Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/swapspace-1.17/src/memory.h Examining data/swapspace-1.17/src/log.c Examining data/swapspace-1.17/src/log.h Examining data/swapspace-1.17/src/hog.c Examining data/swapspace-1.17/src/support.h Examining data/swapspace-1.17/src/state.h Examining data/swapspace-1.17/src/env.h Examining data/swapspace-1.17/src/support.c Examining data/swapspace-1.17/src/swaps.c Examining data/swapspace-1.17/src/opts.h Examining data/swapspace-1.17/src/main.c Examining data/swapspace-1.17/src/opts.c Examining data/swapspace-1.17/src/main.h Examining data/swapspace-1.17/src/memory.c Examining data/swapspace-1.17/src/swaps.h Examining data/swapspace-1.17/src/state.c FINAL RESULTS: data/swapspace-1.17/src/swaps.c:198:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. if (chmod(swappath, mode) < 0) data/swapspace-1.17/src/log.c:88:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(out, fmt, ap); data/swapspace-1.17/src/opts.c:334:25: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (strdest && value) strcpy(strdest, value); data/swapspace-1.17/src/support.c:52:16: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (unlikely(snprintf(localbuf, bufsz, format, cmd, arg) >= bufsz)) data/swapspace-1.17/src/support.c:61:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. return system(localbuf); data/swapspace-1.17/src/hog.c:61:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1000]; data/swapspace-1.17/src/main.c:50:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localbuf[16384]; data/swapspace-1.17/src/main.c:56:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pidfile[PATH_MAX] = "/var/run/swapspace.pid"; data/swapspace-1.17/src/main.c:140:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pidfd = open(pidfile, O_WRONLY|O_CREAT|O_EXCL, O_WRONLY); data/swapspace-1.17/src/main.h:44:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char localbuf[16384]; data/swapspace-1.17/src/memory.c:92:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[200]; data/swapspace-1.17/src/memory.c:113:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(result->entry, "Error reading /proc/meminfo"); data/swapspace-1.17/src/memory.c:117:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fact[20]; data/swapspace-1.17/src/memory.c:256:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen("/proc/meminfo", "r"); data/swapspace-1.17/src/opts.c:53:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char configfile[PATH_MAX] = ETCPREFIX"/swapspace.conf"; data/swapspace-1.17/src/opts.c:342:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(configfile, "r"); data/swapspace-1.17/src/opts.c:360:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[100], val[PATH_MAX], dummy[2]; data/swapspace-1.17/src/swaps.c:63:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char swappath[PATH_MAX] = VARPREFIX"/lib/swapspace"; data/swapspace-1.17/src/swaps.c:515:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). const int fd=open(file, O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE, S_IRUSR|S_IWUSR); data/swapspace-1.17/src/swaps.c:544:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[PATH_MAX]; data/swapspace-1.17/src/swaps.c:565:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int fd = open(name, O_RDONLY|O_LARGEFILE|O_NOFOLLOW); data/swapspace-1.17/src/swaps.c:622:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen("/proc/swaps", "r"); data/swapspace-1.17/src/swaps.c:654:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[100]; data/swapspace-1.17/src/swaps.c:789:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf[30]; data/swapspace-1.17/src/swaps.c:799:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(namebuf, O_WRONLY|O_LARGEFILE|O_NOFOLLOW); data/swapspace-1.17/src/swaps.c:880:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file[30]; data/swapspace-1.17/src/main.c:121:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(localbuf); data/swapspace-1.17/src/memory.c:118:17: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. const int x = sscanf(localbuf, data/swapspace-1.17/src/memory.c:165:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t factlen = strlen(fact); data/swapspace-1.17/src/opts.c:202:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(options[i].name); data/swapspace-1.17/src/opts.c:212:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ptlen = strlen(pt); data/swapspace-1.17/src/opts.c:213:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(ptlen < strlen(pad)); data/swapspace-1.17/src/opts.c:221:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)(longestopt+2-strlen(options[i].name)-2*strlen(pt)), data/swapspace-1.17/src/opts.c:221:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (int)(longestopt+2-strlen(options[i].name)-2*strlen(pt)), data/swapspace-1.17/src/opts.c:289:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (value) arglen = strlen(value); data/swapspace-1.17/src/opts.c:362:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(localbuf," %100[a-z_] = \"%"PMS"[^\"]\" %1s",key,val,dummy)==2 || data/swapspace-1.17/src/opts.c:363:2: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. sscanf(localbuf," %100[a-z_] = %"PMS"s %1s",key,val,dummy) == 2) data/swapspace-1.17/src/opts.c:367:14: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. else if (sscanf(localbuf," %100[a-z_] %1s",key,dummy) == 1) data/swapspace-1.17/src/opts.c:371:14: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. else if (sscanf(localbuf," %1s",dummy) > 0) data/swapspace-1.17/src/opts.c:424:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(localbuf, optname, optnamelen); data/swapspace-1.17/src/swaps.c:160:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). swappath_len = strlen(swappath); data/swapspace-1.17/src/swaps.c:656:17: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. const int x=sscanf(localbuf, ANALYSIS SUMMARY: Hits = 42 Lines analyzed = 3248 in approximately 0.11 seconds (30118 lines/second) Physical Source Lines of Code (SLOC) = 1969 Hits@level = [0] 27 [1] 16 [2] 21 [3] 0 [4] 4 [5] 1 Hits@level+ = [0+] 69 [1+] 42 [2+] 26 [3+] 5 [4+] 5 [5+] 1 Hits/KSLOC@level+ = [0+] 35.0432 [1+] 21.3306 [2+] 13.2047 [3+] 2.53936 [4+] 2.53936 [5+] 0.507872 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.