Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/rmysql-0.10.20/src/result.c
Examining data/rmysql-0.10.20/src/db-apply.c
Examining data/rmysql-0.10.20/src/connection.c
Examining data/rmysql-0.10.20/src/driver.c
Examining data/rmysql-0.10.20/src/fields.c
Examining data/rmysql-0.10.20/src/RMySQL-init.c
Examining data/rmysql-0.10.20/src/utils.c
Examining data/rmysql-0.10.20/src/RS-MySQL.h
Examining data/rmysql-0.10.20/src/exception.c
Examining data/rmysql-0.10.20/src/getopt.h
Examining data/rmysql-0.10.20/src/S4R.h
FINAL RESULTS:
data/rmysql-0.10.20/src/db-apply.c:456:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, CHAR(STRING_ELT(col, i)));
data/rmysql-0.10.20/src/utils.c:80:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(buffer, str);
data/rmysql-0.10.20/src/getopt.h:106:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *shortopts);
data/rmysql-0.10.20/src/getopt.h:108:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *optstring);
data/rmysql-0.10.20/src/getopt.h:110:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long (int argc, char *const *argv, const char *shortopts,
data/rmysql-0.10.20/src/getopt.h:122:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/rmysql-0.10.20/src/getopt.h:123:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long ();
data/rmysql-0.10.20/src/db-apply.c:257:38: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
LST_INT_EL(data,j,i) = atol(row[j]);
data/rmysql-0.10.20/src/db-apply.c:375:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/rmysql-0.10.20/src/db-apply.c:376:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void) strcpy(buf, "exhausted the pre-allocated storage. The last ");
data/rmysql-0.10.20/src/db-apply.c:377:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "output group was computed with partial data. ");
data/rmysql-0.10.20/src/db-apply.c:378:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "The remaining data were left un-read in the ");
data/rmysql-0.10.20/src/db-apply.c:379:18: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(void) strcat(buf, "result set.");
data/rmysql-0.10.20/src/db-apply.c:440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/rmysql-0.10.20/src/db-apply.c:447:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buff, "%ld", (long) LOGICAL(col)[i]);
data/rmysql-0.10.20/src/db-apply.c:450:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buff, "%ld", (long) INTEGER(col)[i]);
data/rmysql-0.10.20/src/db-apply.c:453:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf(buff, "%f", (double) REAL(col)[i]);
data/rmysql-0.10.20/src/result.c:310:42: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
LST_INT_EL(output,j,i) = (int) atol(row[j]);
data/rmysql-0.10.20/src/db-apply.c:270:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((size_t) lens[j] != strlen(row[j])){
data/rmysql-0.10.20/src/result.c:321:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((size_t) lens[j] != strlen(row[j])){
data/rmysql-0.10.20/src/utils.c:77:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (char *) malloc((size_t) strlen(str)+1);
data/rmysql-0.10.20/src/utils.c:242:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string);
ANALYSIS SUMMARY:
Hits = 22
Lines analyzed = 2349 in approximately 0.08 seconds (30636 lines/second)
Physical Source Lines of Code (SLOC) = 1667
Hits@level = [0] 0 [1] 4 [2] 11 [3] 5 [4] 2 [5] 0
Hits@level+ = [0+] 22 [1+] 22 [2+] 18 [3+] 7 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 13.1974 [1+] 13.1974 [2+] 10.7978 [3+] 4.19916 [4+] 1.19976 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.