16] = ""; data/netstat-nat-1.4.10/netstat-nat.c:605:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstip_f[16] = ""; data/netstat-nat-1.4.10/netstat-nat.c:606:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcip_s[16] = ""; data/netstat-nat-1.4.10/netstat-nat.c:607:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstip_s[16] = ""; data/netstat-nat-1.4.10/netstat-nat.c:608:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcport[6] = ""; data/netstat-nat-1.4.10/netstat-nat.c:609:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstport[6] = ""; data/netstat-nat-1.4.10/netstat-nat.c:610:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcport_s[6] = ""; data/netstat-nat-1.4.10/netstat-nat.c:611:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstport_s[6] = ""; data/netstat-nat-1.4.10/netstat-nat.c:612:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char protocol[5] = ""; data/netstat-nat-1.4.10/netstat-nat.c:613:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char state[12] = ""; data/netstat-nat-1.4.10/netstat-nat.c:714:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf_port[10]; data/netstat-nat-1.4.10/netstat-nat.c:720:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). portnr = htons(atoi(buf_port)); data/netstat-nat-1.4.10/netstat-nat.c:943:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, &line[i + searchLen], j - i - searchLen); data/netstat-nat-1.4.10/netstat-nat.c:978:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, &line[i + searchLen], j - i - searchLen); data/netstat-nat-1.4.10/netstat-nat.c:986:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strconvers[10] = ""; data/netstat-nat-1.4.10/netstat-nat.c:989:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(protocol_name, proto_struct->p_name, 5); data/netstat-nat-1.4.10/netstat-nat.c:993:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(protocol_name, strconvers, 5); data/netstat-nat-1.4.10/netstat-nat.c:380:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(line) > 0) { data/netstat-nat-1.4.10/netstat-nat.c:433:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(pa[index][3]) > 0 || strlen(pa[index][4]) > 0 || strlen(pa[index][7]) > 0) { data/netstat-nat-1.4.10/netstat-nat.c:433:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(pa[index][3]) > 0 || strlen(pa[index][4]) > 0 || strlen(pa[index][7]) > 0) { data/netstat-nat-1.4.10/netstat-nat.c:433:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(pa[index][3]) > 0 || strlen(pa[index][4]) > 0 || strlen(pa[index][7]) > 0) { data/netstat-nat-1.4.10/netstat-nat.c:441:6: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf, pa[index][1], 29 - strlen(pa[index][3])); data/netstat-nat-1.4.10/netstat-nat.c:441:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(buf, pa[index][1], 29 - strlen(pa[index][3])); data/netstat-nat-1.4.10/netstat-nat.c:450:6: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf, pa[index][2], 29 - strlen(pa[index][4])); data/netstat-nat-1.4.10/netstat-nat.c:450:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(buf, pa[index][2], 29 - strlen(pa[index][4])); data/netstat-nat-1.4.10/netstat-nat.c:460:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf, pa[index][6], 29 - strlen(pa[index][7])); data/netstat-nat-1.4.10/netstat-nat.c:460:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(buf, pa[index][6], 29 - strlen(pa[index][7])); data/netstat-nat-1.4.10/netstat-nat.c:471:6: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf, pa[index][1], 39 - strlen(pa[index][3])); data/netstat-nat-1.4.10/netstat-nat.c:471:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(buf, pa[index][1], 39 - strlen(pa[index][3])); data/netstat-nat-1.4.10/netstat-nat.c:480:6: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf, pa[index][2], 39 - strlen(pa[index][4])); data/netstat-nat-1.4.10/netstat-nat.c:480:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(buf, pa[index][2], 39 - strlen(pa[index][4])); data/netstat-nat-1.4.10/netstat-nat.c:490:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf, pa[index][6], 39 - strlen(pa[index][7])); data/netstat-nat-1.4.10/netstat-nat.c:490:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat(buf, pa[index][6], 39 - strlen(pa[index][7])); data/netstat-nat-1.4.10/netstat-nat.c:541:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(line); i++ ) { data/netstat-nat-1.4.10/netstat-nat.c:544:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j = i; j < strlen(line); j++) { data/netstat-nat-1.4.10/netstat-nat.c:548:21: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(protocol_raw, &line[j], 1); data/netstat-nat-1.4.10/netstat-nat.c:856:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(new->ip, ip, 15); data/netstat-nat-1.4.10/netstat-nat.c:857:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(new->dev, dev, 15); data/netstat-nat-1.4.10/netstat-nat.c:904:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). searchLen = strlen(search); data/netstat-nat-1.4.10/netstat-nat.c:905:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (searchLen > strlen(string)) { data/netstat-nat-1.4.10/netstat-nat.c:908:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 0; i < strlen(string) - searchLen + 1; i++) { data/netstat-nat-1.4.10/netstat-nat.c:924:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineLen = strlen(line); data/netstat-nat-1.4.10/netstat-nat.c:925:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). searchLen = strlen(search); data/netstat-nat-1.4.10/netstat-nat.c:956:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineLen = strlen(line); data/netstat-nat-1.4.10/netstat-nat.c:957:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). searchLen = strlen(search); data/netstat-nat-1.4.10/netstat-nat.h:69:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst, src, (dst_size - 1)); ANALYSIS SUMMARY: Hits = 81 Lines analyzed = 1092 in approximately 0.05 seconds (23693 lines/second) Physical Source Lines of Code (SLOC) = 949 Hits@level = [0] 54 [1] 29 [2] 50 [3] 1 [4] 1 [5] 0 Hits@level+ = [0+] 135 [1+] 81 [2+] 52 [3+] 2 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 142.255 [1+] 85.353 [2+] 54.7945 [3+] 2.10748 [4+] 1.05374 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.