Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/rtkit-0.13/rtkit-daemon.c
Examining data/rtkit-0.13/rtkit.h
Examining data/rtkit-0.13/xml-introspection.h
Examining data/rtkit-0.13/rtkit-test.c
Examining data/rtkit-0.13/rtkit.c
Examining data/rtkit-0.13/rtkitctl.c
FINAL RESULTS:
data/rtkit-0.13/rtkit-daemon.c:253:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(p, " "
data/rtkit-0.13/rtkit-daemon.c:619:21: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(line + 20, "%s %s", soft, hard) != 2) {
data/rtkit-0.13/rtkit-daemon.c:1713:21: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (chroot("/proc") < 0 ||
data/rtkit-0.13/rtkit-daemon.c:1986:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "h", long_options, NULL)) >= 0) {
data/rtkit-0.13/rtkitctl.c:97:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "hk", long_options, NULL)) >= 0) {
data/rtkit-0.13/rtkit-daemon.c:223:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[128], line[256], *p;
data/rtkit-0.13/rtkit-daemon.c:233:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(fn, "r")))
data/rtkit-0.13/rtkit-daemon.c:322:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[64];
data/rtkit-0.13/rtkit-daemon.c:371:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[64];
data/rtkit-0.13/rtkit-daemon.c:401:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[64];
data/rtkit-0.13/rtkit-daemon.c:593:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[128];
data/rtkit-0.13/rtkit-daemon.c:601:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(fn, "r"))) {
data/rtkit-0.13/rtkit-daemon.c:608:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128];
data/rtkit-0.13/rtkit-daemon.c:609:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soft[32], hard[32];
data/rtkit-0.13/rtkit-daemon.c:642:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[128];
data/rtkit-0.13/rtkit-daemon.c:717:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[64];
data/rtkit-0.13/rtkit-daemon.c:786:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[64];
data/rtkit-0.13/rtkit-daemon.c:890:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[128];
data/rtkit-0.13/rtkit-daemon.c:1234:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[2];
data/rtkit-0.13/rtkitctl.c:81:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *method[_OPERATION_MAX] = {
data/rtkit-0.13/rtkit-daemon.c:212:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(user, pw->pw_name, len-1);
data/rtkit-0.13/rtkit-daemon.c:557:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strncmp(s, prefix, strlen(prefix)) == 0;
data/rtkit-0.13/rtkit-daemon.c:2310:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0777);
ANALYSIS SUMMARY:
Hits = 23
Lines analyzed = 3256 in approximately 0.13 seconds (24214 lines/second)
Physical Source Lines of Code (SLOC) = 2381
Hits@level = [0] 130 [1] 3 [2] 15 [3] 3 [4] 2 [5] 0
Hits@level+ = [0+] 153 [1+] 23 [2+] 20 [3+] 5 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 64.2587 [1+] 9.65981 [2+] 8.39983 [3+] 2.09996 [4+] 0.839983 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.