Flawfinder version 1.21, (C) 2001-2002 David A. Wheeler. Number of dangerous functions in C/C++ ruleset: 127 Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/base64.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/base64.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/cmdline.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/cmdline.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/sysexits.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/syslog.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/wsyslog.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/network.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/network.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-beos.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-bsd.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-lnx.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-sol.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.c Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.h Examining /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/version.h /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/cmdline.c:78 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/syslog.h:201 [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited. Use a constant format string for syslog. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/wsyslog.c:82 [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited. Use a constant format string for syslog. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/wsyslog.c:103 [4] (format) vsprintf: Potential format string problem. Make format string constant. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/wsyslog.c:126 [4] (format) sprintf: Potential format string problem. Make format string constant. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:116 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:167 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:170 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:183 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:187 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:191 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:69 [4] (shell) popen: This causes a new program to execute and is difficult to use safely. try using a library call that implements the same functionality if available. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:73 [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:85 [4] (shell) popen: This causes a new program to execute and is difficult to use safely. try using a library call that implements the same functionality if available. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:90 [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows. Specify a limit to %s, or use a different input function. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:109 [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:220 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:237 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:241 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:309 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:312 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:315 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:318 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:321 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:324 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:327 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:329 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:335 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:337 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:339 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:341 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:344 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:346 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:348 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:349 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:350 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:351 [4] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.c:54 [4] (format) vsprintf: Potential format string problem. Make format string constant. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.c:59 [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited. Use a constant format string for syslog. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.c:63 [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited. Use a constant for the format specification. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.h:36 [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited. Use a constant format string for syslog. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/cmdline.c:152 [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows . Check implementation on installation, or limit the size of all string inputs. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:521 [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows . Check implementation on installation, or limit the size of all string inputs. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/wsyslog.c:86 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/compat/wsyslog.c:120 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:56 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:57 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:59 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:60 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:63 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:64 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:361 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:362 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:363 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:371 [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:373 [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:375 [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h:53 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h:54 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h:56 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h:57 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h:60 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.h:61 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:69 [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:85 [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-bsd.c:121 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-lnx.c:62 [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-lnx.c:86 [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-sol.c:68 [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:69 [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:101 [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:59 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:61 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:64 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:84 [2] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:122 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:94 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:102 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:106 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:114 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:118 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:122 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:128 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:132 [2] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-w2k.c:135 [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination. Consider using strncpy or strlcpy (warning, strncpy is easily misused). Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:155 [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination. Make sure destination can always hold the source data. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:189 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:190 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:192 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:216 [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination. Make sure destination can always hold the source data. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:290 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:291 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:292 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:293 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:294 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:295 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:369 [2] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:371 [2] (buffer) sprintf: Does not check for buffer overflows. Use snprintf or vsnprintf. Risk is low because the source has a constant maximum length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:427 [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents?. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/uplog.c:51 [2] (buffer) char: Statically-sized arrays can be overflowed. Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/base64.c:66 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/cmdline.c:75 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/network.c:76 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/network.h:40 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/network.h:48 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:115 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:270 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/options.c:389 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:73 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:102 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:121 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:133 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:135 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:142 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:144 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:146 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:149 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:151 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:153 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:155 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:158 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-aix.c:159 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-beos.c:78 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-beos.c:80 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-beos.c:85 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-bsd.c:105 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-bsd.c:107 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-lnx.c:115 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-lnx.c:117 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-lnx.c:122 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-sol.c:78 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:81 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:91 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:105 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:109 [1] (buffer) read: Check buffer boundaries if used in a loop. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:123 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:126 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:129 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:134 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-ult.c:137 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. Risk is low because the source is a constant string. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:120 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:126 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/stats-uxw.c:131 [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers. /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:169 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:238 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:242 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:253 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). /Users/carsten/Desktop/development/upclient/upclient-5.0b5CVS/src/upclient.c:259 [1] (buffer) strlen: Does not handle strings that are not \0-terminated (it could cause a crash if unprotected). Number of hits = 148 Number of Lines Analyzed = 3761 in 2.03 seconds (2464 lines/second) Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code!