Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/postfix-gld-1.7/cnf.c Examining data/postfix-gld-1.7/gld.h Examining data/postfix-gld-1.7/greylist.c Examining data/postfix-gld-1.7/sockets.c Examining data/postfix-gld-1.7/sockets.h Examining data/postfix-gld-1.7/sql.c Examining data/postfix-gld-1.7/server.c FINAL RESULTS: data/postfix-gld-1.7/cnf.c:74:46: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"USER")==0) strcpy(conf->user,p+1); data/postfix-gld-1.7/cnf.c:75:47: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"GROUP")==0) strcpy(conf->grp,p+1); data/postfix-gld-1.7/cnf.c:76:47: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"DNSWL")==0) strcpy(conf->dnswl,p+1); data/postfix-gld-1.7/cnf.c:77:49: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"SQLHOST")==0) strcpy(conf->sqlhost,p+1); data/postfix-gld-1.7/cnf.c:78:49: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"SQLUSER")==0) strcpy(conf->sqluser,p+1); data/postfix-gld-1.7/cnf.c:79:47: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"SQLDB")==0) strcpy(conf->sqldb,p+1); data/postfix-gld-1.7/cnf.c:80:51: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"SQLPASSWD")==0) strcpy(conf->sqlpasswd,p+1); data/postfix-gld-1.7/cnf.c:81:49: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(strcmp(buffer,"MESSAGE")==0) strcpy(conf->message,p+1); data/postfix-gld-1.7/gld.h:53:6: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. int syslog; // Shall we write to the syslog data/postfix-gld-1.7/server.c:275:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(request,buff+8); data/postfix-gld-1.7/server.c:278:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sender,buff+7); data/postfix-gld-1.7/server.c:281:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(recipient,buff+10); data/postfix-gld-1.7/server.c:284:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ip,buff+15); data/postfix-gld-1.7/sockets.c:555:14: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(ip!=NULL) strcpy(ip,(char *)inet_ntoa(*ptr)); data/postfix-gld-1.7/sockets.c:581:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fqdn,hostptr->h_name); data/postfix-gld-1.7/sockets.c:612:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fqdn,hostptr->h_name); data/postfix-gld-1.7/sockets.c:645:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ipfrom,(char *)inet_ntoa(from.sin_addr)); data/postfix-gld-1.7/sockets.c:647:24: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if(hostptr!=NULL) strcpy(hostfrom,hostptr->h_name); data/postfix-gld-1.7/cnf.c:30:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/postfix-gld-1.7/cnf.c:34:5: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fic=fopen(file,"r"); data/postfix-gld-1.7/cnf.c:39:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(conf->sqlhost,"localhost"); data/postfix-gld-1.7/cnf.c:40:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(conf->sqluser,"myuser"); data/postfix-gld-1.7/cnf.c:41:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(conf->sqldb,"mydb"); data/postfix-gld-1.7/cnf.c:42:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(conf->sqlpasswd,"mypasswd"); data/postfix-gld-1.7/cnf.c:43:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(conf->message,"Greylisted"); data/postfix-gld-1.7/cnf.c:82:57: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"PORT")==0) conf->port=atoi(p+1); data/postfix-gld-1.7/cnf.c:83:61: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"MAXCON")==0) conf->maxcon=atoi(p+1); data/postfix-gld-1.7/cnf.c:84:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"TRAINING")==0) conf->training=atoi(p+1); data/postfix-gld-1.7/cnf.c:85:60: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"MINTIME")==0) conf->mini=atol(p+1); data/postfix-gld-1.7/cnf.c:86:61: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"MXGREY")==0) conf->mxgrey=atoi(p+1); data/postfix-gld-1.7/cnf.c:87:61: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"SYSLOG")==0) conf->syslog=atoi(p+1); data/postfix-gld-1.7/cnf.c:88:64: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"ERRACCEPT")==0) conf->accept=atoi(p+1); data/postfix-gld-1.7/cnf.c:89:67: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"WHITELIST")==0) conf->whitelist=atoi(p+1); data/postfix-gld-1.7/cnf.c:90:63: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"LIGHTGREY")==0) conf->light=atoi(p+1); data/postfix-gld-1.7/cnf.c:91:69: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(strcmp(buffer,"LOOPBACKONLY")==0) conf->loopback=atoi(p+1); data/postfix-gld-1.7/cnf.c:142:54: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). conf->nets[conf->nbnet].mask=CidrMsk(atoi(y+1)); data/postfix-gld-1.7/gld.h:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dnswl[512]; // The domain to use if we do DNSWL data/postfix-gld-1.7/gld.h:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[512]; // The text we display data/postfix-gld-1.7/gld.h:64:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqlhost[128]; // SQL server data/postfix-gld-1.7/gld.h:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqluser[128]; // SQL User data/postfix-gld-1.7/gld.h:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqlpasswd[128]; // SQL password data/postfix-gld-1.7/gld.h:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqldb[128]; // SQL Database name data/postfix-gld-1.7/gld.h:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[128]; // The user we setuid to data/postfix-gld-1.7/gld.h:69:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char grp[128]; // The group we setgid to data/postfix-gld-1.7/greylist.c:7:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[QLEN]; data/postfix-gld-1.7/greylist.c:11:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char netw[32]; data/postfix-gld-1.7/greylist.c:13:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oip[32]; data/postfix-gld-1.7/greylist.c:16:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char osender[BLEN]; data/postfix-gld-1.7/greylist.c:17:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orecipient[BLEN]; data/postfix-gld-1.7/server.c:13:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[QLEN]; data/postfix-gld-1.7/server.c:118:107: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snprintf(query,sizeof(query)-1,"select count(last) from greylist where last < UNIX_TIMESTAMP()-86400*%d",atoi(argv[2])); data/postfix-gld-1.7/server.c:121:115: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snprintf(query,sizeof(query)-1,"select count(last) from greylist where last < UNIX_TIMESTAMP()-86400*%d AND n=1",atoi(argv[2])); data/postfix-gld-1.7/server.c:127:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). printf("I would clean %d entries older than %d days\n",c,atoi(argv[2])); data/postfix-gld-1.7/server.c:132:108: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(clean==1) snprintf(query,sizeof(query)-1,"delete from greylist where last < UNIX_TIMESTAMP()-86400*%d",atoi(argv[2])); data/postfix-gld-1.7/server.c:133:116: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(clean==3) snprintf(query,sizeof(query)-1,"delete from greylist where last < UNIX_TIMESTAMP()-86400*%d and n=1",atoi(argv[2])); data/postfix-gld-1.7/server.c:137:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). printf("Cleaned %d entries older than %d days\n",c,atoi(argv[2])); data/postfix-gld-1.7/server.c:191:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[BLEN]; data/postfix-gld-1.7/server.c:192:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request[BLEN]; data/postfix-gld-1.7/server.c:193:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sender[BLEN]; data/postfix-gld-1.7/server.c:194:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recipient[BLEN]; data/postfix-gld-1.7/server.c:195:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip[BLEN]; data/postfix-gld-1.7/server.c:309:18: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if(sender[0]==0) strcpy(sender,"void@void"); data/postfix-gld-1.7/server.c:345:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(cnf->message)<400 || atoi(cnf->message)>499) data/postfix-gld-1.7/server.c:345:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(cnf->message)<400 || atoi(cnf->message)>499) data/postfix-gld-1.7/server.c:352:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buff,"action=dunno\n\n"); data/postfix-gld-1.7/server.c:398:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!noclose && (fd = open("/dev/null", O_RDWR, 0)) != -1) data/postfix-gld-1.7/sockets.c:98:1: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(host_struct->h_addr, (char *)&sock_addr.sin_addr, host_struct->h_length); data/postfix-gld-1.7/sockets.c:391:1: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(host_struct->h_addr, (char *)&addr->sin_addr, host_struct->h_length); data/postfix-gld-1.7/sockets.c:640:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ipfrom,"???.???.???.???"); data/postfix-gld-1.7/sockets.c:641:1: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(hostfrom,"?????"); data/postfix-gld-1.7/sql.c:55:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char query[QLEN]; data/postfix-gld-1.7/sql.c:128:5: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ret=atol(row[0]); data/postfix-gld-1.7/sql.c:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conninfo[1024]; data/postfix-gld-1.7/sql.c:174:7: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ip = atol(PQgetvalue(result, 0, 0)); data/postfix-gld-1.7/cnf.c:71:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer[strlen(buffer)-1]=0; data/postfix-gld-1.7/greylist.c:22:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(oip,ip,sizeof(oip)-1); data/postfix-gld-1.7/greylist.c:23:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(osender,sender,sizeof(osender)-1); data/postfix-gld-1.7/greylist.c:24:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(orecipient,recipient,sizeof(orecipient)-1); data/postfix-gld-1.7/greylist.c:34:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l=strlen(ip); data/postfix-gld-1.7/greylist.c:99:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(netw,oip,sizeof(netw)-1); data/postfix-gld-1.7/greylist.c:100:4: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l=strlen(netw); data/postfix-gld-1.7/server.c:355:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). WriteSocket(s,buff,strlen(buff),TOUT); data/postfix-gld-1.7/sockets.c:328:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((ntot=strlen(line))==0) return(-4); data/postfix-gld-1.7/sockets.c:342:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((nbytes=send(s,line,strlen(line),0)) < 0) return(S_SEND_ERR); data/postfix-gld-1.7/sql.c:81:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l=strlen(str); ANALYSIS SUMMARY: Hits = 85 Lines analyzed = 1938 in approximately 0.07 seconds (26761 lines/second) Physical Source Lines of Code (SLOC) = 1165 Hits@level = [0] 79 [1] 11 [2] 56 [3] 0 [4] 18 [5] 0 Hits@level+ = [0+] 164 [1+] 85 [2+] 74 [3+] 18 [4+] 18 [5+] 0 Hits/KSLOC@level+ = [0+] 140.773 [1+] 72.9614 [2+] 63.5193 [3+] 15.4506 [4+] 15.4506 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.