Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/bind-dyndb-ldap-11.5/src/acl.h Examining data/bind-dyndb-ldap-11.5/src/bindcfg.h Examining data/bind-dyndb-ldap-11.5/src/empty_zones.h Examining data/bind-dyndb-ldap-11.5/src/fs.h Examining data/bind-dyndb-ldap-11.5/src/fwd.h Examining data/bind-dyndb-ldap-11.5/src/fwd_register.h Examining data/bind-dyndb-ldap-11.5/src/krb5_helper.h Examining data/bind-dyndb-ldap-11.5/src/ldap_convert.h Examining data/bind-dyndb-ldap-11.5/src/ldap_driver.h Examining data/bind-dyndb-ldap-11.5/src/ldap_entry.h Examining data/bind-dyndb-ldap-11.5/src/ldap_helper.h Examining data/bind-dyndb-ldap-11.5/src/lock.h Examining data/bind-dyndb-ldap-11.5/src/log.h Examining data/bind-dyndb-ldap-11.5/src/metadb.h Examining data/bind-dyndb-ldap-11.5/src/mldap.h Examining data/bind-dyndb-ldap-11.5/src/rbt_helper.h Examining data/bind-dyndb-ldap-11.5/src/semaphore.h Examining data/bind-dyndb-ldap-11.5/src/settings.h Examining data/bind-dyndb-ldap-11.5/src/syncptr.h Examining data/bind-dyndb-ldap-11.5/src/syncrepl.h Examining data/bind-dyndb-ldap-11.5/src/str.h Examining data/bind-dyndb-ldap-11.5/src/types.h Examining data/bind-dyndb-ldap-11.5/src/util.h Examining data/bind-dyndb-ldap-11.5/src/zone.h Examining data/bind-dyndb-ldap-11.5/src/zone_register.h Examining data/bind-dyndb-ldap-11.5/src/acl.c Examining data/bind-dyndb-ldap-11.5/src/bindcfg.c Examining data/bind-dyndb-ldap-11.5/src/empty_zones.c Examining data/bind-dyndb-ldap-11.5/src/fwd.c Examining data/bind-dyndb-ldap-11.5/src/fwd_register.c Examining data/bind-dyndb-ldap-11.5/src/fs.c Examining data/bind-dyndb-ldap-11.5/src/ldap_convert.c Examining data/bind-dyndb-ldap-11.5/src/ldap_entry.c Examining data/bind-dyndb-ldap-11.5/src/ldap_helper.c Examining data/bind-dyndb-ldap-11.5/src/lock.c Examining data/bind-dyndb-ldap-11.5/src/log.c Examining data/bind-dyndb-ldap-11.5/src/metadb.c Examining data/bind-dyndb-ldap-11.5/src/mldap.c Examining data/bind-dyndb-ldap-11.5/src/rbt_helper.c Examining data/bind-dyndb-ldap-11.5/src/semaphore.c Examining data/bind-dyndb-ldap-11.5/src/settings.c Examining data/bind-dyndb-ldap-11.5/src/syncptr.c Examining data/bind-dyndb-ldap-11.5/src/syncrepl.c Examining data/bind-dyndb-ldap-11.5/src/str.c Examining data/bind-dyndb-ldap-11.5/src/zone.c Examining data/bind-dyndb-ldap-11.5/src/zone_register.c Examining data/bind-dyndb-ldap-11.5/src/krb5_helper.c Examining data/bind-dyndb-ldap-11.5/src/ldap_driver.c FINAL RESULTS: data/bind-dyndb-ldap-11.5/src/fs.c:51:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. ret = chmod(dir_name, dir_mode); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:583:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(settings_name, PRINT_BUFF_SIZE, data/bind-dyndb-ldap-11.5/src/ldap_helper.c:591:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(settings_name, PRINT_BUFF_SIZE, data/bind-dyndb-ldap-11.5/src/ldap_helper.c:657:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(settings_name, PRINT_BUFF_SIZE, data/bind-dyndb-ldap-11.5/src/ldap_helper.c:661:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(settings_name, PRINT_BUFF_SIZE, data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3372:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. s_len = snprintf(change[index].mod_values[0], MAX_SOANUM_LENGTH, \ data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4662:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. s_len = snprintf(filter, sizeof(filter), data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4668:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. s_len = snprintf(filter, sizeof(filter), data/bind-dyndb-ldap-11.5/src/settings.c:516:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_set->name, set_name); data/bind-dyndb-ldap-11.5/src/str.c:324:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(dest->data, dest->allocated, format, ap); data/bind-dyndb-ldap-11.5/src/str.c:327:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = vsnprintf(dest->data, dest->allocated, format, backup); data/bind-dyndb-ldap-11.5/src/zone_register.c:283:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(settings_name, PRINT_BUFF_SIZE, SETTING_SET_NAME_ZONE " %s", data/bind-dyndb-ldap-11.5/src/acl.c:317:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/empty_zones.c:307:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_char[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/empty_zones.c:308:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ezname_char[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/fs.c:21:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char msg_getcwd_failed[PATH_MAX] = "<getcwd() failed>"; data/bind-dyndb-ldap-11.5/src/fs.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_curr[PATH_MAX + 1] = ""; data/bind-dyndb-ldap-11.5/src/fs.c:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char curr_path[PATH_MAX + 1]; data/bind-dyndb-ldap-11.5/src/fs.c:106:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_curr[PATH_MAX + 1] = ""; data/bind-dyndb-ldap-11.5/src/ldap_convert.c:269:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(esc_name + esc_idx, dns_str + idx_symb_first, length_ok); data/bind-dyndb-ldap-11.5/src/ldap_convert.c:306:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(esc_name + esc_idx, dns_str + idx_symb_first, dns_idx - idx_symb_first); data/bind-dyndb-ldap-11.5/src/ldap_convert.c:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rdtype_str[DNS_RDATATYPE_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_convert.c:480:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof("\\# 65535")]; data/bind-dyndb-ldap-11.5/src/ldap_driver.c:506:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_entry.c:573:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uuid_buf[sizeof("01234567-89ab-cdef-0123-456789abcdef")]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:408:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char print_buff[PRINT_BUFF_SIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:511:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[HOST_NAME_MAX]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:564:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char settings_name[PRINT_BUFF_SIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:858:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bck_filename[PATH_MAX]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:944:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zone_name[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1008:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ldap_argv[1] = { inst->db_name }; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1009:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *rbt_argv[1] = { "rbt" }; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1012:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zone_name[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1387:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zone_name_char[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1564:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_txt[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1743:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serial_char[MAX_SERIAL_LENGTH]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:1744:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *values[2] = { serial_char, NULL }; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2707:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rdatamem.base, isc_buffer_base(&entry->rdata_target), data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3125:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_mods, mods, i * sizeof(LDAPMod *)); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3273:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vals[i], region.base, region.length); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3333:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vals[0], str_buf(ttlval), str_len(ttlval) + 1); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:3527:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char attr[LDAP_ATTR_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4463:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entryUUID_buf[16]; data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4650:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filter[1024]; data/bind-dyndb-ldap-11.5/src/mldap.c:169:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label_buf[sizeof("01234567-89ab-cdef-0123-456789abcdef") + 1]; data/bind-dyndb-ldap-11.5/src/mldap.c:200:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buff[sizeof(struct in6_addr)]; data/bind-dyndb-ldap-11.5/src/mldap.c:209:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buff, &class, sizeof(class)); data/bind-dyndb-ldap-11.5/src/mldap.c:233:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(classp, region.base, sizeof(*classp)); data/bind-dyndb-ldap-11.5/src/mldap.c:247:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buff[sizeof(mldap->generation)]; data/bind-dyndb-ldap-11.5/src/mldap.c:262:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buff, &generation, sizeof(generation)); data/bind-dyndb-ldap-11.5/src/mldap.c:285:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(generationp, region.base, sizeof(*generationp)); data/bind-dyndb-ldap-11.5/src/mldap.c:301:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char wirebuf[2 * DNS_NAME_MAXWIRE]; data/bind-dyndb-ldap-11.5/src/settings.c:513:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_set->first_setting, default_settings, default_set_length); data/bind-dyndb-ldap-11.5/src/str.c:81:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_buffer, str->data, str->allocated); data/bind-dyndb-ldap-11.5/src/str.c:224:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->data, src, len); data/bind-dyndb-ldap-11.5/src/str.c:258:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(from, src, src_size + 1); data/bind-dyndb-ldap-11.5/src/str.c:285:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(from, src, len); data/bind-dyndb-ldap-11.5/src/syncptr.c:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char a_name_str[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/syncptr.c:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip_str[INET6_ADDRSTRLEN + 1]; data/bind-dyndb-ldap-11.5/src/syncptr.c:223:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptr_name_str[DNS_NAME_FORMATSIZE + 1]; data/bind-dyndb-ldap-11.5/src/syncptr.c:226:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ptr_rdata_str[DNS_NAME_FORMATSIZE + 1]; data/bind-dyndb-ldap-11.5/src/syncptr.c:464:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char new_buf[DNS_NAME_MAXWIRE]; data/bind-dyndb-ldap-11.5/src/zone_register.c:213:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name_char[DNS_NAME_FORMATSIZE]; data/bind-dyndb-ldap-11.5/src/zone_register.c:266:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char settings_name[PRINT_BUFF_SIZE]; data/bind-dyndb-ldap-11.5/src/acl.c:152:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/bind-dyndb-ldap-11.5/src/acl.c:217:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). r.length = strlen(str); data/bind-dyndb-ldap-11.5/src/bindcfg.c:111:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string_len = strlen(string); data/bind-dyndb-ldap-11.5/src/empty_zones.c:173:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). isc_buffer_constinit(&buffer, ezchar, strlen(ezchar)); data/bind-dyndb-ldap-11.5/src/empty_zones.c:174:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). isc_buffer_add(&buffer, strlen(ezchar)); data/bind-dyndb-ldap-11.5/src/fs.c:35:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dir_curr, msg_getcwd_failed, sizeof(dir_curr)); data/bind-dyndb-ldap-11.5/src/fs.c:91:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(curr_path) > 0) data/bind-dyndb-ldap-11.5/src/fs.c:113:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dir_curr, msg_getcwd_failed, sizeof(dir_curr)); data/bind-dyndb-ldap-11.5/src/fwd.c:143:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_append_str(&tmp_buf, value->value, strlen(value->value)); data/bind-dyndb-ldap-11.5/src/krb5_helper.c:49:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(realm), realm, data/bind-dyndb-ldap-11.5/src/ldap_convert.c:250:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int dns_str_len = strlen(dns_str); data/bind-dyndb-ldap-11.5/src/ldap_convert.c:387:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(ldap_attribute); data/bind-dyndb-ldap-11.5/src/ldap_entry.c:395:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fake_mname) > 0) { data/bind-dyndb-ldap-11.5/src/ldap_entry.c:526:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ttl_text.length = strlen(ttl_text.base); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:413:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(inst->db_name) <= 0) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:421:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dir_default = (strlen(dir_name) == 0); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:485:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(bind_dn) != 0 || strlen(password) != 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:485:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(bind_dn) != 0 || strlen(password) != 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:492:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(bind_dn) == 0 || strlen(password) == 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:492:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(bind_dn) == 0 || strlen(password) == 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:499:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(sasl_realm) != 0 || strlen(sasl_user) != 0 || data/bind-dyndb-ldap-11.5/src/ldap_helper.c:499:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (strlen(sasl_realm) != 0 || strlen(sasl_user) != 0 || data/bind-dyndb-ldap-11.5/src/ldap_helper.c:500:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(sasl_password) != 0 || strlen(krb5_principal) != 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:500:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(sasl_password) != 0 || strlen(krb5_principal) != 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:509:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((krb5_principal == NULL) || (strlen(krb5_principal) == 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:510:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((sasl_user == NULL) || (strlen(sasl_user) == 0)) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:655:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(server_id) == 0) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:877:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). namelen = strlen(filename); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2688:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). text.length = strlen(text.base); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2748:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in->len = strlen(in->result); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2756:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in->len = strlen(in->result); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2764:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in->len = strlen(in->result); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2772:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). in->len = strlen(in->result); data/bind-dyndb-ldap-11.5/src/ldap_helper.c:2830:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(ldap_hostname) > 0) { data/bind-dyndb-ldap-11.5/src/ldap_helper.c:4661:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(server_id) == 0) { data/bind-dyndb-ldap-11.5/src/settings.c:288:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(value) + 1; data/bind-dyndb-ldap-11.5/src/settings.c:515:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). new_set->name = isc_mem_allocate(mctx, strlen(set_name) + 1); data/bind-dyndb-ldap-11.5/src/settings.c:692:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(parameters); data/bind-dyndb-ldap-11.5/src/str.c:107:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(str->data); data/bind-dyndb-ldap-11.5/src/str.c:222:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/bind-dyndb-ldap-11.5/src/str.c:251:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). src_size = strlen(src); data/bind-dyndb-ldap-11.5/src/syncptr.c:78:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned int length = strlen(str); data/bind-dyndb-ldap-11.5/src/syncptr.c:407:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ev->ip_str, ip_str, sizeof(ev->ip_str)); ANALYSIS SUMMARY: Hits = 107 Lines analyzed = 14961 in approximately 0.42 seconds (35276 lines/second) Physical Source Lines of Code (SLOC) = 10059 Hits@level = [0] 6 [1] 43 [2] 52 [3] 0 [4] 11 [5] 1 Hits@level+ = [0+] 113 [1+] 107 [2+] 64 [3+] 12 [4+] 12 [5+] 1 Hits/KSLOC@level+ = [0+] 11.2337 [1+] 10.6372 [2+] 6.36246 [3+] 1.19296 [4+] 1.19296 [5+] 0.0994135 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.