Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/unison-2.51+4.11.1-2.51.3/src/bytearray_stubs.c Examining data/unison-2.51+4.11.1-2.51.3/src/fsmonitor/linux/inotify_stubs.c Examining data/unison-2.51+4.11.1-2.51.3/src/fsmonitor/windows/shortnames_stubs.c Examining data/unison-2.51+4.11.1-2.51.3/src/lwt/lwt_unix_stubs.c Examining data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c Examining data/unison-2.51+4.11.1-2.51.3/src/pty.c Examining data/unison-2.51+4.11.1-2.51.3/src/system/system_win_stubs.c Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/Bridge.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ColorGradientView.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ImageAndTextCell.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/MyController.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/NotificationController.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/PreferencesController.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ProfileController.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ProfileTableView.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ProgressCell.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ReconItem.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ReconTableView.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/UnisonToolbar.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/cltool.c Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ssselectabletoolbar/SSSelectableToolbar.h Examining data/unison-2.51+4.11.1-2.51.3/src/uimac/ssselectabletoolbar/SSSelectableToolbarItem.h Examining data/unison-2.51+4.11.1-2.51.3/src/winmain.c FINAL RESULTS: data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c:118:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. r = chmod(String_val(path), st.st_mode | S_IWUSR); data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c:124:5: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. chmod(String_val(path), st.st_mode); data/unison-2.51+4.11.1-2.51.3/src/uimac/cltool.c:52:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf,EXECPATH); data/unison-2.51+4.11.1-2.51.3/src/uimac/cltool.c:62:3: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(argv[0],argv); data/unison-2.51+4.11.1-2.51.3/src/bytearray_stubs.c:38:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, Long_val(l)); data/unison-2.51+4.11.1-2.51.3/src/bytearray_stubs.c:47:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, Long_val(l)); data/unison-2.51+4.11.1-2.51.3/src/fsmonitor/linux/inotify_stubs.c:132:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ev, String_val(buf), sizeof(struct inotify_event)); data/unison-2.51+4.11.1-2.51.3/src/lwt/lwt_unix_stubs.c:53:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, Long_val(l)); data/unison-2.51+4.11.1-2.51.3/src/lwt/lwt_unix_stubs.c:62:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, Long_val(l)); data/unison-2.51+4.11.1-2.51.3/src/lwt/lwt_unix_stubs.c:73:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char * action_name[5] = { data/unison-2.51+4.11.1-2.51.3/src/lwt/lwt_unix_stubs.c:121:7: [2] (buffer) CopyMemory: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. CopyMemory (queue, complQueue, complQueueSize * sizeof(completionInfo)); data/unison-2.51+4.11.1-2.51.3/src/lwt/lwt_unix_stubs.c:488:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "\\\\.\\Pipe\\UnisonAnonPipe.%08lx.%08lx", data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char finderInfo [32]; data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c:68:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (String_val (fInfo), attrBuf.finderInfo, 32); data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char finderInfo [32]; data/unison-2.51+4.11.1-2.51.3/src/osxsupport.c:107:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (attrBuf.finderInfo, String_val (fInfo), 32); data/unison-2.51+4.11.1-2.51.3/src/system/system_win_stubs.c:314:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t s[NT_MAX_PATH]; data/unison-2.51+4.11.1-2.51.3/src/system/system_win_stubs.c:452:3: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t fullname [MAX_PATH]; data/unison-2.51+4.11.1-2.51.3/src/uimac/cltool.c:29:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZE]; data/unison-2.51+4.11.1-2.51.3/src/fsmonitor/windows/shortnames_stubs.c:35:13: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = 2 * wcslen(s) + 2; /* NULL character included */ data/unison-2.51+4.11.1-2.51.3/src/system/system_win_stubs.c:31:13: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = 2 * wcslen(s) + 2; /* NULL character included */ data/unison-2.51+4.11.1-2.51.3/src/uimac/cltool.c:47:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/unison-2.51+4.11.1-2.51.3/src/uimac/cltool.c:48:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len + strlen(EXECPATH) + 1 > BUFSIZE) { ANALYSIS SUMMARY: Hits = 23 Lines analyzed = 2362 in approximately 0.11 seconds (21895 lines/second) Physical Source Lines of Code (SLOC) = 1755 Hits@level = [0] 32 [1] 4 [2] 15 [3] 0 [4] 2 [5] 2 Hits@level+ = [0+] 55 [1+] 23 [2+] 19 [3+] 4 [4+] 4 [5+] 2 Hits/KSLOC@level+ = [0+] 31.339 [1+] 13.1054 [2+] 10.8262 [3+] 2.2792 [4+] 2.2792 [5+] 1.1396 Dot directories skipped = 3 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.