Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/swapspace-1.17/src/memory.h
Examining data/swapspace-1.17/src/log.c
Examining data/swapspace-1.17/src/log.h
Examining data/swapspace-1.17/src/hog.c
Examining data/swapspace-1.17/src/support.h
Examining data/swapspace-1.17/src/state.h
Examining data/swapspace-1.17/src/env.h
Examining data/swapspace-1.17/src/support.c
Examining data/swapspace-1.17/src/swaps.c
Examining data/swapspace-1.17/src/opts.h
Examining data/swapspace-1.17/src/main.c
Examining data/swapspace-1.17/src/opts.c
Examining data/swapspace-1.17/src/main.h
Examining data/swapspace-1.17/src/memory.c
Examining data/swapspace-1.17/src/swaps.h
Examining data/swapspace-1.17/src/state.c
FINAL RESULTS:
data/swapspace-1.17/src/swaps.c:198:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(swappath, mode) < 0)
data/swapspace-1.17/src/log.c:88:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(out, fmt, ap);
data/swapspace-1.17/src/opts.c:334:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (strdest && value) strcpy(strdest, value);
data/swapspace-1.17/src/support.c:52:16: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (unlikely(snprintf(localbuf, bufsz, format, cmd, arg) >= bufsz))
data/swapspace-1.17/src/support.c:61:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return system(localbuf);
data/swapspace-1.17/src/hog.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/swapspace-1.17/src/main.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localbuf[16384];
data/swapspace-1.17/src/main.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pidfile[PATH_MAX] = "/var/run/swapspace.pid";
data/swapspace-1.17/src/main.c:140:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pidfd = open(pidfile, O_WRONLY|O_CREAT|O_EXCL, O_WRONLY);
data/swapspace-1.17/src/main.h:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char localbuf[16384];
data/swapspace-1.17/src/memory.c:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[200];
data/swapspace-1.17/src/memory.c:113:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result->entry, "Error reading /proc/meminfo");
data/swapspace-1.17/src/memory.c:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fact[20];
data/swapspace-1.17/src/memory.c:256:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("/proc/meminfo", "r");
data/swapspace-1.17/src/opts.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char configfile[PATH_MAX] = ETCPREFIX"/swapspace.conf";
data/swapspace-1.17/src/opts.c:342:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(configfile, "r");
data/swapspace-1.17/src/opts.c:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[100], val[PATH_MAX], dummy[2];
data/swapspace-1.17/src/swaps.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char swappath[PATH_MAX] = VARPREFIX"/lib/swapspace";
data/swapspace-1.17/src/swaps.c:515:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int fd=open(file, O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE, S_IRUSR|S_IWUSR);
data/swapspace-1.17/src/swaps.c:544:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/swapspace-1.17/src/swaps.c:565:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(name, O_RDONLY|O_LARGEFILE|O_NOFOLLOW);
data/swapspace-1.17/src/swaps.c:622:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("/proc/swaps", "r");
data/swapspace-1.17/src/swaps.c:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[100];
data/swapspace-1.17/src/swaps.c:789:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[30];
data/swapspace-1.17/src/swaps.c:799:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(namebuf, O_WRONLY|O_LARGEFILE|O_NOFOLLOW);
data/swapspace-1.17/src/swaps.c:880:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[30];
data/swapspace-1.17/src/main.c:121:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(localbuf);
data/swapspace-1.17/src/memory.c:118:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
const int x = sscanf(localbuf,
data/swapspace-1.17/src/memory.c:165:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t factlen = strlen(fact);
data/swapspace-1.17/src/opts.c:202:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(options[i].name);
data/swapspace-1.17/src/opts.c:212:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptlen = strlen(pt);
data/swapspace-1.17/src/opts.c:213:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(ptlen < strlen(pad));
data/swapspace-1.17/src/opts.c:221:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)(longestopt+2-strlen(options[i].name)-2*strlen(pt)),
data/swapspace-1.17/src/opts.c:221:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)(longestopt+2-strlen(options[i].name)-2*strlen(pt)),
data/swapspace-1.17/src/opts.c:289:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (value) arglen = strlen(value);
data/swapspace-1.17/src/opts.c:362:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(localbuf," %100[a-z_] = \"%"PMS"[^\"]\" %1s",key,val,dummy)==2 ||
data/swapspace-1.17/src/opts.c:363:2: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(localbuf," %100[a-z_] = %"PMS"s %1s",key,val,dummy) == 2)
data/swapspace-1.17/src/opts.c:367:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
else if (sscanf(localbuf," %100[a-z_] %1s",key,dummy) == 1)
data/swapspace-1.17/src/opts.c:371:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
else if (sscanf(localbuf," %1s",dummy) > 0)
data/swapspace-1.17/src/opts.c:424:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(localbuf, optname, optnamelen);
data/swapspace-1.17/src/swaps.c:160:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
swappath_len = strlen(swappath);
data/swapspace-1.17/src/swaps.c:656:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
const int x=sscanf(localbuf,
ANALYSIS SUMMARY:
Hits = 42
Lines analyzed = 3248 in approximately 0.11 seconds (30118 lines/second)
Physical Source Lines of Code (SLOC) = 1969
Hits@level = [0] 27 [1] 16 [2] 21 [3] 0 [4] 4 [5] 1
Hits@level+ = [0+] 69 [1+] 42 [2+] 26 [3+] 5 [4+] 5 [5+] 1
Hits/KSLOC@level+ = [0+] 35.0432 [1+] 21.3306 [2+] 13.2047 [3+] 2.53936 [4+] 2.53936 [5+] 0.507872
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.