stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/perforate-1.2/zum.c

FINAL RESULTS:

data/perforate-1.2/zum.c:206:3:  [5] (race) chown:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchown( ) instead.
  chown(file, st.st_uid, st.st_gid);
data/perforate-1.2/zum.c:207:6:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
  if(chmod(file, st.st_mode) < 0)
data/perforate-1.2/zum.c:158:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(dest, "%s%s", file, suffix);
data/perforate-1.2/zum.c:145:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if((fds = open(file, O_RDONLY)) < 0 || lstat(file, &st) < 0) {
data/perforate-1.2/zum.c:159:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if((fdd = open(dest, O_RDWR|O_CREAT|O_EXCL, 0600)) < 0) {
data/perforate-1.2/zum.c:191:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if((fds = open(file, O_RDWR)) < 0) {
data/perforate-1.2/zum.c:62:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  while(ret != NULL && (*lineptr)[strlen (*lineptr) - 1] != '\n')
data/perforate-1.2/zum.c:67:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ret = fgets(*lineptr + strlen (*lineptr), GETLINE_CHUNK_SIZE, stream);
data/perforate-1.2/zum.c:70:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  return (ret ? strlen (*lineptr) : -1);
data/perforate-1.2/zum.c:157:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  dest = alloca(strlen(file) + sizeof(suffix));

ANALYSIS SUMMARY:

Hits = 10
Lines analyzed = 235 in approximately 0.01 seconds (16021 lines/second)
Physical Source Lines of Code (SLOC) = 178
Hits@level = [0]   2 [1]   4 [2]   3 [3]   0 [4]   1 [5]   2
Hits@level+ = [0+]  12 [1+]  10 [2+]   6 [3+]   3 [4+]   3 [5+]   2
Hits/KSLOC@level+ = [0+] 67.4157 [1+] 56.1798 [2+] 33.7079 [3+] 16.8539 [4+] 16.8539 [5+] 11.236
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.