Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/undbx-0.21/dbxprogress.c
Examining data/undbx-0.21/dbxprogress.h
Examining data/undbx-0.21/dbxread.c
Examining data/undbx-0.21/dbxread.h
Examining data/undbx-0.21/dbxsys.c
Examining data/undbx-0.21/dbxsys.h
Examining data/undbx-0.21/emlread.c
Examining data/undbx-0.21/emlread.h
Examining data/undbx-0.21/undbx.c
FINAL RESULTS:
data/undbx-0.21/dbxprogress.c:74:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stream, format, ap);
data/undbx-0.21/dbxread.c:164:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, suffix);
data/undbx-0.21/dbxread.c:889:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, suffix);
data/undbx-0.21/dbxsys.c:317:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_filename, "%s/%s", destination, filename);
data/undbx-0.21/undbx.c:518:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/undbx-0.21/undbx.c:560:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hVv:rsDid", long_options, NULL);
data/undbx-0.21/dbxprogress.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *_dbx_status_label[DBX_STATUS_LAST + 1] = {
data/undbx-0.21/dbxread.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[256];
data/undbx-0.21/dbxread.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DBX_MAX_FILENAME];
data/undbx-0.21/dbxread.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[sizeof(".00000000.00000000.eml.00000000")];
data/undbx-0.21/dbxread.c:161:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix, ".%08X.%08X.eml.00000000",
data/undbx-0.21/dbxread.c:189:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbx->info[i - 1].filename + strlen(dbx->info[i - 1].filename) - cl,
data/undbx-0.21/dbxread.c:196:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dbx->info[i - 1].filename + strlen(dbx->info[i - 1].filename) - cl,
data/undbx-0.21/dbxread.c:315:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DBX_MAX_FILENAME];
data/undbx-0.21/dbxread.c:319:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "%08X.eml", (unsigned int) msg_offset);
data/undbx-0.21/dbxread.c:680:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dbx->file = fopen(filename, "rb");
data/undbx-0.21/dbxread.c:809:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[DBX_MAX_FILENAME];
data/undbx-0.21/dbxread.c:810:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[sizeof(".0000000000000000.eml")];
data/undbx-0.21/dbxread.c:866:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename,
data/undbx-0.21/dbxread.c:881:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix,
data/undbx-0.21/emlread.c:667:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char table[64] =
data/undbx-0.21/emlread.c:682:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[4];
data/undbx-0.21/emlread.c:726:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chr[3];
data/undbx-0.21/emlread.c:792:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret, start, len);
data/undbx-0.21/emlread.c:892:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + bufpos, decoded_text, nbytes);
data/undbx-0.21/emlread.c:908:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + bufpos, fromstr - run_count, run_count);
data/undbx-0.21/emlread.c:928:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer + bufpos, fromstr, len);
data/undbx-0.21/undbx.c:73:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
eml = fopen(filename, "w+b");
data/undbx-0.21/undbx.c:183:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *scan_type[2] = { "messages", "deleted message fragments" };
data/undbx-0.21/undbx.c:199:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dest_dir, "/deleted");
data/undbx-0.21/undbx.c:505:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[256];
data/undbx-0.21/undbx.c:506:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/undbx-0.21/undbx.c:508:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rfp = fopen(fn, "r");
data/undbx-0.21/undbx.c:510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/undbx-0.21/undbx.c:572:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
options.verbosity = atoi(optarg);
data/undbx-0.21/dbxread.c:64:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(c);
data/undbx-0.21/dbxread.c:66:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s + n, c, l);
data/undbx-0.21/dbxread.c:170:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info->filename[strlen(info->filename) - sizeof("00000000")] = '\0';
data/undbx-0.21/dbxread.c:189:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(dbx->info[i - 1].filename + strlen(dbx->info[i - 1].filename) - cl,
data/undbx-0.21/dbxread.c:196:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(dbx->info[i - 1].filename + strlen(dbx->info[i - 1].filename) - cl,
data/undbx-0.21/dbxsys.c:144:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(dir);
data/undbx-0.21/dbxsys.c:315:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(destination) + strlen("/") + strlen(filename) + 1));
data/undbx-0.21/dbxsys.c:315:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(destination) + strlen("/") + strlen(filename) + 1));
data/undbx-0.21/dbxsys.c:315:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(destination) + strlen("/") + strlen(filename) + 1));
data/undbx-0.21/dbxsys.c:361:27: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw = (long long int) (fgetc(file) & 0xFF);
data/undbx-0.21/dbxsys.c:362:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x08);
data/undbx-0.21/dbxsys.c:363:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x10);
data/undbx-0.21/dbxsys.c:364:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x18);
data/undbx-0.21/dbxsys.c:365:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x20);
data/undbx-0.21/dbxsys.c:366:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x28);
data/undbx-0.21/dbxsys.c:367:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x30);
data/undbx-0.21/dbxsys.c:368:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
llw |= ((long long int) (fgetc(file) & 0xFF) << 0x38);
data/undbx-0.21/dbxsys.c:380:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dw = (int) (fgetc(file) & 0xFF);
data/undbx-0.21/dbxsys.c:381:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dw |= ((int) (fgetc(file) & 0xFF) << 0x08);
data/undbx-0.21/dbxsys.c:382:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dw |= ((int) (fgetc(file) & 0xFF) << 0x10);
data/undbx-0.21/dbxsys.c:383:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dw |= ((int) (fgetc(file) & 0xFF) << 0x18);
data/undbx-0.21/dbxsys.c:395:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
w = (short) (fgetc(file) & 0xFF);
data/undbx-0.21/dbxsys.c:396:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
w |= ((short) (fgetc(file) & 0xFF) << 0x08);
data/undbx-0.21/emlread.c:57:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen (*to);
data/undbx-0.21/emlread.c:66:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (&to[0][l], from, n);
data/undbx-0.21/emlread.c:490:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (zone) > 5 || strlen (zone) < 4) {
data/undbx-0.21/emlread.c:490:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (zone) > 5 || strlen (zone) < 4) {
data/undbx-0.21/emlread.c:837:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize = strlen (fromstr) + 1;
data/undbx-0.21/emlread.c:868:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen (encoded_text);
data/undbx-0.21/emlread.c:926:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (fromstr);
data/undbx-0.21/emlread.c:965:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pstop = pmessage + strlen(pmessage);
data/undbx-0.21/emlread.c:994:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (_eml_parse822_date_time((const char **)&pdate, pbody + strlen(pbody), &tm, &tzoffset) == EOK)
data/undbx-0.21/undbx.c:198:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest_dir = (char *)realloc(dest_dir, sizeof(char) * (strlen(dest_dir) + strlen("/deleted") + 1));
data/undbx-0.21/undbx.c:198:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest_dir = (char *)realloc(dest_dir, sizeof(char) * (strlen(dest_dir) + strlen("/deleted") + 1));
data/undbx-0.21/undbx.c:427:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eml_dir[strlen(eml_dir) - 4] = '\0';
data/undbx-0.21/undbx.c:459:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(*dir);
ANALYSIS SUMMARY:
Hits = 71
Lines analyzed = 3500 in approximately 0.10 seconds (34171 lines/second)
Physical Source Lines of Code (SLOC) = 2692
Hits@level = [0] 12 [1] 36 [2] 29 [3] 1 [4] 5 [5] 0
Hits@level+ = [0+] 83 [1+] 71 [2+] 35 [3+] 6 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 30.8321 [1+] 26.3744 [2+] 13.0015 [3+] 2.22883 [4+] 1.85736 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.