Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tmd710-tncsetup-1.13/tmd710_tncsetup.c FINAL RESULTS: data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:87:14: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. clflag = getopt_long(argc, argv, "m:p:b:c:d:B:S:i:hsV", long_options, data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:59:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command_mycall[MAX_COMMAND_LENGTH]; data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command_maxframe[MAX_COMMAND_LENGTH]; data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:61:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command_paclen[MAX_COMMAND_LENGTH]; data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:62:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command_txdelay[MAX_COMMAND_LENGTH]; data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:262:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). dev = open(serial_port, O_RDWR | O_NOCTTY); data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:294:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_tnc_off, strlen(command_tnc_off)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:301:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, band_0, strlen(band_0)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:313:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, band_a, strlen(band_a)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:318:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, band_b, strlen(band_b)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:324:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_baudrate_1200, strlen(command_baudrate_1200)) == data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:330:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_baudrate_9600, strlen(command_baudrate_9600)) == data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:337:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_mycall, strlen(command_mycall)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:343:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_maxframe, strlen(command_maxframe)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:349:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_paclen, strlen(command_paclen)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:355:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_soft_flow, strlen(command_soft_flow)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:360:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_hard_flow, strlen(command_hard_flow)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:366:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_txdelay, strlen(command_txdelay)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:376:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_kiss_on, strlen(command_kiss_on)) == -1) { data/tmd710-tncsetup-1.13/tmd710_tncsetup.c:380:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (write(dev, command_restart, strlen(command_restart)) == -1) { ANALYSIS SUMMARY: Hits = 20 Lines analyzed = 397 in approximately 0.04 seconds (10472 lines/second) Physical Source Lines of Code (SLOC) = 341 Hits@level = [0] 45 [1] 14 [2] 5 [3] 1 [4] 0 [5] 0 Hits@level+ = [0+] 65 [1+] 20 [2+] 6 [3+] 1 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 190.616 [1+] 58.651 [2+] 17.5953 [3+] 2.93255 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.