COMMAND : rats -w 3 Entries in perl database: 33 Entries in python database: 62 Entries in c database: 336 Entries in php database: 55 Analyzing /tmp/bogosec.temp_target.1iABuM/src/zomne.c /tmp/bogosec.temp_target.1iABuM/src/zomne.c:19: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:51: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:72: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:73: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:74: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:122: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:123: High: fixed size local buffer /tmp/bogosec.temp_target.1iABuM/src/zomne.c:124: High: fixed size local buffer Extra care should be taken to ensure that character arrays that are allocated on the stack are used safely. They are prime targets for buffer overflow attacks. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:45: High: printf Check to be sure that the non-constant format string passed as argument 1 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:61: High: sprintf /tmp/bogosec.temp_target.1iABuM/src/zomne.c:82: High: sprintf /tmp/bogosec.temp_target.1iABuM/src/zomne.c:108: High: sprintf /tmp/bogosec.temp_target.1iABuM/src/zomne.c:138: High: sprintf /tmp/bogosec.temp_target.1iABuM/src/zomne.c:155: High: sprintf /tmp/bogosec.temp_target.1iABuM/src/zomne.c:169: High: sprintf /tmp/bogosec.temp_target.1iABuM/src/zomne.c:172: High: sprintf Check to be sure that the format string passed as argument 2 to this function call does not come from an untrusted source that could have added formatting characters that the code is not prepared to handle. Additionally, the format string could contain `%s' without precision that could result in a buffer overflow. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:109: High: system Argument 1 to this function call should be checked to ensure that it does not come from an untrusted source without first verifying that it contains nothing dangerous. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:129: High: getenv Environment variables are highly untrustable input. They may be of any length, and contain any data. Do not make any assumptions regarding content or length. If at all possible avoid using them, and if it is necessary, sanitize them and truncate them to a reasonable length. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:162: Low: strlen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:163: Low: strlen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:164: Low: strlen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:165: Low: strlen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:173: Low: strlen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:173: Low: strlen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:176: Low: strlen This function does not properly handle non-NULL terminated strings. This does not result in exploitable code, but can lead to access violations. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:58: Low: fopen /tmp/bogosec.temp_target.1iABuM/src/zomne.c:83: Low: fopen A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:91: Low: opendir A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. /tmp/bogosec.temp_target.1iABuM/src/zomne.c:115: Low: unlink /tmp/bogosec.temp_target.1iABuM/src/zomne.c:180: Low: unlink A potential race condition vulnerability exists here. Normally a call to this function is vulnerable only when a match check precedes it. No check was detected, however one could still exist that could not be detected. Total lines analyzed: 184 Total time 0.000301 seconds 611295 lines per second