Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ap51-flash-2019.0.1/ap51-flash-res.h
Examining data/ap51-flash-2019.0.1/ap51-flash.h
Examining data/ap51-flash-2019.0.1/commandline.c
Examining data/ap51-flash-2019.0.1/commandline.h
Examining data/ap51-flash-2019.0.1/compat.h
Examining data/ap51-flash-2019.0.1/flash.c
Examining data/ap51-flash-2019.0.1/flash.h
Examining data/ap51-flash-2019.0.1/fwcfg.c
Examining data/ap51-flash-2019.0.1/fwcfg.h
Examining data/ap51-flash-2019.0.1/list.h
Examining data/ap51-flash-2019.0.1/proto.c
Examining data/ap51-flash-2019.0.1/proto.h
Examining data/ap51-flash-2019.0.1/router_images.c
Examining data/ap51-flash-2019.0.1/router_images.h
Examining data/ap51-flash-2019.0.1/router_netconsole.c
Examining data/ap51-flash-2019.0.1/router_netconsole.h
Examining data/ap51-flash-2019.0.1/router_redboot.c
Examining data/ap51-flash-2019.0.1/router_redboot.h
Examining data/ap51-flash-2019.0.1/router_tftp_client.c
Examining data/ap51-flash-2019.0.1/router_tftp_client.h
Examining data/ap51-flash-2019.0.1/router_tftp_server.c
Examining data/ap51-flash-2019.0.1/router_tftp_server.h
Examining data/ap51-flash-2019.0.1/router_types.c
Examining data/ap51-flash-2019.0.1/router_types.h
Examining data/ap51-flash-2019.0.1/socket.c
Examining data/ap51-flash-2019.0.1/socket.h

FINAL RESULTS:

data/ap51-flash-2019.0.1/proto.c:168:14:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	data_len += sprintf(out_tftp_data + data_len, "\"%s\"", "flash_update");
data/ap51-flash-2019.0.1/proto.c:169:14:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	data_len += sprintf(out_tftp_data + data_len + 1, "%s", "octet");
data/ap51-flash-2019.0.1/router_types.c:206:10:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
			ret = system("clear");
data/ap51-flash-2019.0.1/router_types.c:209:10:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
			ret = system("cls");
data/ap51-flash-2019.0.1/commandline.c:53:14:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
	while ((c = getopt_long(argc, argv, "hvm:", long_options, NULL)) != -1) {
data/ap51-flash-2019.0.1/flash.c:65:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(node->his_mac_addr, mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/flash.c:164:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(node->our_mac_addr, our_mac, ETH_ALEN);
data/ap51-flash-2019.0.1/fwcfg.c:129:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fd = open(router_image->path, O_RDONLY | O_BINARY);
data/ap51-flash-2019.0.1/fwcfg.c:154:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst, file_data, read_len);
data/ap51-flash-2019.0.1/proto.c:80:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_ethhdr->ether_shost, src_mac, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:81:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_ethhdr->ether_dhost, dst_mac, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:90:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_arphdr->arp_sha, src_mac, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:120:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_ethhdr->ether_shost, node->our_mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:121:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_ethhdr->ether_dhost, node->his_mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:181:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	data_len = sprintf(out_tftp_data, "run fw_upg; reset\n");
data/ap51-flash-2019.0.1/proto.c:521:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(ethhdr->ether_shost, node->our_mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:522:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(ethhdr->ether_dhost, node->his_mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:574:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((unsigned char *)(tcphdr + 1), &mss_option,
data/ap51-flash-2019.0.1/proto.c:769:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_ethhdr->ether_dhost, node->his_mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.c:770:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out_ethhdr->ether_shost, node->our_mac_addr, ETH_ALEN);
data/ap51-flash-2019.0.1/proto.h:58:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst, &ip, sizeof(ip));
data/ap51-flash-2019.0.1/router_images.c:140:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char file_name_buff[FILE_NAME_MAX_LENGTH];
data/ap51-flash-2019.0.1/router_images.c:386:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name_buff[33], *name_ptr, md5_buff[33];
data/ap51-flash-2019.0.1/router_images.c:512:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char firmware_version[32];
data/ap51-flash-2019.0.1/router_images.c:514:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char model[64];
data/ap51-flash-2019.0.1/router_images.c:741:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fd = open(image_path, O_RDONLY | O_BINARY);
data/ap51-flash-2019.0.1/router_images.c:810:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	node->image_state.fd = open(node->router_type->image->path,
data/ap51-flash-2019.0.1/router_images.c:873:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst, file_data, read_len);
data/ap51-flash-2019.0.1/router_images.h:26:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char desc[DESC_MAX_LENGTH];
data/ap51-flash-2019.0.1/router_images.h:46:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char router_name[DESC_MAX_LENGTH];
data/ap51-flash-2019.0.1/router_images.h:51:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char file_name[FILE_NAME_MAX_LENGTH];
data/ap51-flash-2019.0.1/router_redboot.c:147:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buff[100];
data/ap51-flash-2019.0.1/router_redboot.c:176:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(buff, "ip_addr -l %d.%d.%d.%d/8 -h %d.%d.%d.%d\n",
data/ap51-flash-2019.0.1/router_redboot.c:193:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(buff, "load -r -b 0x%08lx -m tftp kernel\n",
data/ap51-flash-2019.0.1/router_redboot.c:196:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(buff, "load -r -b %%{FREEMEMLO} -m tftp kernel\n");
data/ap51-flash-2019.0.1/router_redboot.c:222:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(buff, "fis create -e 0x%08lx -r 0x%08lx vmlinux.bin.l7\n",
data/ap51-flash-2019.0.1/router_redboot.c:237:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(buff, "load -r -b 0x%08lx -m tftp rootfs\n",
data/ap51-flash-2019.0.1/router_redboot.c:240:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(buff, "load -r -b %%{FREEMEMLO} -m tftp rootfs\n");
data/ap51-flash-2019.0.1/router_redboot.c:250:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(buff, "fis create -f 0x%08lx -l 0x%08lx rootfs\n",
data/ap51-flash-2019.0.1/router_types.c:84:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(new_entry->mac, mac, ETH_ALEN);
data/ap51-flash-2019.0.1/router_types.h:27:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char desc[DESC_MAX_LENGTH];
data/ap51-flash-2019.0.1/socket.c:26:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char payload[BUFF_LEN];
data/ap51-flash-2019.0.1/socket.c:175:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char errbuf[PCAP_ERRBUF_SIZE];
data/ap51-flash-2019.0.1/socket.c:265:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char errbuf[PCAP_ERRBUF_SIZE];
data/ap51-flash-2019.0.1/socket.c:405:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char error[PCAP_ERRBUF_SIZE];
data/ap51-flash-2019.0.1/socket.c:545:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(packet_buff, tmp_packet, ret);
data/ap51-flash-2019.0.1/commandline.c:98:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(argv[0]) < 3)
data/ap51-flash-2019.0.1/fwcfg.c:22:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t len = strlen(s);
data/ap51-flash-2019.0.1/fwcfg.c:49:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strlen(line) == 0)
data/ap51-flash-2019.0.1/fwcfg.c:61:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			line_len = strlen(line);
data/ap51-flash-2019.0.1/fwcfg.c:144:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			if (read_len != read(fd, dst, read_len)) {
data/ap51-flash-2019.0.1/proto.c:358:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strncmp(file_name, fwupgradecfg, strlen(fwupgradecfg)) == 0)
data/ap51-flash-2019.0.1/proto.c:624:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return tcp_send(node, (int)strlen(packet_buff), TCP_DATA);
data/ap51-flash-2019.0.1/proto.c:658:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(packet_buff, cmd, buflen);
data/ap51-flash-2019.0.1/proto.c:661:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return tcp_send_data(node, (int)strlen(cmd));
data/ap51-flash-2019.0.1/router_images.c:102:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(router_info->router_name, router_desc, sizeof(router_info->router_name));
data/ap51-flash-2019.0.1/router_images.c:185:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(file_info->file_name, file_name, sizeof(file_info->file_name));
data/ap51-flash-2019.0.1/router_images.c:339:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t end_len = strlen(end);
data/ap51-flash-2019.0.1/router_images.c:340:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t str_len = strlen(str);
data/ap51-flash-2019.0.1/router_images.c:364:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strncmp(file_name, fwupgradecfg, strlen(fwupgradecfg)) != 0)
data/ap51-flash-2019.0.1/router_images.c:371:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (file_name[strlen(fwupgradecfg)] == '-')
data/ap51-flash-2019.0.1/router_images.c:372:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			router_desc = &file_name[strlen(fwupgradecfg) + 1];
data/ap51-flash-2019.0.1/router_images.c:410:9:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
		ret = sscanf(buff, "CE%10s%02x", name_buff, &num_files);
data/ap51-flash-2019.0.1/router_images.c:418:9:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
		ret = sscanf(buff, "CE%*02x%32s%02x", name_buff, &num_files);
data/ap51-flash-2019.0.1/router_images.c:444:10:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
			ret = sscanf(buff + hdr_offset, "%20s%08x", name_buff,
data/ap51-flash-2019.0.1/router_images.c:451:10:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
			ret = sscanf(buff + hdr_offset, "%32s%08x%32s",
data/ap51-flash-2019.0.1/router_images.c:468:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strncmp(name_buff, fwupgradecfg, strlen(fwupgradecfg)) == 0) {
data/ap51-flash-2019.0.1/router_images.c:469:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if (strlen(fwupgradecfg) + 1 < strlen(name_buff) &&
data/ap51-flash-2019.0.1/router_images.c:469:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if (strlen(fwupgradecfg) + 1 < strlen(name_buff) &&
data/ap51-flash-2019.0.1/router_images.c:472:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
							&name_buff[strlen(fwupgradecfg)  + 1]);
data/ap51-flash-2019.0.1/router_images.c:748:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	ret = (int)read(fd, file_buff, file_buff_size);
data/ap51-flash-2019.0.1/router_images.c:855:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			if (read_len != read(node->image_state.fd, dst, read_len)) {
data/ap51-flash-2019.0.1/router_netconsole.c:103:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (packet_buff_len < (int)strlen(PROMPT_STR))
data/ap51-flash-2019.0.1/router_netconsole.c:106:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strncmp(packet_buff, PROMPT_STR, strlen(PROMPT_STR)) != 0)
data/ap51-flash-2019.0.1/router_netconsole.c:115:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (packet_buff_len < (int)strlen(DONE_STR))
data/ap51-flash-2019.0.1/router_netconsole.c:118:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strncmp(packet_buff, DONE_STR, strlen(DONE_STR)) != 0)
data/ap51-flash-2019.0.1/router_redboot.c:155:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		redboot_priv->version_info = malloc(strlen(telnet_msg) + 1);
data/ap51-flash-2019.0.1/router_redboot.c:159:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(redboot_priv->version_info, telnet_msg, strlen(telnet_msg) + 1);
data/ap51-flash-2019.0.1/router_redboot.c:159:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		strncpy(redboot_priv->version_info, telnet_msg, strlen(telnet_msg) + 1);
data/ap51-flash-2019.0.1/router_redboot.c:160:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		redboot_priv->version_info[strlen(telnet_msg)] = '\0';
data/ap51-flash-2019.0.1/socket.c:314:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(iface) > IFNAMSIZ - 1) {
data/ap51-flash-2019.0.1/socket.c:329:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(req.ifr_name, iface, IFNAMSIZ);
data/ap51-flash-2019.0.1/socket.c:513:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	read_len = read(raw_sock, packet_buff, packet_buff_len - 1);
data/ap51-flash-2019.0.1/socket.c:608:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(req.ifr_name, iface, IFNAMSIZ);

ANALYSIS SUMMARY:

Hits = 84
Lines analyzed = 5559 in approximately 0.14 seconds (38543 lines/second)
Physical Source Lines of Code (SLOC) = 4300
Hits@level = [0] 116 [1]  38 [2]  41 [3]   1 [4]   4 [5]   0
Hits@level+ = [0+] 200 [1+]  84 [2+]  46 [3+]   5 [4+]   4 [5+]   0
Hits/KSLOC@level+ = [0+] 46.5116 [1+] 19.5349 [2+] 10.6977 [3+] 1.16279 [4+] 0.930233 [5+]   0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.