┌─[shirish@debian] - [~/games/I-Nex] - [10043]
└─[$] flawfinder -Q -c .
Flawfinder version 1.31, (C) 2001-2014 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 169
./JSON/i-nex-edid.c:137: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[4];
./JSON/i-nex-edid.c:153: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char empty[3] = { 0, 0, 0 };
./JSON/i-nex-edid.c:211: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ret[128];
./JSON/i-nex-edid.c:241: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char name[53];
./JSON/i-nex-edid.c:1587: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
./JSON/i-nex-edid.c:1621: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
./JSON/i-nex-edid.c:1683: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119:CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
./JSON/i-nex-edid.c:1776: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(argv[1], O_RDONLY)) == -1) {
./JSON/i-nex-edid.c:1783: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(argv[1], O_RDONLY)) == -1) {
./JSON/i-nex-edid.c:1787: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ofd = open(argv[2], O_WRONLY)) == -1) {
./JSON/i-nex-edid.c:319: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
resizing strings.
strncat((char *)name, (char *)x + 5, 13);
./JSON/i-nex-edid.c:324: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)name)));
./JSON/i-nex-edid.c:1521: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fd, ret + len, size - len);
./JSON/i-nex-edid.c:1576: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start = s + strlen(indentation);
./JSON/i-nex-edid.c:1735: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(name); i < 15; i++)
ANALYSIS SUMMARY:
Hits = 15
Lines analyzed = 3128 in approximately 0.39 seconds (7995 lines/second)
Physical Source Lines of Code (SLOC) = 2745
Hits@level = [0] 0 [1] 5 [2] 10 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 15 [1+] 15 [2+] 10 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.46448 [1+] 5.46448 [2+] 3.64299 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 7 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming for Linux and Unix HOWTO'
(http://www.dwheeler.com/secure-programs) for more information.
While I don't understand the code, it seems that some of the things therein could be improved perhaps.
See http://www.dwheeler.com/flawfinder/ .
I did the following -
While I don't understand the code, it seems that some of the things therein could be improved perhaps.