Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pgdbf-0.6.2/src/pgdbf.c
Examining data/pgdbf-0.6.2/src/pgdbf.h
FINAL RESULTS:
data/pgdbf-0.6.2/src/pgdbf.c:124:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(optvalidargs, STANDARDOPTS);
data/pgdbf-0.6.2/src/pgdbf.c:212:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(
data/pgdbf-0.6.2/src/pgdbf.c:477:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename, fieldnames[i]);
data/pgdbf-0.6.2/src/pgdbf.c:485:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fieldnames[i], "%s_%d", basename, serial);
data/pgdbf-0.6.2/src/pgdbf.c:654:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(pgfields[fieldnum].formatstring, sdouble(bufoffset));
data/pgdbf-0.6.2/src/pgdbf.c:765:40: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
t = outputbuffer + sprintf(outputbuffer, "%05"PRId64, slittleint64_t(bufoffset));
data/pgdbf-0.6.2/src/pgdbf.c:134:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((opt = getopt(argc, argv, optvalidargs)) != -1) {
data/pgdbf-0.6.2/src/pgdbf.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optvalidargs[sizeof(STANDARDOPTS) + 3];
data/pgdbf-0.6.2/src/pgdbf.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*fieldnames)[MAXCOLUMNNAMESIZE];
data/pgdbf-0.6.2/src/pgdbf.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAXCOLUMNNAMESIZE];
data/pgdbf-0.6.2/src/pgdbf.c:130:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(optvalidargs, "s:");
data/pgdbf-0.6.2/src/pgdbf.c:321:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dbffile = fopen(dbffilename, "rb");
data/pgdbf-0.6.2/src/pgdbf.c:394:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
memofd = open(memofilename, O_RDONLY);
data/pgdbf-0.6.2/src/pgdbf.h:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char staticbuf[STATICBUFFERSIZE + 1];
data/pgdbf-0.6.2/src/pgdbf.h:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[XBASEFIELDNAMESIZE];
data/pgdbf-0.6.2/src/pgdbf.h:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved1[2]; /* Reserved for multi-user dBase */
data/pgdbf-0.6.2/src/pgdbf.h:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved2[7];
data/pgdbf-0.6.2/src/pgdbf.h:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextblock[4];
data/pgdbf-0.6.2/src/pgdbf.h:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved1[2];
data/pgdbf-0.6.2/src/pgdbf.h:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blocksize[2];
data/pgdbf-0.6.2/src/pgdbf.h:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved2[504];
data/pgdbf-0.6.2/src/pgdbf.h:358:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend , src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:359:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 1, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:360:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 2, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:361:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 3, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:362:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 4, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:363:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 5, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:364:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 6, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:365:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &rightend + 7, src , 1);
data/pgdbf-0.6.2/src/pgdbf.h:375:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &rightend , src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:376:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &rightend + 1, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:377:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &rightend + 2, src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:378:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &rightend + 3, src , 1); \
data/pgdbf-0.6.2/src/pgdbf.h:384:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &rightend , src--, 1); \
data/pgdbf-0.6.2/src/pgdbf.h:385:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &rightend + 1, src , 1); \
data/pgdbf-0.6.2/src/pgdbf.h:425:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output, buf, 8);
data/pgdbf-0.6.2/src/pgdbf.h:437:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output, buf, 4);
data/pgdbf-0.6.2/src/pgdbf.h:449:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output, buf, 2);
data/pgdbf-0.6.2/src/pgdbf.h:509:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output, buf, 8);
data/pgdbf-0.6.2/src/pgdbf.c:282:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tablename = malloc(strlen(dbffilename) + 1);
data/pgdbf-0.6.2/src/pgdbf.c:291:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
baretablename = malloc(strlen(dbffilename) + 1 + optusequotedtablename * 2);
data/pgdbf-0.6.2/src/pgdbf.c:298:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(s = dbffilename + strlen(dbffilename) - 1; s != dbffilename; s--) {
data/pgdbf-0.6.2/src/pgdbf.c:736:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(outputbuffer, bufoffset, fields[fieldnum].length);
ANALYSIS SUMMARY:
Hits = 43
Lines analyzed = 1351 in approximately 0.06 seconds (23952 lines/second)
Physical Source Lines of Code (SLOC) = 1041
Hits@level = [0] 59 [1] 4 [2] 32 [3] 1 [4] 6 [5] 0
Hits@level+ = [0+] 102 [1+] 43 [2+] 39 [3+] 7 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 97.9827 [1+] 41.3064 [2+] 37.464 [3+] 6.7243 [4+] 5.76369 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.