Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nwipe-0.28/src/context.h
Examining data/nwipe-0.28/src/device.c
Examining data/nwipe-0.28/src/device.h
Examining data/nwipe-0.28/src/gui.c
Examining data/nwipe-0.28/src/gui.h
Examining data/nwipe-0.28/src/isaac_rand/isaac_rand.c
Examining data/nwipe-0.28/src/isaac_rand/isaac_rand.h
Examining data/nwipe-0.28/src/isaac_rand/isaac_standard.h
Examining data/nwipe-0.28/src/logging.c
Examining data/nwipe-0.28/src/logging.h
Examining data/nwipe-0.28/src/method.c
Examining data/nwipe-0.28/src/method.h
Examining data/nwipe-0.28/src/mt19937ar-cok/mt19937ar-cok.c
Examining data/nwipe-0.28/src/mt19937ar-cok/mt19937ar-cok.h
Examining data/nwipe-0.28/src/nwipe.c
Examining data/nwipe-0.28/src/nwipe.h
Examining data/nwipe-0.28/src/options.c
Examining data/nwipe-0.28/src/options.h
Examining data/nwipe-0.28/src/pass.c
Examining data/nwipe-0.28/src/pass.h
Examining data/nwipe-0.28/src/prng.c
Examining data/nwipe-0.28/src/prng.h
Examining data/nwipe-0.28/src/version.c
Examining data/nwipe-0.28/src/version.h
FINAL RESULTS:
data/nwipe-0.28/src/logging.c:213:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf( message_buffer + line_current_pos, MAX_LOG_LINE_CHARS - line_current_pos - 1, format, ap );
data/nwipe-0.28/src/logging.c:278:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( log_lines[log_current_element], message_buffer );
data/nwipe-0.28/src/logging.c:442:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( cmd, dmidecode_command, &dmidecode_keywords[keywords_idx][0] );
data/nwipe-0.28/src/logging.c:443:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen( cmd, "r" );
data/nwipe-0.28/src/options.c:128:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
nwipe_opt = getopt_long( argc, argv, nwipe_options_short, nwipe_options_long, &i );
data/nwipe-0.28/src/context.h:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_label[NWIPE_DEVICE_LABEL_LENGTH]; // The label (name, model, size and serial) of the device.
data/nwipe-0.28/src/context.h:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_serial_no[21]; // Serial number(processed, 20 characters plus null termination) of the device.
data/nwipe-0.28/src/device.c:158:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( ( fd = open( next_device->device_name = dev->path, O_RDONLY ) ) == ERR )
data/nwipe-0.28/src/gui.c:2021:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nwipe_fp = fopen( NWIPE_KNOB_LOADAVG, "r" );
data/nwipe-0.28/src/gui.c:2578:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char finish_message[NWIPE_GUI_FOOTER_W];
data/nwipe-0.28/src/logging.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_buffer[MAX_LOG_LINE_CHARS * sizeof( char )];
data/nwipe-0.28/src/logging.c:314:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( nwipe_options.logfile, "a" );
data/nwipe-0.28/src/logging.c:397:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/nwipe-0.28/src/logging.c:433:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[sizeof( dmidecode_keywords ) + sizeof( dmidecode_command )];
data/nwipe-0.28/src/method.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zerofill[1] = {'\x00'};
data/nwipe-0.28/src/method.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dod[7];
data/nwipe-0.28/src/method.c:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dod[3];
data/nwipe-0.28/src/method.c:599:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is5enh[3] = {'\x00', '\xFF', '\x00'};
data/nwipe-0.28/src/nwipe.c:124:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nwipe_entropy = open( NWIPE_KNOB_ENTROPY, O_RDONLY );
data/nwipe-0.28/src/nwipe.c:268:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
c2[i]->device_fd = open( c2[i]->device_name, O_RDWR );
data/nwipe-0.28/src/options.h:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile[FILENAME_MAX]; // The filename to log the output to.
data/nwipe-0.28/src/options.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exclude[MAX_NUMBER_EXCLUDED_DRIVES][MAX_DRIVE_PATH_LENGTH]; // Drives excluded from the search.
data/nwipe-0.28/src/pass.c:491:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( q, pattern->s, pattern->length );
data/nwipe-0.28/src/pass.c:686:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( p, pattern->s, pattern->length );
data/nwipe-0.28/src/prng.c:127:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( isaac_state->randrsl, seed->s, count );
data/nwipe-0.28/src/device.c:181:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( (const char*) next_device->device_serial_no ) )
data/nwipe-0.28/src/device.c:227:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( str );
data/nwipe-0.28/src/gui.c:161:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int margin = ( wx - strlen( s ) );
data/nwipe-0.28/src/gui.c:2560:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mvwprintw( stats_window, 0, ( NWIPE_GUI_STATS_W - strlen( stats_title ) ) / 2, "%s", stats_title );
data/nwipe-0.28/src/logging.c:262:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message_buffer_length = strlen( message_buffer ) * sizeof( char );
data/nwipe-0.28/src/logging.c:453:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( path );
data/nwipe-0.28/src/method.c:197:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->entropy_fd, &dod, sizeof( dod ) );
data/nwipe-0.28/src/method.c:262:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->entropy_fd, &dod, sizeof( dod ) );
data/nwipe-0.28/src/method.c:368:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->entropy_fd, &s, sizeof( s ) );
data/nwipe-0.28/src/method.c:513:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->entropy_fd, s, u );
data/nwipe-0.28/src/method.c:810:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->entropy_fd, c->prng_seed.s, c->prng_seed.length );
data/nwipe-0.28/src/method.c:903:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->entropy_fd, c->prng_seed.s, c->prng_seed.length );
data/nwipe-0.28/src/nwipe.c:308:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( (const char*) c2[i]->device_serial_no ) )
data/nwipe-0.28/src/options.c:267:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nwipe_options.logfile[strlen( optarg )] = '\0';
data/nwipe-0.28/src/options.c:268:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( nwipe_options.logfile, optarg, sizeof( nwipe_options.logfile ) );
data/nwipe-0.28/src/pass.c:157:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c->prng->read( &c->prng_state, d, blocksize );
data/nwipe-0.28/src/pass.c:160:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->device_fd, b, blocksize );
data/nwipe-0.28/src/pass.c:318:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c->prng->read( &c->prng_state, b, blocksize );
data/nwipe-0.28/src/pass.c:553:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read( c->device_fd, b, blocksize );
data/nwipe-0.28/src/prng.h:43:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nwipe_prng_read_t read; // Read data from the prng.
ANALYSIS SUMMARY:
Hits = 45
Lines analyzed = 7895 in approximately 0.21 seconds (37673 lines/second)
Physical Source Lines of Code (SLOC) = 4864
Hits@level = [0] 53 [1] 20 [2] 20 [3] 1 [4] 4 [5] 0
Hits@level+ = [0+] 98 [1+] 45 [2+] 25 [3+] 5 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 20.148 [1+] 9.25164 [2+] 5.1398 [3+] 1.02796 [4+] 0.822368 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.