Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/vbindiff-3.0-beta5/win32/version.h
Examining data/vbindiff-3.0-beta5/win32/ConWin.hpp
Examining data/vbindiff-3.0-beta5/win32/config.h
Examining data/vbindiff-3.0-beta5/win32/targetver.h
Examining data/vbindiff-3.0-beta5/win32/ConWin.cpp
Examining data/vbindiff-3.0-beta5/win32/StdAfx.cpp
Examining data/vbindiff-3.0-beta5/win32/FileIO.hpp
Examining data/vbindiff-3.0-beta5/curses/ConWin.hpp
Examining data/vbindiff-3.0-beta5/curses/ConWin.cpp
Examining data/vbindiff-3.0-beta5/curses/FileIO.hpp
Examining data/vbindiff-3.0-beta5/vbindiff.cpp
Examining data/vbindiff-3.0-beta5/tables.h
Examining data/vbindiff-3.0-beta5/GetOpt/GetOpt.cpp
Examining data/vbindiff-3.0-beta5/GetOpt/GetOpt.hpp
FINAL RESULTS:
data/vbindiff-3.0-beta5/GetOpt/GetOpt.cpp:114:30: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
bool GetOpt::isFloat(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/GetOpt/GetOpt.cpp:139:29: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
bool GetOpt::isLong(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/GetOpt/GetOpt.cpp:164:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
bool GetOpt::isString(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/GetOpt/GetOpt.hpp:22:34: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
typedef bool (ArgFunc)(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/GetOpt/GetOpt.hpp:63:32: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
static bool isFloat(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/GetOpt/GetOpt.hpp:67:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
static bool isLong(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/GetOpt/GetOpt.hpp:71:33: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
static bool isString(GetOpt* getopt, const Option* option,
data/vbindiff-3.0-beta5/vbindiff.cpp:1778:20: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
bool usage(GetOpt* getopt, const GetOpt::Option* option,
data/vbindiff-3.0-beta5/vbindiff.cpp:1806:10: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
GetOpt getopt(options);
data/vbindiff-3.0-beta5/vbindiff.cpp:1807:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int argi = getopt.process(argc, const_cast<const char**>(argv));
data/vbindiff-3.0-beta5/vbindiff.cpp:1808:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
if (getopt.error)
data/vbindiff-3.0-beta5/GetOpt/GetOpt.hpp:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortOptionBuf[3];
data/vbindiff-3.0-beta5/curses/FileIO.hpp:49:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(path, (writable ? O_RDWR : O_RDONLY));
data/vbindiff-3.0-beta5/tables.h:23:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char asciiDisplayTable[256] = {
data/vbindiff-3.0-beta5/tables.h:126:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char ebcdicDisplayTable[256] = {
data/vbindiff-3.0-beta5/vbindiff.cpp:157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[maxPath];
data/vbindiff-3.0-beta5/vbindiff.cpp:463:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[lineWidth + lineWidth/8 + 1];
data/vbindiff-3.0-beta5/vbindiff.cpp:466:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[screenWidth+1];
data/vbindiff-3.0-beta5/vbindiff.cpp:475:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%04X %04X:",Word(lineOffset>>16),Word(lineOffset&0xFFFF));
data/vbindiff-3.0-beta5/vbindiff.cpp:484:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
str += sprintf(str, "%02X ", data->line[i][j]);
data/vbindiff-3.0-beta5/vbindiff.cpp:658:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[3];
data/vbindiff-3.0-beta5/vbindiff.cpp:659:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%02X", b);
data/vbindiff-3.0-beta5/vbindiff.cpp:776:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copyTo, copyFrom, moveLength);
data/vbindiff-3.0-beta5/vbindiff.cpp:1235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, s.c_str(), len);
data/vbindiff-3.0-beta5/vbindiff.cpp:1555:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxLen+1];
data/vbindiff-3.0-beta5/win32/FileIO.hpp:43:10: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static TCHAR buf[512];
data/vbindiff-3.0-beta5/curses/FileIO.hpp:82:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(file, buffer, count);
data/vbindiff-3.0-beta5/vbindiff.cpp:834:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fileName, aFileName, maxPath);
data/vbindiff-3.0-beta5/vbindiff.cpp:1289:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inWin.put((width-strlen(title))/2,0, title);
data/vbindiff-3.0-beta5/vbindiff.cpp:1612:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
searchLen = strlen(reinterpret_cast<char*>(buf));
ANALYSIS SUMMARY:
Hits = 30
Lines analyzed = 3973 in approximately 0.09 seconds (43306 lines/second)
Physical Source Lines of Code (SLOC) = 2293
Hits@level = [0] 0 [1] 4 [2] 15 [3] 11 [4] 0 [5] 0
Hits@level+ = [0+] 30 [1+] 30 [2+] 26 [3+] 11 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 13.0833 [1+] 13.0833 [2+] 11.3389 [3+] 4.79721 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.