Rewrite print_multi_line. It's now shorter, faster, and formats better

2014-07-19 16:42:14 -04:00 · 2014-07-19 16:42:14 -04:00 · 7112bf164c
parent f9a6fdd314
commit 7112bf164c
3 changed files with 224 additions and 190 deletions
--- a/correct-results.html
+++ b/correct-results.html
@ -15,248 +15,289 @@ Number of dangerous functions in C/C++ ruleset: 160
 <p>
 Examining test.c <br>
 Examining test2.c <br>
 <h2>Final Results</h2>
 <ul>
 <li>test.c:32: <b>  [5] </b> (buffer) <i> gets:
-  Does not check for buffer overflows (CWE-120). Use fgets() instead.  </i>
+  Does not check for buffer overflows (<a
  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
  fgets() instead. </i>
 <pre>
 gets(f);
 </pre>
 <li>test.c:56: <b>  [5] </b> (buffer) <i> strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
+  Easily used incorrectly (e.g., incorrectly computing the correct maximum
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
+  size to add) (<a
-  resizing strings. Risk is high; the length parameter appears to be a
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  constant, instead of computing the number of characters left. </i>
+  Consider strcat_s, strlcat, or automatically resizing strings. Risk is
  high; the length parameter appears to be a constant, instead of computing
  the number of characters left. </i>
 <pre>
  strncat(d,s,sizeof(d)); /* Misuse - this should be flagged as riskier. */
 </pre>
 <li>test.c:57: <b>  [5] </b> (buffer) <i> _tcsncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
+  Easily used incorrectly (e.g., incorrectly computing the correct maximum
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
+  size to add) (<a
-  resizing strings. Risk is high; the length parameter appears to be a
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  constant, instead of computing the number of characters left. </i>
+  Consider strcat_s, strlcat, or automatically resizing strings. Risk is
  high; the length parameter appears to be a constant, instead of computing
  the number of characters left. </i>
 <pre>
  _tcsncat(d,s,sizeof(d)); /* Misuse - flag as riskier */
 </pre>
 <li>test.c:60: <b>  [5] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (<a
-  high, it appears that the size is given as bytes, but the function
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
-  requires size as characters. </i>
+  high, it appears that the size is given as bytes, but the function requires
  size as characters. </i>
 <pre>
  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName));
 </pre>
 <li>test.c:62: <b>  [5] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (<a
-  high, it appears that the size is given as bytes, but the function
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
-  requires size as characters. </i>
+  high, it appears that the size is given as bytes, but the function requires
  size as characters. </i>
 <pre>
  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName);
 </pre>
 <li>test.c:73: <b>  [5] </b> (misc) <i> SetSecurityDescriptorDacl:
  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
-  Access), which would even forbid administrator access (CWE-732).  </i>
+  Access), which would even forbid administrator access (<a
  href="http://cwe.mitre.org/data/definitions/732.html">CWE-732</a>). </i>
 <pre>
  SetSecurityDescriptorDacl(&amp;sd,TRUE,NULL,FALSE);
 </pre>
 <li>test.c:73: <b>  [5] </b> (misc) <i> SetSecurityDescriptorDacl:
  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
-  Access), which would even forbid administrator access (CWE-732).  </i>
+  Access), which would even forbid administrator access (<a
  href="http://cwe.mitre.org/data/definitions/732.html">CWE-732</a>). </i>
 <pre>
  SetSecurityDescriptorDacl(&amp;sd,TRUE,NULL,FALSE);
 </pre>
 <li>test.c:17: <b>  [4] </b> (buffer) <i> strcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (<a
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  easily misused).  </i>
+  Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily
  misused). </i>
 <pre>
 strcpy(b, a);
 </pre>
 <li>test.c:20: <b>  [4] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (<a
-  snprintf, or vsnprintf.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
  sprintf_s, snprintf, or vsnprintf. </i>
 <pre>
 sprintf(s, "hello %s", bug);
 </pre>
 <li>test.c:21: <b>  [4] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (<a
-  snprintf, or vsnprintf.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
  sprintf_s, snprintf, or vsnprintf. </i>
 <pre>
 sprintf(s, gettext("hello %s"), bug);
 </pre>
 <li>test.c:22: <b>  [4] </b> (format) <i> sprintf:
-  Potential format string problem (CWE-134). Make format string
+  Potential format string problem (<a
-  constant.  </i>
+  href="http://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Make
  format string constant. </i>
 <pre>
 sprintf(s, unknown, bug);
 </pre>
 <li>test.c:23: <b>  [4] </b> (format) <i> printf:
-  If format strings can be influenced by an attacker, they can be
+  If format strings can be influenced by an attacker, they can be exploited
-  exploited (CWE-134). Use a constant for the format specification.  </i>
+  (<a href="http://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Use
  a constant for the format specification. </i>
 <pre>
 printf(bf, x);
 </pre>
 <li>test.c:25: <b>  [4] </b> (buffer) <i> scanf:
-  The scanf() family's %s operation, without a limit specification,
+  The scanf() family's %s operation, without a limit specification, permits
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
+  buffer overflows (<a
-  different input function.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Specify
  a limit to %s, or use a different input function. </i>
 <pre>
 scanf("%s", s);
 </pre>
 <li>test.c:27: <b>  [4] </b> (buffer) <i> scanf:
-  The scanf() family's %s operation, without a limit specification,
+  The scanf() family's %s operation, without a limit specification, permits
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
+  buffer overflows (<a
-  different input function.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Specify
  a limit to %s, or use a different input function. </i>
 <pre>
 scanf("%s", s);
 </pre>
 <li>test.c:38: <b>  [4] </b> (format) <i> syslog:
-  If syslog's format strings can be influenced by an attacker, they can
+  If syslog's format strings can be influenced by an attacker, they can be
-  be exploited (CWE-134). Use a constant format string for syslog.  </i>
+  exploited (<a
  href="http://cwe.mitre.org/data/definitions/134.html">CWE-134</a>). Use a
  constant format string for syslog. </i>
 <pre>
 syslog(LOG_ERR, attacker_string);
 </pre>
 <li>test.c:49: <b>  [4] </b> (buffer) <i> _mbscpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (<a
-  (CWE-120). Consider using a function version that stops copying at the end of
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  the buffer.  </i>
+  Consider using a function version that stops copying at the end of the
  buffer. </i>
 <pre>
  _mbscpy(d,s); /* like strcpy, this doesn't check for buffer overflow */
 </pre>
 <li>test.c:52: <b>  [4] </b> (buffer) <i> lstrcat:
-  Does not check for buffer overflows when concatenating to destination
+  Does not check for buffer overflows when concatenating to destination (<a
-  (CWE-120).  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
 <pre>
  lstrcat(d,s);
 </pre>
 <li>test.c:75: <b>  [3] </b> (shell) <i> CreateProcess:
-  This causes a new process to execute and is difficult to use safely
+  This causes a new process to execute and is difficult to use safely (<a
-  (CWE-78). Specify the application path in the first argument, NOT as part
+  href="http://cwe.mitre.org/data/definitions/78.html">CWE-78</a>). Specify
-  of the second, or embedded spaces could allow an attacker to force a
+  the application path in the first argument, NOT as part of the second, or
-  different program to run.  </i>
+  embedded spaces could allow an attacker to force a different program to
  run. </i>
 <pre>
  CreateProcess(NULL, "C:\\Program Files\\GoodGuy\\GoodGuy.exe -x", "");
 </pre>
 <li>test.c:75: <b>  [3] </b> (shell) <i> CreateProcess:
-  This causes a new process to execute and is difficult to use safely
+  This causes a new process to execute and is difficult to use safely (<a
-  (CWE-78). Specify the application path in the first argument, NOT as part
+  href="http://cwe.mitre.org/data/definitions/78.html">CWE-78</a>). Specify
-  of the second, or embedded spaces could allow an attacker to force a
+  the application path in the first argument, NOT as part of the second, or
-  different program to run.  </i>
+  embedded spaces could allow an attacker to force a different program to
  run. </i>
 <pre>
  CreateProcess(NULL, "C:\\Program Files\\GoodGuy\\GoodGuy.exe -x", "");
 </pre>
 <li>test.c:91: <b>  [3] </b> (buffer) <i> getopt_long:
-  Some older implementations do not protect against internal buffer
+  Some older implementations do not protect against internal buffer overflows
-  overflows (CWE-120). Check implementation on installation, or limit the
+  (<a href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  size of all string inputs.  </i>
+  Check implementation on installation, or limit the size of all string
  inputs. </i>
 <pre>
    while ((optc = getopt_long (argc, argv, "a",longopts, NULL )) != EOF) {
 </pre>
 <li>test.c:16: <b>  [2] </b> (buffer) <i> strcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (<a
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  easily misused). Risk is low because the source is a constant string. </i>
+  Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily
  misused). Risk is low because the source is a constant string. </i>
 <pre>
 strcpy(a, gettext("Hello there")); // Did this work?
 </pre>
 <li>test.c:19: <b>  [2] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (<a
-  snprintf, or vsnprintf. Risk is low because the source has a constant maximum
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
-  length. </i>
+  sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a
  constant maximum length. </i>
 <pre>
 sprintf(s, "hello");
 </pre>
 <li>test.c:45: <b>  [2] </b> (buffer) <i> char:
-  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
+  Statically-sized arrays can be overflowed (<a
-  checking, use functions that limit length, or ensure that the size is
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Perform
-  larger than the maximum possible length (CWE-119).  </i>
+  bounds checking, use functions that limit length, or ensure that the size
  is larger than the maximum possible length (CWE-119). </i>
 <pre>
  char d[20];
 </pre>
 <li>test.c:46: <b>  [2] </b> (buffer) <i> char:
-  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
+  Statically-sized arrays can be overflowed (<a
-  checking, use functions that limit length, or ensure that the size is
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Perform
-  larger than the maximum possible length (CWE-119).  </i>
+  bounds checking, use functions that limit length, or ensure that the size
  is larger than the maximum possible length (CWE-119). </i>
 <pre>
  char s[20];
 </pre>
 <li>test.c:50: <b>  [2] </b> (buffer) <i> memcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (<a
-  (CWE-120). Make sure destination can always hold the source data.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Make
  sure destination can always hold the source data. </i>
 <pre>
  memcpy(d,s);
 </pre>
 <li>test.c:51: <b>  [2] </b> (buffer) <i> CopyMemory:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (<a
-  (CWE-120). Make sure destination can always hold the source data.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Make
  sure destination can always hold the source data. </i>
 <pre>
  CopyMemory(d,s);
 </pre>
 <li>test.c:97: <b>  [2] </b> (misc) <i> fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
-  force the opening of special file type (e.g., device files), move
+  force the opening of special file type (e.g., device files), move things
-  things around to create a race condition, control its ancestors, or change
+  around to create a race condition, control its ancestors, or change its
-  its contents? (CWE-362).  </i>
+  contents? (<a
  href="http://cwe.mitre.org/data/definitions/362.html">CWE-362</a>). </i>
 <pre>
  f = fopen("/etc/passwd", "r"); 
 </pre>
 <li>test.c:15: <b>  [1] </b> (buffer) <i> strcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (<a
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
-  easily misused). Risk is low because the source is a constant
+  Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily
-  character. </i>
+  misused). Risk is low because the source is a constant character. </i>
 <pre>
 strcpy(a, "\n"); // Did this work?
 </pre>
 <li>test.c:18: <b>  [1] </b> (buffer) <i> sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (<a
-  snprintf, or vsnprintf. Risk is low because the source is a constant character. </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Use
  sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a
  constant character. </i>
 <pre>
 sprintf(s, "\n");
 </pre>
 <li>test.c:26: <b>  [1] </b> (buffer) <i> scanf:
-  it's unclear if the %s limit in the format string is small enough
+  It's unclear if the %s limit in the format string is small enough (<a
-  (CWE-120). Check that the limit is sufficiently small, or use a different
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Check
-  input function.  </i>
+  that the limit is sufficiently small, or use a different input function. </i>
 <pre>
 scanf("%10s", s);
 </pre>
 <li>test.c:53: <b>  [1] </b> (buffer) <i> strncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
+  Easily used incorrectly; doesn't always \0-terminate or check for invalid
-  invalid pointers (CWE-120).  </i>
+  pointers (<a
  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
 <pre>
  strncpy(d,s);
 </pre>
 <li>test.c:54: <b>  [1] </b> (buffer) <i> _tcsncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
+  Easily used incorrectly; doesn't always \0-terminate or check for invalid
-  invalid pointers (CWE-120).  </i>
+  pointers (<a
  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). </i>
 <pre>
  _tcsncpy(d,s);
 </pre>
 <li>test.c:55: <b>  [1] </b> (buffer) <i> strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
+  Easily used incorrectly (e.g., incorrectly computing the correct maximum
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
+  size to add) (<a
-  resizing strings.  </i>
+  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>).
  Consider strcat_s, strlcat, or automatically resizing strings. </i>
 <pre>
  strncat(d,s,10);
 </pre>
 <li>test.c:58: <b>  [1] </b> (buffer) <i> strlen:
-  Does not handle strings that are not \0-terminated (it could cause a
+  Does not handle strings that are not \0-terminated (it could cause a crash
-  crash if unprotected) (CWE-119).  </i>
+  if unprotected) (<a
  href="http://cwe.mitre.org/data/definitions/119.html">CWE-119</a>). </i>
 <pre>
  n = strlen(d);
 </pre>
 <li>test.c:64: <b>  [1] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (<a
  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
  very low, the length appears to be in characters not bytes. </i>
 <pre>
  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof(wszUserName)/sizeof(wszUserName[0]));
 </pre>
 <li>test.c:66: <b>  [1] </b> (buffer) <i> MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (<a
  href="http://cwe.mitre.org/data/definitions/120.html">CWE-120</a>). Risk is
  very low, the length appears to be in characters not bytes. </i>
 <pre>
  MultiByteToWideChar(CP_ACP,0,szName,-1,wszUserName,sizeof wszUserName /sizeof(wszUserName[0]));
 </pre>
 </ul>
 <h2>Analysis Summary</h2>
 <p>
 Hits = 36
 <br>
--- a/correct-results.txt
+++ b/correct-results.txt
@ -2,26 +2,29 @@ Flawfinder version 1.29, (C) 2001-2014 David A. Wheeler.
 Number of dangerous functions in C/C++ ruleset: 160
 Examining test.c
 Examining test2.c
 FINAL RESULTS:
 test.c:32:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120). Use fgets() instead.
 test.c:56:  [5] (buffer) strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
+  Easily used incorrectly (e.g., incorrectly computing the correct maximum
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
+  size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
  resizing strings. Risk is high; the length parameter appears to be a
  constant, instead of computing the number of characters left.
 test.c:57:  [5] (buffer) _tcsncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
+  Easily used incorrectly (e.g., incorrectly computing the correct maximum
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
+  size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
  resizing strings. Risk is high; the length parameter appears to be a
  constant, instead of computing the number of characters left.
 test.c:60:  [5] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is high,
-  high, it appears that the size is given as bytes, but the function
+  it appears that the size is given as bytes, but the function requires size
-  requires size as characters.
+  as characters.
 test.c:62:  [5] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is high,
-  high, it appears that the size is given as bytes, but the function
+  it appears that the size is given as bytes, but the function requires size
-  requires size as characters.
+  as characters.
 test.c:73:  [5] (misc) SetSecurityDescriptorDacl:
  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
  Access), which would even forbid administrator access (CWE-732).
@ -29,36 +32,35 @@ test.c:73:  [5] (misc) SetSecurityDescriptorDacl:
  Never create NULL ACLs; an attacker can set it to Everyone (Deny All
  Access), which would even forbid administrator access (CWE-732).
 test.c:17:  [4] (buffer) strcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (CWE-120).
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
+  Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily
-  easily misused). 
+  misused).
 test.c:20:  [4] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
-  snprintf, or vsnprintf. 
+  vsnprintf.
 test.c:21:  [4] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
-  snprintf, or vsnprintf. 
+  vsnprintf.
 test.c:22:  [4] (format) sprintf:
-  Potential format string problem (CWE-134). Make format string
+  Potential format string problem (CWE-134). Make format string constant.
  constant. 
 test.c:23:  [4] (format) printf:
-  If format strings can be influenced by an attacker, they can be
+  If format strings can be influenced by an attacker, they can be exploited
-  exploited (CWE-134). Use a constant for the format specification. 
+  (CWE-134). Use a constant for the format specification.
 test.c:25:  [4] (buffer) scanf:
-  The scanf() family's %s operation, without a limit specification,
+  The scanf() family's %s operation, without a limit specification, permits
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
+  buffer overflows (CWE-120). Specify a limit to %s, or use a different input
-  different input function. 
+  function.
 test.c:27:  [4] (buffer) scanf:
-  The scanf() family's %s operation, without a limit specification,
+  The scanf() family's %s operation, without a limit specification, permits
-  permits buffer overflows (CWE-120). Specify a limit to %s, or use a
+  buffer overflows (CWE-120). Specify a limit to %s, or use a different input
-  different input function. 
+  function.
 test.c:38:  [4] (format) syslog:
-  If syslog's format strings can be influenced by an attacker, they can
+  If syslog's format strings can be influenced by an attacker, they can be
-  be exploited (CWE-134). Use a constant format string for syslog. 
+  exploited (CWE-134). Use a constant format string for syslog.
 test.c:49:  [4] (buffer) _mbscpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (CWE-120).
-  (CWE-120). Consider using a function version that stops copying at the end of
+  Consider using a function version that stops copying at the end of the
-  the buffer. 
+  buffer.
 test.c:52:  [4] (buffer) lstrcat:
  Does not check for buffer overflows when concatenating to destination
  (CWE-120).
@ -73,17 +75,16 @@ test.c:75:  [3] (shell) CreateProcess:
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
 test.c:91:  [3] (buffer) getopt_long:
-  Some older implementations do not protect against internal buffer
+  Some older implementations do not protect against internal buffer overflows
-  overflows (CWE-120). Check implementation on installation, or limit the
+  (CWE-120). Check implementation on installation, or limit the size of all
-  size of all string inputs. 
+  string inputs.
 test.c:16:  [2] (buffer) strcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (CWE-120).
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
+  Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily
-  easily misused). Risk is low because the source is a constant string.
+  misused). Risk is low because the source is a constant string.
 test.c:19:  [2] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
-  snprintf, or vsnprintf. Risk is low because the source has a constant maximum
+  vsnprintf. Risk is low because the source has a constant maximum length.
  length.
 test.c:45:  [2] (buffer) char:
  Statically-sized arrays can be overflowed (CWE-120). Perform bounds
  checking, use functions that limit length, or ensure that the size is
@ -93,47 +94,48 @@ test.c:46:  [2] (buffer) char:
  checking, use functions that limit length, or ensure that the size is
  larger than the maximum possible length (CWE-119).
 test.c:50:  [2] (buffer) memcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (CWE-120).
-  (CWE-120). Make sure destination can always hold the source data. 
+  Make sure destination can always hold the source data.
 test.c:51:  [2] (buffer) CopyMemory:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (CWE-120).
-  (CWE-120). Make sure destination can always hold the source data. 
+  Make sure destination can always hold the source data.
 test.c:97:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
-  force the opening of special file type (e.g., device files), move
+  force the opening of special file type (e.g., device files), move things
-  things around to create a race condition, control its ancestors, or change
+  around to create a race condition, control its ancestors, or change its
-  its contents? (CWE-362). 
+  contents? (CWE-362).
 test.c:15:  [1] (buffer) strcpy:
-  Does not check for buffer overflows when copying to destination
+  Does not check for buffer overflows when copying to destination (CWE-120).
-  (CWE-120). Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is
+  Consider using strcpy_s, strncpy, or strlcpy (warning, strncpy is easily
-  easily misused). Risk is low because the source is a constant
+  misused). Risk is low because the source is a constant character.
  character.
 test.c:18:  [1] (buffer) sprintf:
-  Does not check for buffer overflows (CWE-120). Use sprintf_s,
+  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
-  snprintf, or vsnprintf. Risk is low because the source is a constant character.
+  vsnprintf. Risk is low because the source is a constant character.
 test.c:26:  [1] (buffer) scanf:
-  it's unclear if the %s limit in the format string is small enough
+  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
 test.c:53:  [1] (buffer) strncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
+  Easily used incorrectly; doesn't always \0-terminate or check for invalid
-  invalid pointers (CWE-120). 
+  pointers (CWE-120).
 test.c:54:  [1] (buffer) _tcsncpy:
-  Easily used incorrectly; doesn't always \0-terminate or check for
+  Easily used incorrectly; doesn't always \0-terminate or check for invalid
-  invalid pointers (CWE-120). 
+  pointers (CWE-120).
 test.c:55:  [1] (buffer) strncat:
-  Easily used incorrectly (e.g., incorrectly computing the correct
+  Easily used incorrectly (e.g., incorrectly computing the correct maximum
-  maximum size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
+  size to add) (CWE-120). Consider strcat_s, strlcat, or automatically
  resizing strings.
 test.c:58:  [1] (buffer) strlen:
-  Does not handle strings that are not \0-terminated (it could cause a
+  Does not handle strings that are not \0-terminated (it could cause a crash
-  crash if unprotected) (CWE-119). 
+  if unprotected) (CWE-119).
 test.c:64:  [1] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
-  very low, the length appears to be in characters not bytes.
+  low, the length appears to be in characters not bytes.
 test.c:66:  [1] (buffer) MultiByteToWideChar:
-  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is
+  Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
-  very low, the length appears to be in characters not bytes.
+  low, the length appears to be in characters not bytes.
 ANALYSIS SUMMARY:
 Hits = 36
 Lines analyzed = 118
--- a/33
+++ b/33
@ -270,29 +270,20 @@ def h(s):
 def print_multi_line(text):
  # Print text as multiple indented lines.
-  width = 72
+  width = 78
  prefix = " "
  starting_position = len(prefix) + 1
-  printed_something = 0  # Have we printed on this line?
+  #
  position = starting_position
  nextword = ""
  print prefix,
-  for c in text:
+  position = starting_position
-    if (c == " "):
+  #
-      print nextword,
+  for w in text.split():
-      position = position + 1 # account for space we just printed.
+    if len(w) + position >= width:
-      printed_something = 1
+      print
-      nextword = ""
+      print prefix,
-    else: # NonSpace.
+      position = starting_position
-      nextword = nextword + c
+    print w,
-      position = position + 1
+    position = position + len(w) + 1
      if position > width: # Whups, out of space
        if (printed_something):  # We've printed something out.
          print # Done with this line, move to next.
          print prefix,
          position = starting_position
  print nextword, # Print remainder (can be overlong if no spaces)
 # This matches references to CWE identifiers, so we can HTMLize them.
 # We don't refer to CWE-1 through CWE-9, so we'll only match on 2+ digits.
@ -639,7 +630,7 @@ def c_scanf(hit):
      elif p_low_risk_scanf_format.search(source):
        # This is often okay, but sometimes extremely serious.
        hit.level = 1
-        hit.warning = "it's unclear if the %s limit in the format string is small enough (CWE-120)"
+        hit.warning = "It's unclear if the %s limit in the format string is small enough (CWE-120)"
        hit.suggestion = "Check that the limit is sufficiently small, or use a different input function"
      else:
        # No risky scanf request.