Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/4g8-1.0/src/error.c
Examining data/4g8-1.0/src/ethernet_hdr.c
Examining data/4g8-1.0/src/ethernet_hdr.h
Examining data/4g8-1.0/src/exit.c
Examining data/4g8-1.0/src/exit.h
Examining data/4g8-1.0/src/icmpv4_hdr.c
Examining data/4g8-1.0/src/icmpv4_hdr.h
Examining data/4g8-1.0/src/init.c
Examining data/4g8-1.0/src/init.h
Examining data/4g8-1.0/src/ipv4_hdr.c
Examining data/4g8-1.0/src/ipv4_hdr.h
Examining data/4g8-1.0/src/dump_packet.h
Examining data/4g8-1.0/src/process_packets.c
Examining data/4g8-1.0/src/process_packets.h
Examining data/4g8-1.0/src/stats.c
Examining data/4g8-1.0/src/stats.h
Examining data/4g8-1.0/src/arp_cache.h
Examining data/4g8-1.0/src/usage.c
Examining data/4g8-1.0/src/usage.h
Examining data/4g8-1.0/src/tcp_hdr.c
Examining data/4g8-1.0/src/tcp_hdr.h
Examining data/4g8-1.0/src/udp_hdr.c
Examining data/4g8-1.0/src/udp_hdr.h
Examining data/4g8-1.0/src/utils.c
Examining data/4g8-1.0/src/utils.h
Examining data/4g8-1.0/src/dump_packet.c
Examining data/4g8-1.0/src/arp_cache.c
Examining data/4g8-1.0/src/error.h
Examining data/4g8-1.0/src/globals.h
Examining data/4g8-1.0/src/main.c
Examining data/4g8-1.0/src/main.h
FINAL RESULTS:
data/4g8-1.0/src/error.c:35:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(error_buf, ERRBUF_MAXLEN, err, va);
data/4g8-1.0/src/utils.c:88:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, 256, msgp, va);
data/4g8-1.0/src/utils.c:468:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(eaddr, "%s:%0x", eaddr, oct);
data/4g8-1.0/src/main.c:55:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((opt = getopt(argc, argv, "G:g:hi:S:s:vw:X")) != -1)
data/4g8-1.0/src/utils.c:36:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0) ^ getpid() * r_int);
data/4g8-1.0/src/dump_packet.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_data[HEXDUMP_SHORTS_PER_LINE*HEXDUMP_HEXSTUFF_PER_SHORT+1], *hsp;
data/4g8-1.0/src/dump_packet.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_data[HEXDUMP_BYTES_PER_LINE+1], *asp;
data/4g8-1.0/src/error.h:32:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char error_buf[ERRBUF_MAXLEN];
data/4g8-1.0/src/globals.h:130:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char w_file[OPT_MAXLEN];
data/4g8-1.0/src/main.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char w_file[OPT_MAXLEN];
data/4g8-1.0/src/main.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[ERRBUF_MAXLEN];
data/4g8-1.0/src/tcp_hdr.c:65:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(flags, "None");
data/4g8-1.0/src/utils.c:122:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Network");
data/4g8-1.0/src/utils.c:126:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Host");
data/4g8-1.0/src/utils.c:130:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Protocol");
data/4g8-1.0/src/utils.c:134:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Port");
data/4g8-1.0/src/utils.c:138:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Need Fragment");
data/4g8-1.0/src/utils.c:142:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Source Fail");
data/4g8-1.0/src/utils.c:146:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Network Unknown");
data/4g8-1.0/src/utils.c:150:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Host Unknown");
data/4g8-1.0/src/utils.c:154:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Isolated");
data/4g8-1.0/src/utils.c:158:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Network Prohibited");
data/4g8-1.0/src/utils.c:162:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Host Prohibited");
data/4g8-1.0/src/utils.c:166:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "ToS Network");
data/4g8-1.0/src/utils.c:170:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "ToS Host");
data/4g8-1.0/src/utils.c:174:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Filter Prohibited");
data/4g8-1.0/src/utils.c:178:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Host Precedence");
data/4g8-1.0/src/utils.c:182:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Precedence Cutoff");
data/4g8-1.0/src/utils.c:186:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Unknown");
data/4g8-1.0/src/utils.c:196:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Network");
data/4g8-1.0/src/utils.c:200:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Host");
data/4g8-1.0/src/utils.c:204:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "ToS Net");
data/4g8-1.0/src/utils.c:208:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "ToS Host");
data/4g8-1.0/src/utils.c:212:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Unknown");
data/4g8-1.0/src/utils.c:222:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "In Transit");
data/4g8-1.0/src/utils.c:226:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Reassembly");
data/4g8-1.0/src/utils.c:230:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Unknown");
data/4g8-1.0/src/utils.c:240:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Missing Option");
data/4g8-1.0/src/utils.c:244:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Unknown");
data/4g8-1.0/src/utils.c:250:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_c, "Unknown");
data/4g8-1.0/src/utils.c:271:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Echo Reply");
data/4g8-1.0/src/utils.c:275:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Unreachable");
data/4g8-1.0/src/utils.c:279:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Source Quench");
data/4g8-1.0/src/utils.c:283:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Redirect");
data/4g8-1.0/src/utils.c:287:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Echo Request");
data/4g8-1.0/src/utils.c:291:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Time Exceeded");
data/4g8-1.0/src/utils.c:295:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Param Problem");
data/4g8-1.0/src/utils.c:299:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Timestamp");
data/4g8-1.0/src/utils.c:303:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Timestamp Reply");
data/4g8-1.0/src/utils.c:307:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Info Request");
data/4g8-1.0/src/utils.c:311:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Info Reply");
data/4g8-1.0/src/utils.c:315:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Router Advertise");
data/4g8-1.0/src/utils.c:319:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Router Selection");
data/4g8-1.0/src/utils.c:323:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Address Mask Request");
data/4g8-1.0/src/utils.c:327:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Address Mask Reply");
data/4g8-1.0/src/utils.c:331:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Traceroute");
data/4g8-1.0/src/utils.c:335:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icmp_t, "Unknown");
data/4g8-1.0/src/utils.c:356:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "Net/ROM Pseudo");
data/4g8-1.0/src/utils.c:360:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "Ethernet 10/100");
data/4g8-1.0/src/utils.c:364:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "Experimental Ethernet");
data/4g8-1.0/src/utils.c:368:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "AX.25 Level 2");
data/4g8-1.0/src/utils.c:372:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "ProNet Token Ring");
data/4g8-1.0/src/utils.c:376:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "IEEE 802.2 Ethernet");
data/4g8-1.0/src/utils.c:380:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "ARCNet");
data/4g8-1.0/src/utils.c:384:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "AppleTalk");
data/4g8-1.0/src/utils.c:388:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "Lanstar");
data/4g8-1.0/src/utils.c:392:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "Frame Relay DLCI");
data/4g8-1.0/src/utils.c:396:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "ATM");
data/4g8-1.0/src/utils.c:400:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "Metricom STRIP");
data/4g8-1.0/src/utils.c:404:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_t, "IPsec Tunnel");
data/4g8-1.0/src/utils.c:470:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(eaddr, "%0x", oct);
data/4g8-1.0/src/init.c:71:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(w_file) > 0)
data/4g8-1.0/src/main.c:100:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(w_file, optarg, OPT_MAXLEN);
data/4g8-1.0/src/tcp_hdr.c:47:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(flags, "U");
data/4g8-1.0/src/tcp_hdr.c:50:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(flags, "A");
data/4g8-1.0/src/tcp_hdr.c:53:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(flags, "P");
data/4g8-1.0/src/tcp_hdr.c:56:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(flags, "R");
data/4g8-1.0/src/tcp_hdr.c:59:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(flags, "S");
data/4g8-1.0/src/tcp_hdr.c:62:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(flags, "F");
data/4g8-1.0/src/tcp_hdr.c:64:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(flags) == 0)
data/4g8-1.0/src/utils.c:90:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_len = strlen(msg);
data/4g8-1.0/src/utils.c:428:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(o_ethstr, ethstr, 18);
ANALYSIS SUMMARY:
Hits = 82
Lines analyzed = 2517 in approximately 0.08 seconds (30256 lines/second)
Physical Source Lines of Code (SLOC) = 1413
Hits@level = [0] 114 [1] 11 [2] 66 [3] 2 [4] 3 [5] 0
Hits@level+ = [0+] 196 [1+] 82 [2+] 71 [3+] 5 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 138.712 [1+] 58.0326 [2+] 50.2477 [3+] 3.53857 [4+] 2.12314 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.