COMMAND : rats -w 3 Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:255: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:473: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:487: High: fprintf Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:372: High: printf /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:374: High: printf /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:376: High: printf /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:459: High: printf Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:402: High: getopt_long Truncate all input strings to a reasonable length before passing them to this function /tmp/bogosec.temp_target.wrQWGM/src/getfattr/getfattr.c:395: Low: basename A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. Total lines analyzed: 493 Total time 0.000493 seconds 999999 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:54: High: strcpy /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:56: High: strcpy /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:58: High: strcpy /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:60: High: strcpy /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:98: High: strcpy Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow. /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:62: High: strcat Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow. /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:108: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:132: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:153: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:180: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:203: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:223: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:272: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:273: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:318: High: fixed size local buffer /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:319: High: fixed size local buffer Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks. /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:48: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:71: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:76: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:81: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:86: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:248: Low: strlen This function does not properly handle non-NULL terminated strings. This does not result in exploitable code, but can lead to access violations. /tmp/bogosec.temp_target.wrQWGM/src/libattr/libattr.c:258: Low: strncpy Double check that your buffer is as big as you specify. When using functions that accept a number n of bytes to copy, such as strncpy, be aware that if the dest buffer size = n it may not NULL-terminate the string. Also, consider using strlcpy() instead, if it is avaialable to you. Total lines analyzed: 435 Total time 0.000457 seconds 951860 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libattr/syscalls.c Total lines analyzed: 264 Total time 0.000201 seconds 1313432 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libattr/attr_copy_check.c Total lines analyzed: 55 Total time 0.000127 seconds 433070 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000022 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libattr/attr_copy_fd.c /tmp/bogosec.temp_target.wrQWGM/src/libattr/attr_copy_fd.c:124: Medium: realloc Don't use on memory intended to be secure, because the old structure will not be zeroed out. Total lines analyzed: 178 Total time 0.000225 seconds 791111 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libattr/attr_copy_file.c /tmp/bogosec.temp_target.wrQWGM/src/libattr/attr_copy_file.c:122: Medium: realloc Don't use on memory intended to be secure, because the old structure will not be zeroed out. Total lines analyzed: 176 Total time 0.000214 seconds 822429 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:45: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:82: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:91: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:99: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:108: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:117: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:136: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:143: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:171: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:194: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:212: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:229: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:251: High: fprintf Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:78: High: getopt Truncate all input strings to a reasonable length before passing them to this function /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:176: High: printf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:199: High: printf /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:239: High: printf Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:165: Low: strlen This function does not properly handle non-NULL terminated strings. This does not result in exploitable code, but can lead to access violations. /tmp/bogosec.temp_target.wrQWGM/src/attr/attr.c:65: Low: basename A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. Total lines analyzed: 259 Total time 0.000296 seconds 874999 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c:172: High: strcpy /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c:220: High: strcpy Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow. /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c:205: High: fixed size local buffer Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks. /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c:78: Medium: lstat A potential TOCTOU (Time Of Check, Time Of Use) vulnerability exists. This is the first line where a check has occured. The following line(s) contain uses that may match up with this check: 122 (opendir), 178 (opendir) /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c:164: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/libmisc/walk_tree.c:216: Low: strlen This function does not properly handle non-NULL terminated strings. This does not result in exploitable code, but can lead to access violations. Total lines analyzed: 223 Total time 0.000281 seconds 793594 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libmisc/high_water_alloc.c /tmp/bogosec.temp_target.wrQWGM/src/libmisc/high_water_alloc.c:37: Medium: realloc Don't use on memory intended to be secure, because the old structure will not be zeroed out. Total lines analyzed: 46 Total time 0.000099 seconds 464646 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libmisc/quote.c Total lines analyzed: 59 Total time 0.000141 seconds 418439 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libmisc/next_line.c /tmp/bogosec.temp_target.wrQWGM/src/libmisc/next_line.c:22: Low: fgets Double check that your buffer is as big as you specify. When using functions that accept a number n of bytes to copy, such as strncpy, be aware that if the dest buffer size = n it may not NULL-terminate the string. Total lines analyzed: 41 Total time 0.000102 seconds 401960 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/libmisc/unquote.c Total lines analyzed: 56 Total time 0.000121 seconds 462809 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/examples/copyattr.c /tmp/bogosec.temp_target.wrQWGM/src/examples/copyattr.c:42: High: vfprintf Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/examples/copyattr.c:95: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/examples/copyattr.c:114: High: fprintf Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Total lines analyzed: 123 Total time 0.000168 seconds 732142 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000021 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000024 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000017 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000022 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000015 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Total lines analyzed: 0 Total time 0.000018 seconds 0 lines per second Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:123: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:127: High: fprintf /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:253: High: fprintf Check to be sure that the non-constant format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:142: High: strcpy Check to be sure that argument 2 passed to this function call will not copy more data than can be handled, resulting in a buffer overflow. /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:174: High: printf /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:175: High: printf /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:176: High: printf /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:177: High: printf /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:231: High: printf Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:198: High: getopt_long Truncate all input strings to a reasonable length before passing them to this function /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:137: Low: strlen /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:266: Low: strlen This function does not properly handle non-NULL terminated strings. This does not result in exploitable code, but can lead to access violations. /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:106: Low: fopen A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. /tmp/bogosec.temp_target.wrQWGM/src/setfattr/setfattr.c:191: Low: basename A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. Total lines analyzed: 463 Total time 0.000457 seconds 1013129 lines per second