Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/socklog-2.1.0+repack/src/tai_unpack.c
Examining data/socklog-2.1.0+repack/src/byte_chr.c
Examining data/socklog-2.1.0+repack/src/fd_move.c
Examining data/socklog-2.1.0+repack/src/scan_ulong.c
Examining data/socklog-2.1.0+repack/src/buffer_put.c
Examining data/socklog-2.1.0+repack/src/fifo.h
Examining data/socklog-2.1.0+repack/src/stralloc_catb.c
Examining data/socklog-2.1.0+repack/src/iopause.c
Examining data/socklog-2.1.0+repack/src/ndelay_off.c
Examining data/socklog-2.1.0+repack/src/taia_less.c
Examining data/socklog-2.1.0+repack/src/tai_sub.c
Examining data/socklog-2.1.0+repack/src/check-socklog-unix.c
Examining data/socklog-2.1.0+repack/src/stralloc_pend.c
Examining data/socklog-2.1.0+repack/src/env.h
Examining data/socklog-2.1.0+repack/src/trywaitp.c
Examining data/socklog-2.1.0+repack/src/stralloc_cat.c
Examining data/socklog-2.1.0+repack/src/ndelay_on.c
Examining data/socklog-2.1.0+repack/src/ndelay.h
Examining data/socklog-2.1.0+repack/src/subgetopt.h
Examining data/socklog-2.1.0+repack/src/sig_pause.c
Examining data/socklog-2.1.0+repack/src/wait.h
Examining data/socklog-2.1.0+repack/src/lock.h
Examining data/socklog-2.1.0+repack/src/error_str.c
Examining data/socklog-2.1.0+repack/src/buffer_read.c
Examining data/socklog-2.1.0+repack/src/lock_ex.c
Examining data/socklog-2.1.0+repack/src/gen_allocdefs.h
Examining data/socklog-2.1.0+repack/src/byte_zero.c
Examining data/socklog-2.1.0+repack/src/alloc.h
Examining data/socklog-2.1.0+repack/src/fd.h
Examining data/socklog-2.1.0+repack/src/tryflock.c
Examining data/socklog-2.1.0+repack/src/fmt_uint.c
Examining data/socklog-2.1.0+repack/src/open_read.c
Examining data/socklog-2.1.0+repack/src/str_chr.c
Examining data/socklog-2.1.0+repack/src/byte_diff.c
Examining data/socklog-2.1.0+repack/src/strerr_die.c
Examining data/socklog-2.1.0+repack/src/fmt_uint0.c
Examining data/socklog-2.1.0+repack/src/error.h
Examining data/socklog-2.1.0+repack/src/str_start.c
Examining data/socklog-2.1.0+repack/src/sig_block.c
Examining data/socklog-2.1.0+repack/src/tai.h
Examining data/socklog-2.1.0+repack/src/readclose.h
Examining data/socklog-2.1.0+repack/src/sig.h
Examining data/socklog-2.1.0+repack/src/seek.h
Examining data/socklog-2.1.0+repack/src/stralloc_opyb.c
Examining data/socklog-2.1.0+repack/src/buffer.h
Examining data/socklog-2.1.0+repack/src/socklog-check.c
Examining data/socklog-2.1.0+repack/src/open_append.c
Examining data/socklog-2.1.0+repack/src/sgetopt.h
Examining data/socklog-2.1.0+repack/src/taia_pack.c
Examining data/socklog-2.1.0+repack/src/openreadclose.c
Examining data/socklog-2.1.0+repack/src/buffer_write.c
Examining data/socklog-2.1.0+repack/src/stralloc_eady.c
Examining data/socklog-2.1.0+repack/src/taia_now.c
Examining data/socklog-2.1.0+repack/src/sig_catch.c
Examining data/socklog-2.1.0+repack/src/check-socklog-inet.c
Examining data/socklog-2.1.0+repack/src/taia_approx.c
Examining data/socklog-2.1.0+repack/src/coe.c
Examining data/socklog-2.1.0+repack/src/taia_add.c
Examining data/socklog-2.1.0+repack/src/taia.h
Examining data/socklog-2.1.0+repack/src/prot.h
Examining data/socklog-2.1.0+repack/src/alloc_re.c
Examining data/socklog-2.1.0+repack/src/str.h
Examining data/socklog-2.1.0+repack/src/trymkffo.c
Examining data/socklog-2.1.0+repack/src/buffer_0.c
Examining data/socklog-2.1.0+repack/src/alloc.c
Examining data/socklog-2.1.0+repack/src/stralloc.h
Examining data/socklog-2.1.0+repack/src/tryshsgr.c
Examining data/socklog-2.1.0+repack/src/subgetopt.c
Examining data/socklog-2.1.0+repack/src/fifo.c
Examining data/socklog-2.1.0+repack/src/wait_nohang.c
Examining data/socklog-2.1.0+repack/src/byte_copy.c
Examining data/socklog-2.1.0+repack/src/fmt.h
Examining data/socklog-2.1.0+repack/src/open_trunc.c
Examining data/socklog-2.1.0+repack/src/pathexec_env.c
Examining data/socklog-2.1.0+repack/src/env.c
Examining data/socklog-2.1.0+repack/src/trypoll.c
Examining data/socklog-2.1.0+repack/src/byte_rchr.c
Examining data/socklog-2.1.0+repack/src/stralloc_opys.c
Examining data/socklog-2.1.0+repack/src/buffer_1.c
Examining data/socklog-2.1.0+repack/src/strerr.h
Examining data/socklog-2.1.0+repack/src/scan.h
Examining data/socklog-2.1.0+repack/src/tai_pack.c
Examining data/socklog-2.1.0+repack/src/trysysel.c
Examining data/socklog-2.1.0+repack/src/taia_sub.c
Examining data/socklog-2.1.0+repack/src/gen_alloc.h
Examining data/socklog-2.1.0+repack/src/openreadclose.h
Examining data/socklog-2.1.0+repack/src/open_write.c
Examining data/socklog-2.1.0+repack/src/uncat.c
Examining data/socklog-2.1.0+repack/src/trydrent.c
Examining data/socklog-2.1.0+repack/src/taia_uint.c
Examining data/socklog-2.1.0+repack/src/coe.h
Examining data/socklog-2.1.0+repack/src/wait_pid.c
Examining data/socklog-2.1.0+repack/src/syslognames.h
Examining data/socklog-2.1.0+repack/src/byte.h
Examining data/socklog-2.1.0+repack/src/tryulong64.c
Examining data/socklog-2.1.0+repack/src/lock_exnb.c
Examining data/socklog-2.1.0+repack/src/trysgprm.c
Examining data/socklog-2.1.0+repack/src/sgetopt.c
Examining data/socklog-2.1.0+repack/src/tai_now.c
Examining data/socklog-2.1.0+repack/src/str_len.c
Examining data/socklog-2.1.0+repack/src/buffer_get.c
Examining data/socklog-2.1.0+repack/src/byte_cr.c
Examining data/socklog-2.1.0+repack/src/error.c
Examining data/socklog-2.1.0+repack/src/readclose.c
Examining data/socklog-2.1.0+repack/src/open.h
Examining data/socklog-2.1.0+repack/src/sig.c
Examining data/socklog-2.1.0+repack/src/str_diff.c
Examining data/socklog-2.1.0+repack/src/x86cpuid.c
Examining data/socklog-2.1.0+repack/src/buffer.c
Examining data/socklog-2.1.0+repack/src/trycpp.c
Examining data/socklog-2.1.0+repack/src/taia_frac.c
Examining data/socklog-2.1.0+repack/src/trysgact.c
Examining data/socklog-2.1.0+repack/src/buffer_2.c
Examining data/socklog-2.1.0+repack/src/trysocketlib.c
Examining data/socklog-2.1.0+repack/src/fd_copy.c
Examining data/socklog-2.1.0+repack/src/fmt_ulong.c
Examining data/socklog-2.1.0+repack/src/stralloc_cats.c
Examining data/socklog-2.1.0+repack/src/strerr_sys.c
Examining data/socklog-2.1.0+repack/src/tryto.c
Examining data/socklog-2.1.0+repack/src/chkshsgr.c
Examining data/socklog-2.1.0+repack/src/pathexec.h
Examining data/socklog-2.1.0+repack/src/pathexec_run.c
Examining data/socklog-2.1.0+repack/src/prot.c
Examining data/socklog-2.1.0+repack/src/seek_set.c
Examining data/socklog-2.1.0+repack/src/socklog-conf.c
Examining data/socklog-2.1.0+repack/src/socklog.c
FINAL RESULTS:
data/socklog-2.1.0+repack/src/socklog-conf.c:89:27: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
void perm(int mode) { if (chmod(fn, mode) == -1) fail(); }
data/socklog-2.1.0+repack/src/socklog-conf.c:103:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(s, pw->pw_uid, pw->pw_gid) == -1)
data/socklog-2.1.0+repack/src/socklog-conf.c:281:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(path, upw->pw_uid, gr->gr_gid) == -1)
data/socklog-2.1.0+repack/src/socklog-conf.c:371:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(dir, 0750) == -1)
data/socklog-2.1.0+repack/src/sgetopt.c:21:9: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define getopt sgetoptmine
data/socklog-2.1.0+repack/src/sgetopt.c:30:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc,const char *const *argv,const char *opts)
data/socklog-2.1.0+repack/src/sgetopt.h:7:9: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define getopt sgetoptmine
data/socklog-2.1.0+repack/src/socklog-check.c:31:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt =getopt(argc, argv, "vV")) != opteof) {
data/socklog-2.1.0+repack/src/socklog.c:418:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt =getopt(argc, argv, "rRUV")) != opteof) {
data/socklog-2.1.0+repack/src/tryto.c:56:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt =getopt(argc,argv,"t:k:n:pPvV")) != opteof) {
data/socklog-2.1.0+repack/src/uncat.c:49:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt =getopt(argc, argv, "t:s:voV")) != opteof) {
data/socklog-2.1.0+repack/src/alloc.c:10:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef union { char irrelevant[ALIGNMENT]; double d; } aligned;
data/socklog-2.1.0+repack/src/buffer_0.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_0_space[BUFFER_INSIZE];
data/socklog-2.1.0+repack/src/buffer_1.c:5:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_1_space[BUFFER_OUTSIZE];
data/socklog-2.1.0+repack/src/buffer_2.c:5:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_2_space[256];
data/socklog-2.1.0+repack/src/check-socklog-inet.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[4];
data/socklog-2.1.0+repack/src/check-socklog-unix.c:19:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sa.sun_path, "socklog.check.socket");
data/socklog-2.1.0+repack/src/open_append.c:8:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ return open(fn,O_WRONLY | O_NDELAY | O_APPEND | O_CREAT,0600); }
data/socklog-2.1.0+repack/src/open_read.c:8:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ return open(fn,O_RDONLY | O_NDELAY); }
data/socklog-2.1.0+repack/src/open_trunc.c:8:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
data/socklog-2.1.0+repack/src/open_write.c:8:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ return open(fn,O_WRONLY | O_NDELAY); }
data/socklog-2.1.0+repack/src/sgetopt.c:43:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chp[2]; chp[0] = optproblem; chp[1] = '\n';
data/socklog-2.1.0+repack/src/socklog-conf.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/socklog-2.1.0+repack/src/socklog.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINEC];
data/socklog-2.1.0+repack/src/socklog.c:266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *envs[9];
data/socklog-2.1.0+repack/src/socklog.c:354:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((sfd = open(address, O_RDONLY | O_NOCTTY)) == -1)
data/socklog-2.1.0+repack/src/trypoll.c:11:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
x.fd = open("trypoll.c",O_RDONLY);
data/socklog-2.1.0+repack/src/tryto.c:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_x_space[BUFFER_INSIZE];
data/socklog-2.1.0+repack/src/buffer_read.c:8:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(fd,buf,len);
data/socklog-2.1.0+repack/src/readclose.c:12:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(fd,sa->s + sa->len,bufsize);
data/socklog-2.1.0+repack/src/socklog-check.c:48:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sa.sun_path, address, sizeof(sa.sun_path));
data/socklog-2.1.0+repack/src/socklog-conf.c:113:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scan_ulong(u.release+strlen(u.release)-1, &sunos_version);
data/socklog-2.1.0+repack/src/socklog-conf.c:277:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(007);
data/socklog-2.1.0+repack/src/socklog-conf.c:280:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(022);
data/socklog-2.1.0+repack/src/socklog-conf.c:305:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(022);
data/socklog-2.1.0+repack/src/socklog.c:171:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sa.sun_path, f, sizeof(sa.sun_path) - 1);
data/socklog-2.1.0+repack/src/socklog.c:174:18: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if (! noumask) umask(0);
data/socklog-2.1.0+repack/src/tryto.c:171:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(selfpipe[0], &ch, 1) == 1) {}
data/socklog-2.1.0+repack/src/tryto.c:223:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(selfpipe[0], &ch, 1) == 1) {}
ANALYSIS SUMMARY:
Hits = 39
Lines analyzed = 4247 in approximately 0.13 seconds (31807 lines/second)
Physical Source Lines of Code (SLOC) = 3422
Hits@level = [0] 4 [1] 11 [2] 17 [3] 7 [4] 0 [5] 4
Hits@level+ = [0+] 43 [1+] 39 [2+] 28 [3+] 11 [4+] 4 [5+] 4
Hits/KSLOC@level+ = [0+] 12.5658 [1+] 11.3968 [2+] 8.18235 [3+] 3.21449 [4+] 1.16891 [5+] 1.16891
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.