Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/obexfs-0.11/fuse/obexautofs.c
Examining data/obexfs-0.11/fuse/obexfs.c
FINAL RESULTS:
data/obexfs-0.11/fuse/obexautofs.c:769:2: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
readlink: ofs_readlink,
data/obexfs-0.11/fuse/obexautofs.c:781:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod: NULL,
data/obexfs-0.11/fuse/obexautofs.c:782:2: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chown: NULL,
data/obexfs-0.11/fuse/obexfs.c:471:2: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
readlink: NULL,
data/obexfs-0.11/fuse/obexfs.c:483:2: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod: NULL,
data/obexfs-0.11/fuse/obexfs.c:484:2: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chown: NULL,
data/obexfs-0.11/fuse/obexautofs.c:57:20: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG(...) fprintf(stderr, __VA_ARGS__)
data/obexfs-0.11/fuse/obexautofs.c:415:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(link, conn->addr);
data/obexfs-0.11/fuse/obexfs.c:52:20: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG(...) fprintf(stderr, __VA_ARGS__)
data/obexfs-0.11/fuse/obexautofs.c:814:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "+IBUt:Nh",
data/obexfs-0.11/fuse/obexfs.c:520:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "+ib:B:u:t:n:Nh",
data/obexfs-0.11/fuse/obexautofs.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[25], *p;
data/obexfs-0.11/fuse/obexautofs.c:98:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "usb");
data/obexfs-0.11/fuse/obexautofs.c:103:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DEBUG("Found %s (%d), %s\n", name, atoi(*dev), *dev);
data/obexfs-0.11/fuse/obexautofs.c:120:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conn->channel = atoi(*dev);
data/obexfs-0.11/fuse/obexautofs.c:628:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, wb->data + offset, actual);
data/obexfs-0.11/fuse/obexautofs.c:658:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(&wb->data[offset], buf, size);
data/obexfs-0.11/fuse/obexautofs.c:785:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open: ofs_open,
data/obexfs-0.11/fuse/obexfs.c:355:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, wb->data + offset, actual);
data/obexfs-0.11/fuse/obexfs.c:385:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(&wb->data[offset], buf, size);
data/obexfs-0.11/fuse/obexfs.c:487:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open: ofs_open,
data/obexfs-0.11/fuse/obexfs.c:540:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
channel = atoi(optarg);
data/obexfs-0.11/fuse/obexfs.c:548:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
channel = atoi(optarg);
data/obexfs-0.11/fuse/obexautofs.c:99:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&name[3], *dev, sizeof(name)-4);
data/obexfs-0.11/fuse/obexautofs.c:314:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(path);
data/obexfs-0.11/fuse/obexautofs.c:786:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read: ofs_read,
data/obexfs-0.11/fuse/obexfs.c:488:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read: ofs_read,
ANALYSIS SUMMARY:
Hits = 27
Lines analyzed = 1503 in approximately 0.06 seconds (26981 lines/second)
Physical Source Lines of Code (SLOC) = 1108
Hits@level = [0] 15 [1] 4 [2] 12 [3] 2 [4] 3 [5] 6
Hits@level+ = [0+] 42 [1+] 27 [2+] 23 [3+] 11 [4+] 9 [5+] 6
Hits/KSLOC@level+ = [0+] 37.9061 [1+] 24.3682 [2+] 20.7581 [3+] 9.9278 [4+] 8.12274 [5+] 5.41516
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.