The goal is to get a clean compile, in addition to a rich
feature set.  Below are code and security issues found by
automated tools for this version on Duh DRAW.  Please
feel free to attack them.

As of 04-Sep-2002, TheDRAW v4.63 may be downloaded from
http://www.simtel.net/pub/dl/49632.html -- consider it
the specification for this clone.



duhdraw.c: (in function myreaddir)
duhdraw.c:224:24: Passed storage status.st_dev contains 1 undefined field:
                     __val
  Storage derivable from a parameter, return value or global is not defined.
  Use /*@out@*/ to denote passed or returned storage which need not be defined.
  (Use -compdef to inhibit warning)
duhdraw.c:224:24: Passed storage status.st_rdev contains 1 undefined field:
                     __val
duhdraw.c:224:24: Passed storage status contains 18 undefined fields:
                     __pad1, st_ino, st_mode, st_nlink, ...
duhdraw.c:257:24: Value *date used before definition
  An rvalue is used that may not be initialized to a value on some execution
  path. (Use -usedef to inhibit warning)
duhdraw.c:269:2: Fresh storage dirp not released before return
  A memory leak has been detected. Storage allocated locally is not released
  before the last reference to it is lost. (Use -mustfreefresh to inhibit
  warning)
   duhdraw.c:215:3: Fresh storage dirp allocated
duhdraw.c:269:2: Fresh storage firp not released before return
   duhdraw.c:218:15: Fresh storage firp allocated
duhdraw.c: (in function mygetchar)
duhdraw.c:336:10: Suspected infinite loop.  No value used in loop test (ex) is
                     modified by test or loop body.
  This appears to be an infinite loop. Nothing in the body of the loop or the
  loop test modifies the value of the loop test. Perhaps the specification of a
  function called in the loop body is missing a modification. (Use -infloops to
  inhibit warning)
duhdraw.c:638:10: Variable c used before definition
duhdraw.c: (in function getdatetime)
duhdraw.c:701:3: Observer storage assigned to unqualified reference:
                    amtime = localtime(&timer)
  Observer storage is transferred to a non-observer reference. (Use
  -observertrans to inhibit warning)
duhdraw.c: (in function center)
duhdraw.c:838:15: Passed storage spewbuf not completely defined (*spewbuf is
                     undefined): strlen (spewbuf)
duhdraw.c: (in function savefile)
duhdraw.c:2166:3: Dependent storage assigned to unqualified:
                     fileout = fopen(input, "wb")
  Dependent storage is transferred to a non-dependent reference. (Use
  -dependenttrans to inhibit warning)
duhdraw.c: (in function copyblock)
duhdraw.c:3228:31: Passed storage block_buffer not completely defined
    (*block_buffer is undefined): copy_block_from_edit_buffer (block_buffer)



Security issues:

duhdraw.c:1752:(Urgent) fprintf
duhdraw.c:1772:(Urgent) fprintf
duhdraw.c:1776:(Urgent) fprintf
duhdraw.c:1780:(Urgent) fprintf
duhdraw.c:1782:(Urgent) fprintf
duhdraw.c:1784:(Urgent) fprintf
duhdraw.c:1791:(Urgent) fprintf
duhdraw.c:1793:(Urgent) fprintf
duhdraw.c:1795:(Urgent) fprintf
duhdraw.c:1805:(Urgent) fprintf
duhdraw.c:1813:(Urgent) fprintf
duhdraw.c:1821:(Urgent) fprintf
duhdraw.c:1837:(Urgent) fprintf
duhdraw.c:1841:(Urgent) fprintf
duhdraw.c:1890:(Urgent) fprintf
duhdraw.c:1897:(Urgent) fprintf
duhdraw.c:2173:(Urgent) fprintf
duhdraw.c:2176:(Urgent) fprintf
duhdraw.c:2193:(Urgent) fprintf
Non-constant format strings can often be attacked.
Use a constant format string.
----------------
duhdraw.c:274:(Urgent) printf
duhdraw.c:276:(Urgent) printf
duhdraw.c:278:(Urgent) printf
duhdraw.c:279:(Urgent) printf
duhdraw.c:281:(Urgent) printf
duhdraw.c:283:(Urgent) printf
duhdraw.c:284:(Urgent) printf
duhdraw.c:291:(Urgent) printf
duhdraw.c:292:(Urgent) printf
duhdraw.c:298:(Urgent) printf
duhdraw.c:318:(Urgent) printf
duhdraw.c:324:(Urgent) printf
duhdraw.c:668:(Urgent) printf
duhdraw.c:669:(Urgent) printf
duhdraw.c:671:(Urgent) printf
duhdraw.c:672:(Urgent) printf
duhdraw.c:674:(Urgent) printf
duhdraw.c:676:(Urgent) printf
duhdraw.c:678:(Urgent) printf
duhdraw.c:679:(Urgent) printf
duhdraw.c:725:(Urgent) printf
duhdraw.c:726:(Urgent) printf
duhdraw.c:732:(Urgent) printf
duhdraw.c:733:(Urgent) printf
duhdraw.c:739:(Urgent) printf
duhdraw.c:740:(Urgent) printf
duhdraw.c:746:(Urgent) printf
duhdraw.c:747:(Urgent) printf
duhdraw.c:757:(Urgent) printf
duhdraw.c:765:(Urgent) printf
duhdraw.c:860:(Urgent) printf
duhdraw.c:864:(Urgent) printf
duhdraw.c:868:(Urgent) printf
duhdraw.c:884:(Urgent) printf
duhdraw.c:900:(Urgent) printf
duhdraw.c:902:(Urgent) printf
duhdraw.c:903:(Urgent) printf
duhdraw.c:910:(Urgent) printf
duhdraw.c:912:(Urgent) printf
duhdraw.c:931:(Urgent) printf
duhdraw.c:935:(Urgent) printf
duhdraw.c:950:(Urgent) printf
duhdraw.c:959:(Urgent) printf
duhdraw.c:995:(Urgent) printf
duhdraw.c:1015:(Urgent) printf
duhdraw.c:1023:(Urgent) printf
duhdraw.c:1028:(Urgent) printf
duhdraw.c:1030:(Urgent) printf
duhdraw.c:1036:(Urgent) printf
duhdraw.c:1038:(Urgent) printf
duhdraw.c:1040:(Urgent) printf
duhdraw.c:1042:(Urgent) printf
duhdraw.c:1054:(Urgent) printf
duhdraw.c:1128:(Urgent) printf
duhdraw.c:1686:(Urgent) printf
duhdraw.c:1687:(Urgent) printf
duhdraw.c:1698:(Urgent) printf
duhdraw.c:1699:(Urgent) printf
duhdraw.c:1701:(Urgent) printf
duhdraw.c:1702:(Urgent) printf
duhdraw.c:1703:(Urgent) printf
duhdraw.c:1705:(Urgent) printf
duhdraw.c:1706:(Urgent) printf
duhdraw.c:1715:(Urgent) printf
duhdraw.c:1718:(Urgent) printf
duhdraw.c:1722:(Urgent) printf
duhdraw.c:1723:(Urgent) printf
duhdraw.c:1724:(Urgent) printf
duhdraw.c:1726:(Urgent) printf
duhdraw.c:1727:(Urgent) printf
duhdraw.c:1919:(Urgent) printf
duhdraw.c:1947:(Urgent) printf
duhdraw.c:1963:(Urgent) printf
duhdraw.c:1979:(Urgent) printf
duhdraw.c:2004:(Urgent) printf
duhdraw.c:2025:(Urgent) printf
duhdraw.c:2043:(Urgent) printf
duhdraw.c:2099:(Urgent) printf
duhdraw.c:2142:(Urgent) printf
duhdraw.c:2224:(Urgent) printf
duhdraw.c:2240:(Urgent) printf
duhdraw.c:2256:(Urgent) printf
duhdraw.c:2257:(Urgent) printf
duhdraw.c:2259:(Urgent) printf
duhdraw.c:2261:(Urgent) printf
duhdraw.c:2263:(Urgent) printf
duhdraw.c:2265:(Urgent) printf
duhdraw.c:2267:(Urgent) printf
duhdraw.c:2269:(Urgent) printf
duhdraw.c:2271:(Urgent) printf
duhdraw.c:2273:(Urgent) printf
duhdraw.c:2275:(Urgent) printf
duhdraw.c:2277:(Urgent) printf
duhdraw.c:2279:(Urgent) printf
duhdraw.c:2281:(Urgent) printf
duhdraw.c:2283:(Urgent) printf
duhdraw.c:2285:(Urgent) printf
duhdraw.c:2287:(Urgent) printf
duhdraw.c:2289:(Urgent) printf
duhdraw.c:2291:(Urgent) printf
duhdraw.c:2293:(Urgent) printf
duhdraw.c:2294:(Urgent) printf
duhdraw.c:2295:(Urgent) printf
duhdraw.c:2296:(Urgent) printf
duhdraw.c:2409:(Urgent) printf
duhdraw.c:2451:(Urgent) printf
duhdraw.c:2470:(Urgent) printf
duhdraw.c:2474:(Urgent) printf
duhdraw.c:3268:(Urgent) printf
duhdraw.c:3533:(Urgent) printf
duhdraw.c:3534:(Urgent) printf
duhdraw.c:3537:(Urgent) printf
duhdraw.c:3715:(Urgent) printf
duhdraw.c:3730:(Urgent) printf
duhdraw.c:3731:(Urgent) printf
duhdraw.c:3736:(Urgent) printf
duhdraw.c:3739:(Urgent) printf
duhdraw.c:3740:(Urgent) printf
duhdraw.c:3742:(Urgent) printf
Non-constant format strings can often be attacked.
Use a constant format string.
----------------
duhdraw.c:224:(Very Risky) stat
Potential race condition on: firp->d_name
Points of concern are:
duhdraw.c:224: stat
duhdraw.c:235: fopen
Manipulate file descriptors, not symbolic names, when possible.
----------------
duhdraw.c:849:(Very Risky) strcat
This function is high risk for buffer overflows
Use strncat instead.
----------------
duhdraw.c:228:(Very Risky) strcpy
duhdraw.c:233:(Very Risky) strcpy
duhdraw.c:851:(Very Risky) strcpy
duhdraw.c:883:(Very Risky) strcpy
duhdraw.c:909:(Very Risky) strcpy
duhdraw.c:2161:(Very Risky) strcpy
duhdraw.c:2165:(Very Risky) strcpy
duhdraw.c:2431:(Very Risky) strcpy
duhdraw.c:3725:(Very Risky) strcpy
This function is high risk for buffer overflows
Use strncpy instead.
----------------
duhdraw.c:2425:(Risky) chdir
Can lead to process/file interaction race conditions (TOCTOU problems)
Manipulate file descriptors, not symbolic names, when possible.
----------------
duhdraw.c:687:(Risky) fopen
duhdraw.c:1368:(Risky) fopen
duhdraw.c:2166:(Risky) fopen
Can be involved in a race condition if you open things after a poor check. For
example, don't check to see if something is not a symbolic link before opening
it.  Open it, then check bt querying the resulting object.  Don't run tests on
symbolic file names...
Perform all checks AFTER the open, and based on the returned object, not a
symbolic name.
----------------
duhdraw.c:215:(Risky) opendir
Can be involved in a race condition if you open things after a poor check. For
example, don't check to see if something is not a symbolic link before opening
it.  Open it, then check bt querying the resulting object.  Don't run tests on
symbolic file names...
Perform all checks AFTER the open, and based on the returned object, not a
symbolic name.
----------------
duhdraw.c:2412:(Risky) remove
Can lead to process/file interaction race conditions (TOCTOU category A)
Manipulate file descriptors, not symbolic names, when possible.
----------------
duhdraw.c:1375:(Some risk) getc
Be careful not to introduce a buffer overflow when using in a loop.
Make sure to check your buffer boundries.
----------------
duhdraw.c:338:(Some risk) getchar
Be careful not to introduce a buffer overflow when using in a loop.
Make sure to check your buffer boundries.
----------------
