Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/aprsdigi-3.10.0/aprsdigi.c Examining data/aprsdigi-3.10.0/aprsmon.c Examining data/aprsdigi-3.10.0/aprsshm.c Examining data/aprsdigi-3.10.0/aprsshm.h Examining data/aprsdigi-3.10.0/fiforead.c Examining data/aprsdigi-3.10.0/fifowrite.c Examining data/aprsdigi-3.10.0/libax25ext.c Examining data/aprsdigi-3.10.0/libax25ext.h Examining data/aprsdigi-3.10.0/mic_e.c Examining data/aprsdigi-3.10.0/mic_e.h Examining data/aprsdigi-3.10.0/mic_e_test.c Examining data/aprsdigi-3.10.0/testmcast.c Examining data/aprsdigi-3.10.0/testparse.c FINAL RESULTS: data/aprsdigi-3.10.0/aprsdigi.c:860:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"dummy via %s",str); data/aprsdigi-3.10.0/aprsdigi.c:1298:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(idinfo,ax25_ntoa_pretty(&iface->aliases[i])); data/aprsdigi-3.10.0/aprsdigi.c:1302:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(idinfo,ax25_ntoa_pretty(&Floods[i].call)); data/aprsdigi-3.10.0/aprsdigi.c:1830:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(((struct sockaddr*)&i->tsa)->sa_data, i->dev); data/aprsdigi-3.10.0/aprsdigi.c:1840:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(((struct sockaddr *)&i->rsa)->sa_data, i->dev); data/aprsdigi-3.10.0/aprsdigi.c:1848:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ifr.ifr_name, i->dev); /* get this port's callsign */ data/aprsdigi-3.10.0/aprsdigi.c:2091:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(t,ax25_ntoa_pretty(cl->callsign)); data/aprsdigi-3.10.0/aprsdigi.c:2541:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(devname,"%s:%s",DEVTYPE(j),j->devname); data/aprsdigi-3.10.0/aprsmon.c:211:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ifr.ifr_name, sa.sa_data); data/aprsdigi-3.10.0/aprsmon.c:282:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(&digis[l],",%s%s",tmp,(buf[ALEN]&REPEATED&&!nextrept)?"*":""); data/aprsdigi-3.10.0/aprsmon.c:304:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf1,"%s>%s%s:%s",from,"APRS",digis,mic1); data/aprsdigi-3.10.0/aprsmon.c:306:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf2,"%s>%s%s:%s",from,"APRS",digis,mic2); data/aprsdigi-3.10.0/aprsmon.c:311:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf1,"%s>%s%s:%s",from,to,digis,mic1); data/aprsdigi-3.10.0/aprsmon.c:314:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf1,"%s>%s%s:",from,to,digis); data/aprsdigi-3.10.0/mic_e.c:181:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf1,"@%02d%02d%02dz%d%d%d%d.%d%d%c%c%03d%02d.%02d%c%c%03d/%03d/%c>mon/M%d/%s", data/aprsdigi-3.10.0/aprsdigi.c:1439:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((s = getopt_long(argc, argv, optstring, opts, &opt_index)) != -1) { data/aprsdigi-3.10.0/aprsmon.c:120:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((s = getopt(argc, argv, OPTS)) != -1) { data/aprsdigi-3.10.0/aprsdigi.c:201:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char Dirs[5] = "NSEW"; data/aprsdigi-3.10.0/aprsdigi.c:337:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[AX25_MTU]; data/aprsdigi-3.10.0/aprsdigi.c:415:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; data/aprsdigi-3.10.0/aprsdigi.c:461:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(&s->in.ax_from_call, data/aprsdigi-3.10.0/aprsdigi.c:842:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(text,*op,len); /* copy the text */ data/aprsdigi-3.10.0/aprsdigi.c:846:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(tag,*op,taglen); /* and tack on the tag */ data/aprsdigi-3.10.0/aprsdigi.c:857:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[200]; data/aprsdigi-3.10.0/aprsdigi.c:890:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char asc_from[12],asc_to[12]; data/aprsdigi-3.10.0/aprsdigi.c:1047:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of = fopen(Logfile,"a"); data/aprsdigi-3.10.0/aprsdigi.c:1159:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(cp,p->d,p->l); data/aprsdigi-3.10.0/aprsdigi.c:1238:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of = fopen(Logfile,"a"); data/aprsdigi-3.10.0/aprsdigi.c:1276:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char idinfo[AX25_MTU]; data/aprsdigi-3.10.0/aprsdigi.c:1299:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(idinfo,"/R "); data/aprsdigi-3.10.0/aprsdigi.c:1303:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(idinfo,"n-n/R "); data/aprsdigi-3.10.0/aprsdigi.c:1566:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((Keep = atoi(optarg)) <= 0) data/aprsdigi-3.10.0/aprsdigi.c:1573:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Idinterval = atoi(optarg); data/aprsdigi-3.10.0/aprsdigi.c:1856:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(ifr.ifr_hwaddr.sa_data,I_MYCALL(i).ax25_call,sizeof(I_MYCALL(i).ax25_call)); data/aprsdigi-3.10.0/aprsdigi.c:1883:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((ttlval = atoi(ttl)) <= 0) data/aprsdigi-3.10.0/aprsdigi.c:1922:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy((struct sockaddr*)ai->ai_addr,&i->tsa,sizeof(i->tsa)); /* fill sockaddr w/sockaddr_in */ data/aprsdigi-3.10.0/aprsdigi.c:1948:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy((struct sockaddr*)ai->ai_addr,&i->rsa,sizeof(i->rsa)); data/aprsdigi-3.10.0/aprsdigi.c:1973:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[sizeof(sun->sun_path)]; data/aprsdigi-3.10.0/aprsdigi.c:2089:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t[10]; data/aprsdigi-3.10.0/aprsdigi.c:2093:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(t,"n-n"); /* indicate a WIDEn-n */ data/aprsdigi-3.10.0/aprsdigi.c:2261:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). e->be_maskbits = atoi(mask); data/aprsdigi-3.10.0/aprsdigi.c:2267:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(ai->ai_addr,&e->be_addr,ai->ai_addrlen); data/aprsdigi-3.10.0/aprsdigi.c:2311:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[1000]; data/aprsdigi-3.10.0/aprsdigi.c:2369:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char testhost[200],host[200]; data/aprsdigi-3.10.0/aprsdigi.c:2510:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[1000]; data/aprsdigi-3.10.0/aprsdigi.c:2538:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devname[100]; data/aprsdigi-3.10.0/aprsdigi.c:2670:7: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(pkt[j],&pref[plen-1],pktl[j]); /* tag vecp onto end of pref. */ data/aprsdigi-3.10.0/aprsdigi.c:2671:7: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(pref,pkt[j],pktl[j]+=plen-1); /* not sure why this is -1 */ data/aprsdigi-3.10.0/aprsmon.c:106:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[1500]; data/aprsdigi-3.10.0/aprsmon.c:130:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). keepfor = atoi(optarg); data/aprsdigi-3.10.0/aprsmon.c:249:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char buf1[1000],buf2[100]; data/aprsdigi-3.10.0/aprsmon.c:250:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mic1[200],mic2[200]; data/aprsdigi-3.10.0/aprsmon.c:252:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char from[10],to[10],digis[100]; data/aprsdigi-3.10.0/aprsmon.c:254:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[15]; data/aprsdigi-3.10.0/aprsmon.c:336:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf, "[invalid]"); data/aprsdigi-3.10.0/aprsmon.c:344:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s, "-%d", ssid); data/aprsdigi-3.10.0/aprsshm.c:55:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[MAXPKT]; /* the packet. */ data/aprsdigi-3.10.0/aprsshm.c:102:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((info = fopen(infofile,"w")) != NULL) { data/aprsdigi-3.10.0/aprsshm.c:152:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((info = fopen(infofile,"r"))) { data/aprsdigi-3.10.0/aprsshm.c:208:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(buf,p->data,len); data/aprsdigi-3.10.0/libax25ext.c:37:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(*frame,calls->ax_to_call.ax25_call,AXLEN); data/aprsdigi-3.10.0/libax25ext.c:40:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(*frame,calls->ax_from_call.ax25_call,AXLEN); data/aprsdigi-3.10.0/libax25ext.c:49:7: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(*frame,calls->ax_digi_call[calls->ax_n_digis].ax25_call,AXLEN); data/aprsdigi-3.10.0/libax25ext.c:305:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(calls->ax_to_call.ax25_call,*frame,AXLEN); data/aprsdigi-3.10.0/libax25ext.c:307:3: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(calls->ax_from_call.ax25_call,*frame,AXLEN); data/aprsdigi-3.10.0/libax25ext.c:311:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(calls->ax_digi_call[i].ax25_call,*frame,AXLEN); data/aprsdigi-3.10.0/libax25ext.c:368:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[11]; data/aprsdigi-3.10.0/mic_e.c:155:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2,"T#MIC%03d,%03d", data/aprsdigi-3.10.0/mic_e.c:162:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2,"T#MIC%03d,%03d,%03d,%03d,%03d", data/aprsdigi-3.10.0/mic_e.c:172:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf2,"T#MIC%03d,%03d,%03d,%03d,%03d", data/aprsdigi-3.10.0/mic_e.c:195:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bp,&i[buf2_n],l-buf2_n); data/aprsdigi-3.10.0/mic_e.c:235:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf1,cp,*l1=&i[l-1]-cp); data/aprsdigi-3.10.0/mic_e_test.c:14:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[100]; data/aprsdigi-3.10.0/mic_e_test.c:15:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ob1[512],ob2[512]; data/aprsdigi-3.10.0/testmcast.c:44:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buffer[AX25_MTU]; data/aprsdigi-3.10.0/testmcast.c:48:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (argc < 4 || (ttlval = atoi(ttl)) <= 0) { data/aprsdigi-3.10.0/testmcast.c:60:5: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bcopy(hp->h_addr, (char *)&sin.sin_addr, hp->h_length); data/aprsdigi-3.10.0/testmcast.c:68:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(service)); data/aprsdigi-3.10.0/testparse.c:30:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[2048],*bp; data/aprsdigi-3.10.0/testparse.c:34:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char obuf[2048], *op; data/aprsdigi-3.10.0/testparse.c:98:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char asc_from[12],asc_to[12]; data/aprsdigi-3.10.0/aprsdigi.c:894:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(asc_to,ax25_ntoa_pretty(&calls->ax_to_call),sizeof(asc_to)); data/aprsdigi-3.10.0/aprsdigi.c:895:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(asc_from,ax25_ntoa_pretty(&calls->ax_from_call),sizeof(asc_from)); data/aprsdigi-3.10.0/aprsdigi.c:1305:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). add_text(&op,&oleft,idinfo,strlen(idinfo),0,0); data/aprsdigi-3.10.0/aprsdigi.c:1534:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Floods[N_floods++].len = strlen(optarg); data/aprsdigi-3.10.0/aprsdigi.c:1559:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Taglen = strlen(optarg); data/aprsdigi-3.10.0/aprsdigi.c:1977:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(name,i->dev,sizeof(name)); data/aprsdigi-3.10.0/aprsdigi.c:1991:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sun->sun_path,name,sizeof(sun->sun_path)); data/aprsdigi-3.10.0/aprsdigi.c:2011:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(sun->sun_path,name,sizeof(sun->sun_path)); data/aprsdigi-3.10.0/aprsdigi.c:2345:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf,ax25_ntoa_pretty(&sinax25->sax25_call),buflen); data/aprsdigi-3.10.0/aprsdigi.c:2348:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(buf,"any",buflen); data/aprsdigi-3.10.0/aprsdigi.c:2351:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(buf,"???",buflen); data/aprsdigi-3.10.0/aprsmon.c:284:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l += strlen(&digis[l]); data/aprsdigi-3.10.0/aprsmon.c:315:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(buf1); data/aprsdigi-3.10.0/fiforead.c:37:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mysun.sun_path,argv[1],sizeof(mysun.sun_path)); data/aprsdigi-3.10.0/fifowrite.c:36:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mysun.sun_path,argv[1],sizeof(mysun.sun_path)); data/aprsdigi-3.10.0/fifowrite.c:43:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((sent = sendto(sock,buf,strlen(buf),0,(struct sockaddr *)&mysun, data/aprsdigi-3.10.0/libax25ext.c:331:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(*frame,ax25_ntoa_pretty(&calls->ax_from_call),AXLEN+3); data/aprsdigi-3.10.0/libax25ext.c:332:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(*frame); data/aprsdigi-3.10.0/libax25ext.c:336:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(*frame,ax25_ntoa_pretty(&calls->ax_to_call),AXLEN+3); data/aprsdigi-3.10.0/libax25ext.c:337:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(*frame); data/aprsdigi-3.10.0/libax25ext.c:343:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(*frame,ax25_ntoa_pretty(&calls->ax_digi_call[i]),AXLEN+3); data/aprsdigi-3.10.0/libax25ext.c:344:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(*frame); data/aprsdigi-3.10.0/mic_e.c:159:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *l2 = strlen(buf2); data/aprsdigi-3.10.0/mic_e.c:169:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *l2 = strlen(buf2); data/aprsdigi-3.10.0/mic_e.c:175:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *l2 = strlen(buf2); data/aprsdigi-3.10.0/mic_e.c:191:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bp = &buf1[(*l1 = strlen(buf1))]; data/aprsdigi-3.10.0/mic_e_test.c:20:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int tl = strlen(b); data/aprsdigi-3.10.0/mic_e_test.c:36:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (fmt_mic_e(to,i,strlen(i),ob1,&ol1,ob2,&ol2,tick) data/aprsdigi-3.10.0/mic_e_test.c:37:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || fmt_x1j4(to,i,strlen(i),ob1,&ol1,ob2,&ol2,tick)) { data/aprsdigi-3.10.0/testmcast.c:167:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((len = read(0,buffer,sizeof(buffer))) < 0) { data/aprsdigi-3.10.0/testparse.c:39:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buflen = strlen(buf); data/aprsdigi-3.10.0/testparse.c:59:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&obuf[sizeof(obuf)-olen],bp,buflen); data/aprsdigi-3.10.0/testparse.c:104:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(asc_to,ax25_ntoa_pretty(&calls->ax_to_call),sizeof(asc_to)); data/aprsdigi-3.10.0/testparse.c:105:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(asc_from,ax25_ntoa_pretty(&calls->ax_from_call),sizeof(asc_from)); ANALYSIS SUMMARY: Hits = 115 Lines analyzed = 4531 in approximately 0.18 seconds (24783 lines/second) Physical Source Lines of Code (SLOC) = 3690 Hits@level = [0] 226 [1] 34 [2] 64 [3] 2 [4] 15 [5] 0 Hits@level+ = [0+] 341 [1+] 115 [2+] 81 [3+] 17 [4+] 15 [5+] 0 Hits/KSLOC@level+ = [0+] 92.4119 [1+] 31.1653 [2+] 21.9512 [3+] 4.60705 [4+] 4.06504 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.