Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/bind-dyndb-ldap-11.5/src/acl.h
Examining data/bind-dyndb-ldap-11.5/src/bindcfg.h
Examining data/bind-dyndb-ldap-11.5/src/empty_zones.h
Examining data/bind-dyndb-ldap-11.5/src/fs.h
Examining data/bind-dyndb-ldap-11.5/src/fwd.h
Examining data/bind-dyndb-ldap-11.5/src/fwd_register.h
Examining data/bind-dyndb-ldap-11.5/src/krb5_helper.h
Examining data/bind-dyndb-ldap-11.5/src/ldap_convert.h
Examining data/bind-dyndb-ldap-11.5/src/ldap_driver.h
Examining data/bind-dyndb-ldap-11.5/src/ldap_entry.h
Examining data/bind-dyndb-ldap-11.5/src/ldap_helper.h
Examining data/bind-dyndb-ldap-11.5/src/lock.h
Examining data/bind-dyndb-ldap-11.5/src/log.h
Examining data/bind-dyndb-ldap-11.5/src/metadb.h
Examining data/bind-dyndb-ldap-11.5/src/mldap.h
Examining data/bind-dyndb-ldap-11.5/src/rbt_helper.h
Examining data/bind-dyndb-ldap-11.5/src/semaphore.h
Examining data/bind-dyndb-ldap-11.5/src/settings.h
Examining data/bind-dyndb-ldap-11.5/src/syncptr.h
Examining data/bind-dyndb-ldap-11.5/src/syncrepl.h
Examining data/bind-dyndb-ldap-11.5/src/str.h
Examining data/bind-dyndb-ldap-11.5/src/types.h
Examining data/bind-dyndb-ldap-11.5/src/util.h
Examining data/bind-dyndb-ldap-11.5/src/zone.h
Examining data/bind-dyndb-ldap-11.5/src/zone_register.h
Examining data/bind-dyndb-ldap-11.5/src/acl.c
Examining data/bind-dyndb-ldap-11.5/src/bindcfg.c
Examining data/bind-dyndb-ldap-11.5/src/empty_zones.c
Examining data/bind-dyndb-ldap-11.5/src/fwd.c
Examining data/bind-dyndb-ldap-11.5/src/fwd_register.c
Examining data/bind-dyndb-ldap-11.5/src/fs.c
Examining data/bind-dyndb-ldap-11.5/src/ldap_convert.c
Examining data/bind-dyndb-ldap-11.5/src/ldap_entry.c
Examining data/bind-dyndb-ldap-11.5/src/ldap_helper.c
Examining data/bind-dyndb-ldap-11.5/src/lock.c
Examining data/bind-dyndb-ldap-11.5/src/log.c
Examining data/bind-dyndb-ldap-11.5/src/metadb.c
Examining data/bind-dyndb-ldap-11.5/src/mldap.c
Examining data/bind-dyndb-ldap-11.5/src/rbt_helper.c
Examining data/bind-dyndb-ldap-11.5/src/semaphore.c
Examining data/bind-dyndb-ldap-11.5/src/settings.c
Examining data/bind-dyndb-ldap-11.5/src/syncptr.c
Examining data/bind-dyndb-ldap-11.5/src/syncrepl.c
Examining data/bind-dyndb-ldap-11.5/src/str.c
Examining data/bind-dyndb-ldap-11.5/src/zone.c
Examining data/bind-dyndb-ldap-11.5/src/zone_register.c
Examining data/bind-dyndb-ldap-11.5/src/krb5_helper.c
Examining data/bind-dyndb-ldap-11.5/src/ldap_driver.c
FINAL RESULTS:
data/bind-dyndb-ldap-11.5/src/fs.c:51:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret = chmod(dir_name, dir_mode);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:583:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(settings_name, PRINT_BUFF_SIZE,
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:591:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(settings_name, PRINT_BUFF_SIZE,
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:657:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(settings_name, PRINT_BUFF_SIZE,
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:661:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(settings_name, PRINT_BUFF_SIZE,
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3372:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
s_len = snprintf(change[index].mod_values[0], MAX_SOANUM_LENGTH, \
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4662:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
s_len = snprintf(filter, sizeof(filter),
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4668:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
s_len = snprintf(filter, sizeof(filter),
data/bind-dyndb-ldap-11.5/src/settings.c:516:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_set->name, set_name);
data/bind-dyndb-ldap-11.5/src/str.c:324:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(dest->data, dest->allocated, format, ap);
data/bind-dyndb-ldap-11.5/src/str.c:327:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(dest->data, dest->allocated, format, backup);
data/bind-dyndb-ldap-11.5/src/zone_register.c:283:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(settings_name, PRINT_BUFF_SIZE, SETTING_SET_NAME_ZONE " %s",
data/bind-dyndb-ldap-11.5/src/acl.c:317:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/empty_zones.c:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_char[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/empty_zones.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ezname_char[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/fs.c:21:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char msg_getcwd_failed[PATH_MAX] = "<getcwd() failed>";
data/bind-dyndb-ldap-11.5/src/fs.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_curr[PATH_MAX + 1] = "";
data/bind-dyndb-ldap-11.5/src/fs.c:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_path[PATH_MAX + 1];
data/bind-dyndb-ldap-11.5/src/fs.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir_curr[PATH_MAX + 1] = "";
data/bind-dyndb-ldap-11.5/src/ldap_convert.c:269:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(esc_name + esc_idx, dns_str + idx_symb_first, length_ok);
data/bind-dyndb-ldap-11.5/src/ldap_convert.c:306:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(esc_name + esc_idx, dns_str + idx_symb_first, dns_idx - idx_symb_first);
data/bind-dyndb-ldap-11.5/src/ldap_convert.c:443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdtype_str[DNS_RDATATYPE_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_convert.c:480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof("\\# 65535")];
data/bind-dyndb-ldap-11.5/src/ldap_driver.c:506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_entry.c:573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_buf[sizeof("01234567-89ab-cdef-0123-456789abcdef")];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char print_buff[PRINT_BUFF_SIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[HOST_NAME_MAX];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char settings_name[PRINT_BUFF_SIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bck_filename[PATH_MAX];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:944:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone_name[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1008:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ldap_argv[1] = { inst->db_name };
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1009:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *rbt_argv[1] = { "rbt" };
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1012:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone_name[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone_name_char[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_txt[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_char[MAX_SERIAL_LENGTH];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *values[2] = { serial_char, NULL };
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2707:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rdatamem.base, isc_buffer_base(&entry->rdata_target),
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_mods, mods, i * sizeof(LDAPMod *));
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vals[i], region.base, region.length);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3333:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vals[0], str_buf(ttlval), str_len(ttlval) + 1);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3527:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[LDAP_ATTR_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4463:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entryUUID_buf[16];
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4650:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[1024];
data/bind-dyndb-ldap-11.5/src/mldap.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_buf[sizeof("01234567-89ab-cdef-0123-456789abcdef") + 1];
data/bind-dyndb-ldap-11.5/src/mldap.c:200:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[sizeof(struct in6_addr)];
data/bind-dyndb-ldap-11.5/src/mldap.c:209:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, &class, sizeof(class));
data/bind-dyndb-ldap-11.5/src/mldap.c:233:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(classp, region.base, sizeof(*classp));
data/bind-dyndb-ldap-11.5/src/mldap.c:247:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[sizeof(mldap->generation)];
data/bind-dyndb-ldap-11.5/src/mldap.c:262:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, &generation, sizeof(generation));
data/bind-dyndb-ldap-11.5/src/mldap.c:285:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(generationp, region.base, sizeof(*generationp));
data/bind-dyndb-ldap-11.5/src/mldap.c:301:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char wirebuf[2 * DNS_NAME_MAXWIRE];
data/bind-dyndb-ldap-11.5/src/settings.c:513:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_set->first_setting, default_settings, default_set_length);
data/bind-dyndb-ldap-11.5/src/str.c:81:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_buffer, str->data, str->allocated);
data/bind-dyndb-ldap-11.5/src/str.c:224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->data, src, len);
data/bind-dyndb-ldap-11.5/src/str.c:258:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(from, src, src_size + 1);
data/bind-dyndb-ldap-11.5/src/str.c:285:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(from, src, len);
data/bind-dyndb-ldap-11.5/src/syncptr.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_name_str[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/syncptr.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_str[INET6_ADDRSTRLEN + 1];
data/bind-dyndb-ldap-11.5/src/syncptr.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr_name_str[DNS_NAME_FORMATSIZE + 1];
data/bind-dyndb-ldap-11.5/src/syncptr.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr_rdata_str[DNS_NAME_FORMATSIZE + 1];
data/bind-dyndb-ldap-11.5/src/syncptr.c:464:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char new_buf[DNS_NAME_MAXWIRE];
data/bind-dyndb-ldap-11.5/src/zone_register.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_char[DNS_NAME_FORMATSIZE];
data/bind-dyndb-ldap-11.5/src/zone_register.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char settings_name[PRINT_BUFF_SIZE];
data/bind-dyndb-ldap-11.5/src/acl.c:152:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/bind-dyndb-ldap-11.5/src/acl.c:217:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r.length = strlen(str);
data/bind-dyndb-ldap-11.5/src/bindcfg.c:111:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string_len = strlen(string);
data/bind-dyndb-ldap-11.5/src/empty_zones.c:173:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isc_buffer_constinit(&buffer, ezchar, strlen(ezchar));
data/bind-dyndb-ldap-11.5/src/empty_zones.c:174:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
isc_buffer_add(&buffer, strlen(ezchar));
data/bind-dyndb-ldap-11.5/src/fs.c:35:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dir_curr, msg_getcwd_failed, sizeof(dir_curr));
data/bind-dyndb-ldap-11.5/src/fs.c:91:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(curr_path) > 0)
data/bind-dyndb-ldap-11.5/src/fs.c:113:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dir_curr, msg_getcwd_failed, sizeof(dir_curr));
data/bind-dyndb-ldap-11.5/src/fwd.c:143:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_append_str(&tmp_buf, value->value, strlen(value->value));
data/bind-dyndb-ldap-11.5/src/krb5_helper.c:49:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(realm), realm,
data/bind-dyndb-ldap-11.5/src/ldap_convert.c:250:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int dns_str_len = strlen(dns_str);
data/bind-dyndb-ldap-11.5/src/ldap_convert.c:387:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ldap_attribute);
data/bind-dyndb-ldap-11.5/src/ldap_entry.c:395:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fake_mname) > 0) {
data/bind-dyndb-ldap-11.5/src/ldap_entry.c:526:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ttl_text.length = strlen(ttl_text.base);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:413:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inst->db_name) <= 0) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:421:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir_default = (strlen(dir_name) == 0);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:485:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(bind_dn) != 0 || strlen(password) != 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:485:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(bind_dn) != 0 || strlen(password) != 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:492:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(bind_dn) == 0 || strlen(password) == 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:492:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(bind_dn) == 0 || strlen(password) == 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:499:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(sasl_realm) != 0 || strlen(sasl_user) != 0 ||
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:499:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(sasl_realm) != 0 || strlen(sasl_user) != 0 ||
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:500:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sasl_password) != 0 || strlen(krb5_principal) != 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:500:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sasl_password) != 0 || strlen(krb5_principal) != 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:509:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((krb5_principal == NULL) || (strlen(krb5_principal) == 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:510:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((sasl_user == NULL) || (strlen(sasl_user) == 0)) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:655:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(server_id) == 0) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:877:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(filename);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2688:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text.length = strlen(text.base);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2748:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in->len = strlen(in->result);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2756:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in->len = strlen(in->result);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2764:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in->len = strlen(in->result);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2772:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in->len = strlen(in->result);
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2830:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ldap_hostname) > 0) {
data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4661:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(server_id) == 0) {
data/bind-dyndb-ldap-11.5/src/settings.c:288:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(value) + 1;
data/bind-dyndb-ldap-11.5/src/settings.c:515:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_set->name = isc_mem_allocate(mctx, strlen(set_name) + 1);
data/bind-dyndb-ldap-11.5/src/settings.c:692:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(parameters);
data/bind-dyndb-ldap-11.5/src/str.c:107:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(str->data);
data/bind-dyndb-ldap-11.5/src/str.c:222:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src);
data/bind-dyndb-ldap-11.5/src/str.c:251:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src_size = strlen(src);
data/bind-dyndb-ldap-11.5/src/syncptr.c:78:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int length = strlen(str);
data/bind-dyndb-ldap-11.5/src/syncptr.c:407:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ev->ip_str, ip_str, sizeof(ev->ip_str));
ANALYSIS SUMMARY:
Hits = 107
Lines analyzed = 14961 in approximately 0.42 seconds (35276 lines/second)
Physical Source Lines of Code (SLOC) = 10059
Hits@level = [0] 6 [1] 43 [2] 52 [3] 0 [4] 11 [5] 1
Hits@level+ = [0+] 113 [1+] 107 [2+] 64 [3+] 12 [4+] 12 [5+] 1
Hits/KSLOC@level+ = [0+] 11.2337 [1+] 10.6372 [2+] 6.36246 [3+] 1.19296 [4+] 1.19296 [5+] 0.0994135
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.