Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nfacct-1.0.2/src/nfacct.c
Examining data/nfacct-1.0.2/include/linux/netfilter/nfnetlink_acct.h
Examining data/nfacct-1.0.2/include/linux/netfilter/nfnetlink.h
FINAL RESULTS:
data/nfacct-1.0.2/src/nfacct.c:628:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(version_msg, VERSION);
data/nfacct-1.0.2/src/nfacct.c:649:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(help_msg, VERSION, argv[0]);
data/nfacct-1.0.2/src/nfacct.c:672:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
ret = sscanf(buffer,
data/nfacct-1.0.2/src/nfacct.c:682:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
ret = sscanf(buffer, "{ pkts = %"PRIu64", "
data/nfacct-1.0.2/src/nfacct.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/nfacct-1.0.2/src/nfacct.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/nfacct-1.0.2/src/nfacct.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/nfacct-1.0.2/src/nfacct.c:423:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/nfacct-1.0.2/src/nfacct.c:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/nfacct-1.0.2/src/nfacct.c:569:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/nfacct-1.0.2/src/nfacct.c:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[512], mode[512], buffer[512];
data/nfacct-1.0.2/src/nfacct.c:707:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MNL_SOCKET_BUFFER_SIZE];
data/nfacct-1.0.2/src/nfacct.c:83:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(argv[1], "list", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:85:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "add", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:87:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "delete", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:89:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "get", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:91:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "flush", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:93:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "version", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:95:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "help", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:97:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "restore", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:99:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(argv[1], "monitor", strlen(argv[1])) == 0)
data/nfacct-1.0.2/src/nfacct.c:226:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(argv[i], "reset", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:230:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "xml", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:234:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "json", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:238:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "counters", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:243:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "bytes-quota", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:248:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "pkts-quota", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:253:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "overquota", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:502:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(argv[i], "reset", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:504:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "xml", strlen(argv[i])) == 0) {
data/nfacct-1.0.2/src/nfacct.c:506:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(argv[i], "json", strlen(argv[i])) == 0) {
ANALYSIS SUMMARY:
Hits = 31
Lines analyzed = 849 in approximately 0.04 seconds (19081 lines/second)
Physical Source Lines of Code (SLOC) = 714
Hits@level = [0] 12 [1] 19 [2] 8 [3] 0 [4] 4 [5] 0
Hits@level+ = [0+] 43 [1+] 31 [2+] 12 [3+] 4 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 60.2241 [1+] 43.4174 [2+] 16.8067 [3+] 5.60224 [4+] 5.60224 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.