Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/prefix-1.2.9/prefix.c
FINAL RESULTS:
data/prefix-1.2.9/prefix.c:770:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "%s[%c-%c]", pr->prefix, pr->first, pr->last);
data/prefix-1.2.9/prefix.c:774:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "%s", pr->prefix);
data/prefix-1.2.9/prefix.c:1336:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cut = (random() % 2) ? (cut - lower_dist) : (cut + upper_dist);
data/prefix-1.2.9/prefix.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[1]; /* this is a varlena structure, data follows */
data/prefix-1.2.9/prefix.c:128:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, a, i);
data/prefix-1.2.9/prefix.c:143:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pr->prefix, prefix, s);
data/prefix-1.2.9/prefix.c:172:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefix, pr->prefix, s-2);
data/prefix-1.2.9/prefix.c:207:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pr->prefix, str, len);
data/prefix-1.2.9/prefix.c:372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(VARDATA(vdat), pr, (size - VARHDRSZ));
data/prefix-1.2.9/prefix.c:141:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int s = strlen(prefix) + 1;
data/prefix-1.2.9/prefix.c:170:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int s = strlen(pr->prefix)+2;
data/prefix-1.2.9/prefix.c:206:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pr->prefix);
data/prefix-1.2.9/prefix.c:224:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *prefix = (char *)palloc(strlen(str)+1);
data/prefix-1.2.9/prefix.c:231:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bzero(prefix, strlen(str)+1);
data/prefix-1.2.9/prefix.c:369:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = sizeof(prefix_range) + ((strlen(pr->prefix)+1)*sizeof(char)) + VARHDRSZ;
data/prefix-1.2.9/prefix.c:400:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(pr->prefix);
data/prefix-1.2.9/prefix.c:410:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sa = strlen(a->prefix);
data/prefix-1.2.9/prefix.c:411:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sb = strlen(b->prefix);
data/prefix-1.2.9/prefix.c:437:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int alen = strlen(a->prefix);
data/prefix-1.2.9/prefix.c:438:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int blen = strlen(b->prefix);
data/prefix-1.2.9/prefix.c:514:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = strlen(left->prefix);
data/prefix-1.2.9/prefix.c:515:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sr = strlen(right->prefix);
data/prefix-1.2.9/prefix.c:538:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plen = strlen(pr->prefix);
data/prefix-1.2.9/prefix.c:561:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int alen = strlen(a->prefix);
data/prefix-1.2.9/prefix.c:562:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int blen = strlen(b->prefix);
data/prefix-1.2.9/prefix.c:575:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gplen = strlen(gp);
data/prefix-1.2.9/prefix.c:633:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int alen = strlen(a->prefix);
data/prefix-1.2.9/prefix.c:634:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int blen = strlen(b->prefix);
data/prefix-1.2.9/prefix.c:646:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gplen = strlen(gp);
data/prefix-1.2.9/prefix.c:706:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(inter->prefix) > 0 || (inter->first != 0 && inter->last != 0);
data/prefix-1.2.9/prefix.c:726:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int flen = t_first == NULL ? 0 : strlen(c_first);
data/prefix-1.2.9/prefix.c:727:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int llen = t_last == NULL ? 0 : strlen(c_last);
data/prefix-1.2.9/prefix.c:769:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = (char *)palloc((strlen(pr->prefix)+6) * sizeof(char));
data/prefix-1.2.9/prefix.c:773:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = (char *)palloc((strlen(pr->prefix)+1) * sizeof(char));
data/prefix-1.2.9/prefix.c:1104:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
olen = strlen(orig->prefix);
data/prefix-1.2.9/prefix.c:1105:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nlen = strlen(new->prefix);
data/prefix-1.2.9/prefix.c:1107:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gplen = strlen(gp);
data/prefix-1.2.9/prefix.c:1306:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmp_union->prefix) == 0 )
data/prefix-1.2.9/prefix.c:1319:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmp_union->prefix) == 0 )
data/prefix-1.2.9/prefix.c:1448:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gplen = strlen(gp->prefix);
data/prefix-1.2.9/prefix.c:1701:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmp_union->prefix) > 0 ) {
ANALYSIS SUMMARY:
Hits = 41
Lines analyzed = 1878 in approximately 0.07 seconds (26888 lines/second)
Physical Source Lines of Code (SLOC) = 1312
Hits@level = [0] 0 [1] 32 [2] 6 [3] 1 [4] 2 [5] 0
Hits@level+ = [0+] 41 [1+] 41 [2+] 9 [3+] 3 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 31.25 [1+] 31.25 [2+] 6.85976 [3+] 2.28659 [4+] 1.52439 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.