-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Create flawfinder_2.0.19_on_version_1.0.1.md
Classification will be done in the coming days...
- Loading branch information
Showing
1 changed file
with
220 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,220 @@ | ||
| # Flawfinder | ||
| Analysis performed on [version 1.0.1 source code](https://github.com/HubTou/PyLists4C/tree/1.0.1) with [flawfinder](https://dwheeler.com/flawfinder/) version 2.0.19: | ||
|
|
||
| ``` | ||
| # flawfinder src | ||
| Flawfinder version 2.0.19, (C) 2001-2019 David A. Wheeler. | ||
| Number of rules (primarily dangerous function names) in C/C++ ruleset: 222 | ||
| src/str.c:130: [4] (buffer) strcat: | ||
| Does not check for buffer overflows when concatenating to destination | ||
| [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or | ||
| snprintf (warning: strncat is easily misused). | ||
| src/str.c:158: [4] (buffer) strcat: | ||
| Does not check for buffer overflows when concatenating to destination | ||
| [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or | ||
| snprintf (warning: strncat is easily misused). | ||
| src/toArray.c:128: [4] (buffer) strcpy: | ||
| Does not check for buffer overflows when copying to destination [MS-banned] | ||
| (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy | ||
| easily misused). | ||
| src/types/Struct.c:76: [4] (buffer) strcat: | ||
| Does not check for buffer overflows when concatenating to destination | ||
| [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or | ||
| snprintf (warning: strncat is easily misused). | ||
| src/shuffled.c:10: [3] (random) srandom: | ||
| This function is not sufficiently random for security-related functions | ||
| such as key and nonce creation (CWE-327). Use a more secure technique for | ||
| acquiring random values. | ||
| src/shuffled.c:10: [3] (random) srand: | ||
| This function is not sufficiently random for security-related functions | ||
| such as key and nonce creation (CWE-327). Use a more secure technique for | ||
| acquiring random values. | ||
| src/shuffled.c:11: [3] (random) random: | ||
| This function is not sufficiently random for security-related functions | ||
| such as key and nonce creation (CWE-327). Use a more secure technique for | ||
| acquiring random values. | ||
| src/shuffled.c:39: [3] (random) srandom: | ||
| This function is not sufficiently random for security-related functions | ||
| such as key and nonce creation (CWE-327). Use a more secure technique for | ||
| acquiring random values. | ||
| src/shuffled.c:47: [3] (random) random: | ||
| This function is not sufficiently random for security-related functions | ||
| such as key and nonce creation (CWE-327). Use a more secure technique for | ||
| acquiring random values. | ||
| src/change.c:61: [2] (buffer) memcpy: | ||
| Does not check for buffer overflows when copying to destination (CWE-120). | ||
| Make sure destination can always hold the source data. | ||
| src/createElement.c:62: [2] (buffer) memcpy: | ||
| Does not check for buffer overflows when copying to destination (CWE-120). | ||
| Make sure destination can always hold the source data. | ||
| src/debug.c:22: [2] (buffer) char: | ||
| Statically-sized arrays can be improperly restricted, leading to potential | ||
| overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use | ||
| functions that limit length, or ensure that the size is larger than the | ||
| maximum possible length. | ||
| src/list.c:145: [2] (integer) atol: | ||
| Unless checked, the resulting number can exceed the expected range | ||
| (CWE-190). If source untrusted, check both minimum and maximum, even if the | ||
| input had no minus sign (large numbers can roll over into negative number; | ||
| consider saving to an unsigned value if that is intended). | ||
| src/list.c:169: [2] (integer) atol: | ||
| Unless checked, the resulting number can exceed the expected range | ||
| (CWE-190). If source untrusted, check both minimum and maximum, even if the | ||
| input had no minus sign (large numbers can roll over into negative number; | ||
| consider saving to an unsigned value if that is intended). | ||
| src/list.c:451: [2] (integer) atol: | ||
| Unless checked, the resulting number can exceed the expected range | ||
| (CWE-190). If source untrusted, check both minimum and maximum, even if the | ||
| input had no minus sign (large numbers can roll over into negative number; | ||
| consider saving to an unsigned value if that is intended). | ||
| src/str.c:39: [2] (buffer) char: | ||
| Statically-sized arrays can be improperly restricted, leading to potential | ||
| overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use | ||
| functions that limit length, or ensure that the size is larger than the | ||
| maximum possible length. | ||
| src/str.c:51: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:52: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:53: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:54: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:55: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:56: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:57: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:58: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:59: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:60: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:61: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:62: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:63: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:64: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/str.c:95: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/toArray.c:134: [2] (buffer) memcpy: | ||
| Does not check for buffer overflows when copying to destination (CWE-120). | ||
| Make sure destination can always hold the source data. | ||
| src/types/Struct.c:69: [2] (buffer) char: | ||
| Statically-sized arrays can be improperly restricted, leading to potential | ||
| overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use | ||
| functions that limit length, or ensure that the size is larger than the | ||
| maximum possible length. | ||
| src/types/Struct.c:74: [2] (buffer) sprintf: | ||
| Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or | ||
| vsnprintf. Risk is low because the source has a constant maximum length. | ||
| src/change.c:66: [1] (buffer) strncpy: | ||
| Easily used incorrectly; doesn't always \0-terminate or check for invalid | ||
| pointers [MS-banned] (CWE-120). | ||
| src/createElement.c:67: [1] (buffer) strncpy: | ||
| Easily used incorrectly; doesn't always \0-terminate or check for invalid | ||
| pointers [MS-banned] (CWE-120). | ||
| src/fromArray.c:41: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/list.c:54: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/list.c:323: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/list.c:478: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/stats.c:55: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/str.c:148: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/str.c:152: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/str.c:193: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:11: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:16: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:21: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:26: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:31: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:36: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:41: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:46: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:51: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:56: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| src/types/String.c:61: [1] (buffer) strlen: | ||
| Does not handle strings that are not \0-terminated; if given one it may | ||
| perform an over-read (it could cause a crash if unprotected) (CWE-126). | ||
| ANALYSIS SUMMARY: | ||
| Hits = 55 | ||
| Lines analyzed = 5672 in approximately 0.11 seconds (51435 lines/second) | ||
| Physical Source Lines of Code (SLOC) = 3887 | ||
| Hits@level = [0] 147 [1] 21 [2] 25 [3] 5 [4] 4 [5] 0 | ||
| Hits@level+ = [0+] 202 [1+] 55 [2+] 34 [3+] 9 [4+] 4 [5+] 0 | ||
| Hits/KSLOC@level+ = [0+] 51.9681 [1+] 14.1497 [2+] 8.74711 [3+] 2.31541 [4+] 1.02907 [5+] 0 | ||
| Minimum risk level = 1 | ||
| Not every hit is necessarily a security vulnerability. | ||
| You can inhibit a report by adding a comment in this form: | ||
| // flawfinder: ignore | ||
| Make *sure* it's a false positive! | ||
| You can use the option --neverignore to show these. | ||
| There may be other security vulnerabilities; review your code! | ||
| See 'Secure Programming HOWTO' | ||
| (https://dwheeler.com/secure-programs) for more information. | ||
| ``` | ||
|
|
||
| ## Summary | ||
| * 55 :question: unclassified issues | ||
| * x :no_entry_sign: major issues | ||
| * y :warning: minor issues | ||
| * z :heavy_check_mark: false positives |