Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/qperf-0.4.11/src/qperf.c
Examining data/qperf-0.4.11/src/qperf.h
Examining data/qperf-0.4.11/src/rdma.c
Examining data/qperf-0.4.11/src/rds.c
Examining data/qperf-0.4.11/src/socket.c
Examining data/qperf-0.4.11/src/support.c
FINAL RESULTS:
data/qperf-0.4.11/src/qperf.c:1246:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->ptr, s);
data/qperf-0.4.11/src/qperf.c:2217:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
view_time('d', "", "l_timer_system", system);
data/qperf-0.4.11/src/qperf.c:2264:47: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
view_time('d', "", "r_timer_system", system);
data/qperf-0.4.11/src/support.c:547:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
p += vsnprintf(p, q-p, fmt, alist);
data/qperf-0.4.11/src/support.c:659:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, alist);
data/qperf-0.4.11/src/rdma.c:2125:22: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dev->lnode.psn = lrand48() & 0xffffff;
data/qperf-0.4.11/src/qperf.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[STRSIZE]; /* Node */
data/qperf-0.4.11/src/qperf.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu[STRSIZE]; /* CPU */
data/qperf-0.4.11/src/qperf.c:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os[STRSIZE]; /* Operating System */
data/qperf-0.4.11/src/qperf.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qperf[STRSIZE]; /* Qperf version */
data/qperf-0.4.11/src/qperf.c:622:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ProcStatFD = open("/proc/stat", 0);
data/qperf-0.4.11/src/qperf.c:782:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/qperf-0.4.11/src/qperf.c:783:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[2] = {loop->option->name, buf};
data/qperf-0.4.11/src/qperf.c:1528:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ServerAddr, a->ai_addr, ServerAddrLen);
data/qperf-0.4.11/src/qperf.c:1670:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char count[STRSIZE];
data/qperf-0.4.11/src/qperf.c:1671:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char speed[STRSIZE];
data/qperf-0.4.11/src/qperf.c:1672:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/qperf-0.4.11/src/qperf.c:1673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu[BUFSIZE];
data/qperf-0.4.11/src/qperf.c:1674:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mhz[BUFSIZE];
data/qperf-0.4.11/src/qperf.c:1677:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("/proc/cpuinfo", "r");
data/qperf-0.4.11/src/qperf.c:1742:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int freq = atoi(q);
data/qperf-0.4.11/src/qperf.c:1781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/qperf-0.4.11/src/qperf.c:2780:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/qperf-0.4.11/src/qperf.h:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[STRSIZE]; /* Identifier */
data/qperf-0.4.11/src/qperf.h:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char static_rate[STRSIZE]; /* Static rate */
data/qperf-0.4.11/src/rdma.c:1953:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg1[64];
data/qperf-0.4.11/src/rdma.c:1954:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg2[64];
data/qperf-0.4.11/src/rdma.c:2027:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(p);
data/qperf-0.4.11/src/rds.c:67:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("/proc/sys/net/rds/pf_rds", "r")) != NULL) {
data/qperf-0.4.11/src/rds.c:299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lhost[NI_MAXHOST];
data/qperf-0.4.11/src/rds.c:300:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rhost[NI_MAXHOST];
data/qperf-0.4.11/src/rds.c:441:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, ailist->ai_addr, ailist->ai_addrlen);
data/qperf-0.4.11/src/rds.c:447:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sap6, ailist->ai_addr, ailist->ai_addrlen);
data/qperf-0.4.11/src/rds.c:488:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, aip->ai_addr, aip->ai_addrlen);
data/qperf-0.4.11/src/rds.c:502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[NI_MAXSERV];
data/qperf-0.4.11/src/rds.c:509:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(p);
data/qperf-0.4.11/src/socket.c:751:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[NI_MAXSERV];
data/qperf-0.4.11/src/socket.c:759:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(p);
data/qperf-0.4.11/src/support.c:109:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(EncodePtr, s, n);
data/qperf-0.4.11/src/support.c:120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, DecodePtr, n);
data/qperf-0.4.11/src/support.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[64];
data/qperf-0.4.11/src/support.c:422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/qperf-0.4.11/src/support.c:506:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/qperf-0.4.11/src/support.c:540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/qperf-0.4.11/src/support.c:625:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, str, n);
data/qperf-0.4.11/src/support.c:641:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(--p-n, s, n);
data/qperf-0.4.11/src/qperf.c:1244:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) >= STRSIZE)
data/qperf-0.4.11/src/qperf.c:1684:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(buf);
data/qperf-0.4.11/src/qperf.c:1704:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/qperf-0.4.11/src/qperf.c:1738:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(cpu);
data/qperf-0.4.11/src/qperf.c:1784:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(RemoteFD, buf, sizeof(buf));
data/qperf-0.4.11/src/qperf.c:2530:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &data[strlen(data)];
data/qperf-0.4.11/src/qperf.c:2574:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (show->pref ? strlen(show->pref) : 0) + strlen(show->name);
data/qperf-0.4.11/src/qperf.c:2574:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = (show->pref ? strlen(show->pref) : 0) + strlen(show->name);
data/qperf-0.4.11/src/qperf.c:2577:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(show->data);
data/qperf-0.4.11/src/qperf.c:2581:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(show->unit);
data/qperf-0.4.11/src/qperf.c:2594:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(show->pref);
data/qperf-0.4.11/src/qperf.c:2786:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(ProcStatFD, buf, sizeof(buf)-1);
data/qperf-0.4.11/src/qperf.c:2825:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dataLen = strlen(data);
data/qperf-0.4.11/src/qperf.c:2864:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(d, s, n);
data/qperf-0.4.11/src/rdma.c:1979:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(data, rdma_event_str(event), size);
data/qperf-0.4.11/src/rds.c:168:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = read(sockfd, buf, Req.msg_size);
data/qperf-0.4.11/src/rds.c:213:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(sockfd, buf, Req.msg_size);
data/qperf-0.4.11/src/socket.c:500:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(sockFD, buf, Req.msg_size);
data/qperf-0.4.11/src/socket.c:798:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int i = read(fd, ptr, n);
data/qperf-0.4.11/src/support.c:249:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(msg);
data/qperf-0.4.11/src/support.c:262:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(msg);
data/qperf-0.4.11/src/support.c:313:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
func = (IO *)read;
data/qperf-0.4.11/src/support.c:472:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(RemoteFD, p, q-p);
data/qperf-0.4.11/src/support.c:476:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = read(RemoteFD, p, q-p);
data/qperf-0.4.11/src/support.c:563:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(RemoteFD, buffer, sizeof(buffer)) > 0)
data/qperf-0.4.11/src/support.c:620:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(str);
data/qperf-0.4.11/src/support.c:640:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(s);
ANALYSIS SUMMARY:
Hits = 73
Lines analyzed = 7905 in approximately 0.18 seconds (44820 lines/second)
Physical Source Lines of Code (SLOC) = 5593
Hits@level = [0] 24 [1] 27 [2] 40 [3] 1 [4] 5 [5] 0
Hits@level+ = [0+] 97 [1+] 73 [2+] 46 [3+] 6 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 17.3431 [1+] 13.052 [2+] 8.22457 [3+] 1.07277 [4+] 0.893975 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.