Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cfengine3-3.15.2/cf-upgrade/log.h
Examining data/cfengine3-3.15.2/cf-upgrade/command_line.h
Examining data/cfengine3-3.15.2/cf-upgrade/update.c
Examining data/cfengine3-3.15.2/cf-upgrade/update.h
Examining data/cfengine3-3.15.2/cf-upgrade/cf-upgrade.c
Examining data/cfengine3-3.15.2/cf-upgrade/configuration.c
Examining data/cfengine3-3.15.2/cf-upgrade/process.h
Examining data/cfengine3-3.15.2/cf-upgrade/alloc-mini.h
Examining data/cfengine3-3.15.2/cf-upgrade/log.c
Examining data/cfengine3-3.15.2/cf-upgrade/alloc-mini.c
Examining data/cfengine3-3.15.2/cf-upgrade/command_line.c
Examining data/cfengine3-3.15.2/cf-upgrade/process.c
Examining data/cfengine3-3.15.2/cf-upgrade/configuration.h
Examining data/cfengine3-3.15.2/cf-execd/execd-config.c
Examining data/cfengine3-3.15.2/cf-execd/cf-execd-runner.h
Examining data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c
Examining data/cfengine3-3.15.2/cf-execd/exec-config.c
Examining data/cfengine3-3.15.2/cf-execd/cf-execd.h
Examining data/cfengine3-3.15.2/cf-execd/exec-config.h
Examining data/cfengine3-3.15.2/cf-execd/execd-config.h
Examining data/cfengine3-3.15.2/cf-execd/cf-execd.c
Examining data/cfengine3-3.15.2/libpromises/vars.h
Examining data/cfengine3-3.15.2/libpromises/cf3lex.c
Examining data/cfengine3-3.15.2/libpromises/verify_classes.h
Examining data/cfengine3-3.15.2/libpromises/process_unix.c
Examining data/cfengine3-3.15.2/libpromises/monitoring_read.h
Examining data/cfengine3-3.15.2/libpromises/enterprise_extension.c
Examining data/cfengine3-3.15.2/libpromises/pipes.h
Examining data/cfengine3-3.15.2/libpromises/feature.h
Examining data/cfengine3-3.15.2/libpromises/mod_common.h
Examining data/cfengine3-3.15.2/libpromises/mod_environ.c
Examining data/cfengine3-3.15.2/libpromises/files_names.h
Examining data/cfengine3-3.15.2/libpromises/files_lib.h
Examining data/cfengine3-3.15.2/libpromises/cf3globals.c
Examining data/cfengine3-3.15.2/libpromises/pipes.c
Examining data/cfengine3-3.15.2/libpromises/shared_lib.h
Examining data/cfengine3-3.15.2/libpromises/vars.c
Examining data/cfengine3-3.15.2/libpromises/process_hpux.c
Examining data/cfengine3-3.15.2/libpromises/files_names.c
Examining data/cfengine3-3.15.2/libpromises/dbm_api.h
Examining data/cfengine3-3.15.2/libpromises/keyring.h
Examining data/cfengine3-3.15.2/libpromises/dbm_tokyocab.c
Examining data/cfengine3-3.15.2/libpromises/process_unix_stub.c
Examining data/cfengine3-3.15.2/libpromises/variable.c
Examining data/cfengine3-3.15.2/libpromises/mod_report.h
Examining data/cfengine3-3.15.2/libpromises/mod_common.c
Examining data/cfengine3-3.15.2/libpromises/mod_storage.h
Examining data/cfengine3-3.15.2/libpromises/mod_users.c
Examining data/cfengine3-3.15.2/libpromises/audit.h
Examining data/cfengine3-3.15.2/libpromises/mod_packages.c
Examining data/cfengine3-3.15.2/libpromises/mod_access.c
Examining data/cfengine3-3.15.2/libpromises/granules.c
Examining data/cfengine3-3.15.2/libpromises/expand.h
Examining data/cfengine3-3.15.2/libpromises/mod_databases.h
Examining data/cfengine3-3.15.2/libpromises/logic_expressions.c
Examining data/cfengine3-3.15.2/libpromises/mod_outputs.h
Examining data/cfengine3-3.15.2/libpromises/verify_vars.c
Examining data/cfengine3-3.15.2/libpromises/unix.h
Examining data/cfengine3-3.15.2/libpromises/match_scope.h
Examining data/cfengine3-3.15.2/libpromises/lastseen.h
Examining data/cfengine3-3.15.2/libpromises/promises.h
Examining data/cfengine3-3.15.2/libpromises/process_aix.c
Examining data/cfengine3-3.15.2/libpromises/evalfunction.h
Examining data/cfengine3-3.15.2/libpromises/shared_lib.c
Examining data/cfengine3-3.15.2/libpromises/item_lib.c
Examining data/cfengine3-3.15.2/libpromises/files_copy.c
Examining data/cfengine3-3.15.2/libpromises/mod_services.c
Examining data/cfengine3-3.15.2/libpromises/locks.h
Examining data/cfengine3-3.15.2/libpromises/dbm_migration.c
Examining data/cfengine3-3.15.2/libpromises/mod_process.h
Examining data/cfengine3-3.15.2/libpromises/logic_expressions.h
Examining data/cfengine3-3.15.2/libpromises/files_interfaces.h
Examining data/cfengine3-3.15.2/libpromises/mod_packages.h
Examining data/cfengine3-3.15.2/libpromises/parser.h
Examining data/cfengine3-3.15.2/libpromises/class.h
Examining data/cfengine3-3.15.2/libpromises/mod_methods.h
Examining data/cfengine3-3.15.2/libpromises/loading.h
Examining data/cfengine3-3.15.2/libpromises/mod_exec.c
Examining data/cfengine3-3.15.2/libpromises/syslog_client.h
Examining data/cfengine3-3.15.2/libpromises/eval_context.h
Examining data/cfengine3-3.15.2/libpromises/attributes.c
Examining data/cfengine3-3.15.2/libpromises/fncall.c
Examining data/cfengine3-3.15.2/libpromises/files_interfaces.c
Examining data/cfengine3-3.15.2/libpromises/signals.c
Examining data/cfengine3-3.15.2/libpromises/assoc.c
Examining data/cfengine3-3.15.2/libpromises/process_solaris.c
Examining data/cfengine3-3.15.2/libpromises/math_eval.c
Examining data/cfengine3-3.15.2/libpromises/bootstrap.c
Examining data/cfengine3-3.15.2/libpromises/ornaments.h
Examining data/cfengine3-3.15.2/libpromises/policy.h
Examining data/cfengine3-3.15.2/libpromises/modes.c
Examining data/cfengine3-3.15.2/libpromises/cf3.defs.h
Examining data/cfengine3-3.15.2/libpromises/acl_tools.h
Examining data/cfengine3-3.15.2/libpromises/instrumentation.h
Examining data/cfengine3-3.15.2/libpromises/iteration.h
Examining data/cfengine3-3.15.2/libpromises/class.c
Examining data/cfengine3-3.15.2/libpromises/mod_knowledge.h
Examining data/cfengine3-3.15.2/libpromises/generic_agent.c
Examining data/cfengine3-3.15.2/libpromises/dbm_migration.h
Examining data/cfengine3-3.15.2/libpromises/extensions.c
Examining data/cfengine3-3.15.2/libpromises/matching.h
Examining data/cfengine3-3.15.2/libpromises/syslog_client.c
Examining data/cfengine3-3.15.2/libpromises/timeout.h
Examining data/cfengine3-3.15.2/libpromises/mod_services.h
Examining data/cfengine3-3.15.2/libpromises/scope.c
Examining data/cfengine3-3.15.2/libpromises/parser.c
Examining data/cfengine3-3.15.2/libpromises/timeout.c
Examining data/cfengine3-3.15.2/libpromises/match_scope.c
Examining data/cfengine3-3.15.2/libpromises/parser_state.h
Examining data/cfengine3-3.15.2/libpromises/granules.h
Examining data/cfengine3-3.15.2/libpromises/scope.h
Examining data/cfengine3-3.15.2/libpromises/constants.c
Examining data/cfengine3-3.15.2/libpromises/dbm_quick.c
Examining data/cfengine3-3.15.2/libpromises/sort.c
Examining data/cfengine3-3.15.2/libpromises/audit.c
Examining data/cfengine3-3.15.2/libpromises/files_lib.c
Examining data/cfengine3-3.15.2/libpromises/unix.c
Examining data/cfengine3-3.15.2/libpromises/mod_users.h
Examining data/cfengine3-3.15.2/libpromises/exec_tools.h
Examining data/cfengine3-3.15.2/libpromises/matching.c
Examining data/cfengine3-3.15.2/libpromises/actuator.h
Examining data/cfengine3-3.15.2/libpromises/assoc.h
Examining data/cfengine3-3.15.2/libpromises/process_lib.h
Examining data/cfengine3-3.15.2/libpromises/mod_files.h
Examining data/cfengine3-3.15.2/libpromises/process_linux.c
Examining data/cfengine3-3.15.2/libpromises/var_expressions.h
Examining data/cfengine3-3.15.2/libpromises/mod_methods.c
Examining data/cfengine3-3.15.2/libpromises/verify_reports.c
Examining data/cfengine3-3.15.2/libpromises/mod_knowledge.c
Examining data/cfengine3-3.15.2/libpromises/locks.c
Examining data/cfengine3-3.15.2/libpromises/systype.h
Examining data/cfengine3-3.15.2/libpromises/mod_databases.c
Examining data/cfengine3-3.15.2/libpromises/files_copy.h
Examining data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c
Examining data/cfengine3-3.15.2/libpromises/verify_vars.h
Examining data/cfengine3-3.15.2/libpromises/promises.c
Examining data/cfengine3-3.15.2/libpromises/systype.c
Examining data/cfengine3-3.15.2/libpromises/eval_context.c
Examining data/cfengine3-3.15.2/libpromises/mod_environ.h
Examining data/cfengine3-3.15.2/libpromises/lastseen.c
Examining data/cfengine3-3.15.2/libpromises/verify_classes.c
Examining data/cfengine3-3.15.2/libpromises/dbm_api.c
Examining data/cfengine3-3.15.2/libpromises/mod_report.c
Examining data/cfengine3-3.15.2/libpromises/ornaments.c
Examining data/cfengine3-3.15.2/libpromises/mod_access.h
Examining data/cfengine3-3.15.2/libpromises/processes_select.c
Examining data/cfengine3-3.15.2/libpromises/string_expressions.c
Examining data/cfengine3-3.15.2/libpromises/crypto.c
Examining data/cfengine3-3.15.2/libpromises/mod_storage.c
Examining data/cfengine3-3.15.2/libpromises/crypto.h
Examining data/cfengine3-3.15.2/libpromises/feature.c
Examining data/cfengine3-3.15.2/libpromises/loading.c
Examining data/cfengine3-3.15.2/libpromises/global_mutex.h
Examining data/cfengine3-3.15.2/libpromises/mod_measurement.h
Examining data/cfengine3-3.15.2/libpromises/mod_measurement.c
Examining data/cfengine3-3.15.2/libpromises/generic_agent.h
Examining data/cfengine3-3.15.2/libpromises/signals.h
Examining data/cfengine3-3.15.2/libpromises/iteration.c
Examining data/cfengine3-3.15.2/libpromises/process_unix_priv.h
Examining data/cfengine3-3.15.2/libpromises/processes_select.h
Examining data/cfengine3-3.15.2/libpromises/patches.c
Examining data/cfengine3-3.15.2/libpromises/syntax.h
Examining data/cfengine3-3.15.2/libpromises/cf3.extern.h
Examining data/cfengine3-3.15.2/libpromises/pipes_unix.c
Examining data/cfengine3-3.15.2/libpromises/mod_outputs.c
Examining data/cfengine3-3.15.2/libpromises/mod_process.c
Examining data/cfengine3-3.15.2/libpromises/rlist.c
Examining data/cfengine3-3.15.2/libpromises/expand.c
Examining data/cfengine3-3.15.2/libpromises/variable.h
Examining data/cfengine3-3.15.2/libpromises/item_lib.h
Examining data/cfengine3-3.15.2/libpromises/sort.h
Examining data/cfengine3-3.15.2/libpromises/keyring.c
Examining data/cfengine3-3.15.2/libpromises/math_eval.h
Examining data/cfengine3-3.15.2/libpromises/evalfunction.c
Examining data/cfengine3-3.15.2/libpromises/dbm_priv.h
Examining data/cfengine3-3.15.2/libpromises/enterprise_stubs.c
Examining data/cfengine3-3.15.2/libpromises/extensions.h
Examining data/cfengine3-3.15.2/libpromises/conversion.h
Examining data/cfengine3-3.15.2/libpromises/process_freebsd.c
Examining data/cfengine3-3.15.2/libpromises/storage_tools.c
Examining data/cfengine3-3.15.2/libpromises/attributes.h
Examining data/cfengine3-3.15.2/libpromises/var_expressions.c
Examining data/cfengine3-3.15.2/libpromises/bootstrap.h
Examining data/cfengine3-3.15.2/libpromises/mod_files.c
Examining data/cfengine3-3.15.2/libpromises/conversion.c
Examining data/cfengine3-3.15.2/libpromises/exec_tools.c
Examining data/cfengine3-3.15.2/libpromises/dbm_lmdb.c
Examining data/cfengine3-3.15.2/libpromises/string_expressions.h
Examining data/cfengine3-3.15.2/libpromises/enterprise_extension.h
Examining data/cfengine3-3.15.2/libpromises/fncall.h
Examining data/cfengine3-3.15.2/libpromises/mod_exec.h
Examining data/cfengine3-3.15.2/libpromises/chflags.c
Examining data/cfengine3-3.15.2/libpromises/actuator.c
Examining data/cfengine3-3.15.2/libpromises/prototypes3.h
Examining data/cfengine3-3.15.2/libpromises/policy.c
Examining data/cfengine3-3.15.2/libpromises/monitoring_read.c
Examining data/cfengine3-3.15.2/libpromises/cf3parse.c
Examining data/cfengine3-3.15.2/libpromises/syntax.c
Examining data/cfengine3-3.15.2/libpromises/acl_tools_posix.c
Examining data/cfengine3-3.15.2/libpromises/chflags.h
Examining data/cfengine3-3.15.2/libpromises/instrumentation.c
Examining data/cfengine3-3.15.2/libpromises/cf-windows-functions.h
Examining data/cfengine3-3.15.2/libpromises/global_mutex.c
Examining data/cfengine3-3.15.2/libpromises/rlist.h
Examining data/cfengine3-3.15.2/libpromises/cf3parse.h
Examining data/cfengine3-3.15.2/cf-promises/cf-promises.c
Examining data/cfengine3-3.15.2/cf-check/repair.c
Examining data/cfengine3-3.15.2/cf-check/dump.c
Examining data/cfengine3-3.15.2/cf-check/cf-check.c
Examining data/cfengine3-3.15.2/cf-check/utilities.c
Examining data/cfengine3-3.15.2/cf-check/db_structs.h
Examining data/cfengine3-3.15.2/cf-check/replicate_lmdb.c
Examining data/cfengine3-3.15.2/cf-check/lmdump.h
Examining data/cfengine3-3.15.2/cf-check/dump.h
Examining data/cfengine3-3.15.2/cf-check/validate.h
Examining data/cfengine3-3.15.2/cf-check/diagnose.h
Examining data/cfengine3-3.15.2/cf-check/replicate_lmdb.h
Examining data/cfengine3-3.15.2/cf-check/validate.c
Examining data/cfengine3-3.15.2/cf-check/repair.h
Examining data/cfengine3-3.15.2/cf-check/backup.h
Examining data/cfengine3-3.15.2/cf-check/utilities.h
Examining data/cfengine3-3.15.2/cf-check/backup.c
Examining data/cfengine3-3.15.2/cf-check/lmdump.c
Examining data/cfengine3-3.15.2/cf-check/diagnose.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/threaded_stack_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/csv_writer_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/csv_parser_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/stack_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/set_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/ring_buffer_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/file_writer_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/path_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/cleanup_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/xml_writer_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/alloc_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/test.h
Examining data/cfengine3-3.15.2/libntech/tests/unit/rb-tree-test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/list_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/cmockery.h
Examining data/cfengine3-3.15.2/libntech/tests/unit/version_comparison_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/gcov-stub.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/queue_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/file_lock_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/map_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/threaded_queue_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/schema.h
Examining data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/threaded_deque_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/json_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/refcount_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/thread_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/string_writer_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/logging_timestamp_test.c
Examining data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c
Examining data/cfengine3-3.15.2/libntech/libutils/threaded_stack.c
Examining data/cfengine3-3.15.2/libntech/libutils/cleanup.h
Examining data/cfengine3-3.15.2/libntech/libutils/ring_buffer.c
Examining data/cfengine3-3.15.2/libntech/libutils/list.c
Examining data/cfengine3-3.15.2/libntech/libutils/map.h
Examining data/cfengine3-3.15.2/libntech/libutils/set.h
Examining data/cfengine3-3.15.2/libntech/libutils/mutex.c
Examining data/cfengine3-3.15.2/libntech/libutils/set.c
Examining data/cfengine3-3.15.2/libntech/libutils/platform.h
Examining data/cfengine3-3.15.2/libntech/libutils/csv_parser.c
Examining data/cfengine3-3.15.2/libntech/libutils/hash_map.c
Examining data/cfengine3-3.15.2/libntech/libutils/buffer.h
Examining data/cfengine3-3.15.2/libntech/libutils/proc_keyvalue.c
Examining data/cfengine3-3.15.2/libntech/libutils/ip_address.c
Examining data/cfengine3-3.15.2/libntech/libutils/array_map_priv.h
Examining data/cfengine3-3.15.2/libntech/libutils/man.h
Examining data/cfengine3-3.15.2/libntech/libutils/alloc.h
Examining data/cfengine3-3.15.2/libntech/libutils/ring_buffer.h
Examining data/cfengine3-3.15.2/libntech/libutils/version_comparison.c
Examining data/cfengine3-3.15.2/libntech/libutils/logging.c
Examining data/cfengine3-3.15.2/libntech/libutils/unicode.h
Examining data/cfengine3-3.15.2/libntech/libutils/unix_dir.c
Examining data/cfengine3-3.15.2/libntech/libutils/dir_priv.h
Examining data/cfengine3-3.15.2/libntech/libutils/encode.c
Examining data/cfengine3-3.15.2/libntech/libutils/csv_writer.c
Examining data/cfengine3-3.15.2/libntech/libutils/hash_map_priv.h
Examining data/cfengine3-3.15.2/libntech/libutils/dir.h
Examining data/cfengine3-3.15.2/libntech/libutils/alloc.c
Examining data/cfengine3-3.15.2/libntech/libutils/misc_lib.c
Examining data/cfengine3-3.15.2/libntech/libutils/libcrypto-compat.c
Examining data/cfengine3-3.15.2/libntech/libutils/array_map.c
Examining data/cfengine3-3.15.2/libntech/libutils/json-utils.c
Examining data/cfengine3-3.15.2/libntech/libutils/passopenfile.c
Examining data/cfengine3-3.15.2/libntech/libutils/logging_priv.h
Examining data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.h
Examining data/cfengine3-3.15.2/libntech/libutils/stack.c
Examining data/cfengine3-3.15.2/libntech/libutils/statistics.c
Examining data/cfengine3-3.15.2/libntech/libutils/sequence.c
Examining data/cfengine3-3.15.2/libntech/libutils/known_dirs.h
Examining data/cfengine3-3.15.2/libntech/libutils/mustache.h
Examining data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c
Examining data/cfengine3-3.15.2/libntech/libutils/condition_macros.h
Examining data/cfengine3-3.15.2/libntech/libutils/xml_writer.c
Examining data/cfengine3-3.15.2/libntech/libutils/cleanup.c
Examining data/cfengine3-3.15.2/libntech/libutils/logging.h
Examining data/cfengine3-3.15.2/libntech/libutils/proc_keyvalue.h
Examining data/cfengine3-3.15.2/libntech/libutils/json-yaml.c
Examining data/cfengine3-3.15.2/libntech/libutils/string_sequence.h
Examining data/cfengine3-3.15.2/libntech/libutils/known_dirs.c
Examining data/cfengine3-3.15.2/libntech/libutils/json-priv.h
Examining data/cfengine3-3.15.2/libntech/libutils/refcount.c
Examining data/cfengine3-3.15.2/libntech/libutils/version_comparison.h
Examining data/cfengine3-3.15.2/libntech/libutils/map_common.h
Examining data/cfengine3-3.15.2/libntech/libutils/string_sequence.c
Examining data/cfengine3-3.15.2/libntech/libutils/compiler.h
Examining data/cfengine3-3.15.2/libntech/libutils/stack_base.c
Examining data/cfengine3-3.15.2/libntech/libutils/path.h
Examining data/cfengine3-3.15.2/libntech/libutils/sequence.h
Examining data/cfengine3-3.15.2/libntech/libutils/file_lib.h
Examining data/cfengine3-3.15.2/libntech/libutils/hash.h
Examining data/cfengine3-3.15.2/libntech/libutils/csv_parser.h
Examining data/cfengine3-3.15.2/libntech/libutils/libcrypto-compat.h
Examining data/cfengine3-3.15.2/libntech/libutils/json.h
Examining data/cfengine3-3.15.2/libntech/libutils/threaded_queue.c
Examining data/cfengine3-3.15.2/libntech/libutils/path.c
Examining data/cfengine3-3.15.2/libntech/libutils/mutex.h
Examining data/cfengine3-3.15.2/libntech/libutils/refcount.h
Examining data/cfengine3-3.15.2/libntech/libutils/queue.h
Examining data/cfengine3-3.15.2/libntech/libutils/threaded_deque.c
Examining data/cfengine3-3.15.2/libntech/libutils/mustache.c
Examining data/cfengine3-3.15.2/libntech/libutils/json-utils.h
Examining data/cfengine3-3.15.2/libntech/libutils/writer.h
Examining data/cfengine3-3.15.2/libntech/libutils/deprecated.h
Examining data/cfengine3-3.15.2/libntech/libutils/queue.c
Examining data/cfengine3-3.15.2/libntech/libutils/unicode.c
Examining data/cfengine3-3.15.2/libntech/libutils/regex.c
Examining data/cfengine3-3.15.2/libntech/libutils/json.c
Examining data/cfengine3-3.15.2/libntech/libutils/regex.h
Examining data/cfengine3-3.15.2/libntech/libutils/xml_writer.h
Examining data/cfengine3-3.15.2/libntech/libutils/map.c
Examining data/cfengine3-3.15.2/libntech/libutils/printsize.h
Examining data/cfengine3-3.15.2/libntech/libutils/rb-tree.h
Examining data/cfengine3-3.15.2/libntech/libutils/stack.h
Examining data/cfengine3-3.15.2/libntech/libutils/buffer.c
Examining data/cfengine3-3.15.2/libntech/libutils/csv_writer.h
Examining data/cfengine3-3.15.2/libntech/libutils/ip_address.h
Examining data/cfengine3-3.15.2/libntech/libutils/json-yaml.h
Examining data/cfengine3-3.15.2/libntech/libutils/threaded_queue.h
Examining data/cfengine3-3.15.2/libntech/libutils/encode.h
Examining data/cfengine3-3.15.2/libntech/libutils/list.h
Examining data/cfengine3-3.15.2/libntech/libutils/statistics.h
Examining data/cfengine3-3.15.2/libntech/libutils/passopenfile.h
Examining data/cfengine3-3.15.2/libntech/libutils/misc_lib.h
Examining data/cfengine3-3.15.2/libntech/libutils/rb-tree.c
Examining data/cfengine3-3.15.2/libntech/libutils/hash.c
Examining data/cfengine3-3.15.2/libntech/libutils/definitions.h
Examining data/cfengine3-3.15.2/libntech/libutils/threaded_deque.h
Examining data/cfengine3-3.15.2/libntech/libutils/hash_method.h
Examining data/cfengine3-3.15.2/libntech/libutils/string_lib.h
Examining data/cfengine3-3.15.2/libntech/libutils/string_lib.c
Examining data/cfengine3-3.15.2/libntech/libutils/threaded_stack.h
Examining data/cfengine3-3.15.2/libntech/libutils/file_lib.c
Examining data/cfengine3-3.15.2/libntech/libutils/writer.c
Examining data/cfengine3-3.15.2/libntech/libutils/man.c
Examining data/cfengine3-3.15.2/libntech/libcompat/getopt.h
Examining data/cfengine3-3.15.2/libntech/libcompat/srand48.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strdup.c
Examining data/cfengine3-3.15.2/libntech/libcompat/getopt.c
Examining data/cfengine3-3.15.2/libntech/libcompat/pthread_sigmask.c
Examining data/cfengine3-3.15.2/libntech/libcompat/closefrom.c
Examining data/cfengine3-3.15.2/libntech/libcompat/memmem.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strndup.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strcasestr.c
Examining data/cfengine3-3.15.2/libntech/libcompat/fchownat.c
Examining data/cfengine3-3.15.2/libntech/libcompat/memrchr.c
Examining data/cfengine3-3.15.2/libntech/libcompat/localtime_r.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strstr.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strnlen.c
Examining data/cfengine3-3.15.2/libntech/libcompat/snprintf.c
Examining data/cfengine3-3.15.2/libntech/libcompat/rpl_ctime.c
Examining data/cfengine3-3.15.2/libntech/libcompat/readlinkat.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strlcat.c
Examining data/cfengine3-3.15.2/libntech/libcompat/fchmodat.c
Examining data/cfengine3-3.15.2/libntech/libcompat/gmtime_r.c
Examining data/cfengine3-3.15.2/libntech/libcompat/openat.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strsep.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strcasecmp.c
Examining data/cfengine3-3.15.2/libntech/libcompat/drand48.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strlcpy.c
Examining data/cfengine3-3.15.2/libntech/libcompat/generic_at.h
Examining data/cfengine3-3.15.2/libntech/libcompat/getline.c
Examining data/cfengine3-3.15.2/libntech/libcompat/generic_at.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strncasecmp.c
Examining data/cfengine3-3.15.2/libntech/libcompat/getopt1.c
Examining data/cfengine3-3.15.2/libntech/libcompat/getaddrinfo.c
Examining data/cfengine3-3.15.2/libntech/libcompat/clock_gettime.c
Examining data/cfengine3-3.15.2/libntech/libcompat/dirfd.c
Examining data/cfengine3-3.15.2/libntech/libcompat/log2.c
Examining data/cfengine3-3.15.2/libntech/libcompat/round.c
Examining data/cfengine3-3.15.2/libntech/libcompat/memdup.c
Examining data/cfengine3-3.15.2/libntech/libcompat/stpncpy.c
Examining data/cfengine3-3.15.2/libntech/libcompat/inet_pton.c
Examining data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strrstr.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strsignal.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strerror.c
Examining data/cfengine3-3.15.2/libntech/libcompat/strchrnul.c
Examining data/cfengine3-3.15.2/libntech/libcompat/mkdtemp.c
Examining data/cfengine3-3.15.2/libntech/libcompat/seteuid.c
Examining data/cfengine3-3.15.2/libntech/libcompat/pthread_attr_setstacksize.c
Examining data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c
Examining data/cfengine3-3.15.2/libntech/libcompat/setlinebuf.c
Examining data/cfengine3-3.15.2/libntech/libcompat/fstatat.c
Examining data/cfengine3-3.15.2/libntech/libcompat/unsetenv.c
Examining data/cfengine3-3.15.2/libntech/libcompat/nanosleep.c
Examining data/cfengine3-3.15.2/libenv/zones.h
Examining data/cfengine3-3.15.2/libenv/sysinfo_priv.h
Examining data/cfengine3-3.15.2/libenv/unix_iface.c
Examining data/cfengine3-3.15.2/libenv/time_classes.h
Examining data/cfengine3-3.15.2/libenv/constants.h
Examining data/cfengine3-3.15.2/libenv/constants.c
Examining data/cfengine3-3.15.2/libenv/sysinfo.c
Examining data/cfengine3-3.15.2/libenv/time_classes.c
Examining data/cfengine3-3.15.2/libenv/zones.c
Examining data/cfengine3-3.15.2/libenv/sysinfo.h
Examining data/cfengine3-3.15.2/ext/rpmvercmp.c
Examining data/cfengine3-3.15.2/cf-key/cf-key.c
Examining data/cfengine3-3.15.2/cf-key/cf-key-functions.h
Examining data/cfengine3-3.15.2/cf-key/cf-key-functions.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_cpu.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_cumulative.c
Examining data/cfengine3-3.15.2/cf-monitord/shared_kstat.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_mem_solaris.c
Examining data/cfengine3-3.15.2/cf-monitord/history.h
Examining data/cfengine3-3.15.2/cf-monitord/mon_mem_linux.c
Examining data/cfengine3-3.15.2/cf-monitord/history.c
Examining data/cfengine3-3.15.2/cf-monitord/mon.h
Examining data/cfengine3-3.15.2/cf-monitord/probes.h
Examining data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_load.c
Examining data/cfengine3-3.15.2/cf-monitord/cf-monitord.c
Examining data/cfengine3-3.15.2/cf-monitord/monitoring.h
Examining data/cfengine3-3.15.2/cf-monitord/mon_entropy.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_io_stub.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_temp.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_disk.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_processes.c
Examining data/cfengine3-3.15.2/cf-monitord/monitoring.c
Examining data/cfengine3-3.15.2/cf-monitord/shared_kstat.h
Examining data/cfengine3-3.15.2/cf-monitord/env_monitor.c
Examining data/cfengine3-3.15.2/cf-monitord/verify_measurements.h
Examining data/cfengine3-3.15.2/cf-monitord/mon_cumulative.h
Examining data/cfengine3-3.15.2/cf-monitord/mon_network.c
Examining data/cfengine3-3.15.2/cf-monitord/mon_mem_stub.c
Examining data/cfengine3-3.15.2/cf-monitord/probes.c
Examining data/cfengine3-3.15.2/cf-monitord/env_monitor.h
Examining data/cfengine3-3.15.2/cf-monitord/verify_measurements.c
Examining data/cfengine3-3.15.2/cf-testd/cf-testd.c
Examining data/cfengine3-3.15.2/cf-runagent/cf-runagent.c
Examining data/cfengine3-3.15.2/cf-serverd/server_common.h
Examining data/cfengine3-3.15.2/cf-serverd/server_classic.h
Examining data/cfengine3-3.15.2/cf-serverd/server.h
Examining data/cfengine3-3.15.2/cf-serverd/strlist.h
Examining data/cfengine3-3.15.2/cf-serverd/server_access.h
Examining data/cfengine3-3.15.2/cf-serverd/cf-serverd-functions.c
Examining data/cfengine3-3.15.2/cf-serverd/server.c
Examining data/cfengine3-3.15.2/cf-serverd/server_transform.c
Examining data/cfengine3-3.15.2/cf-serverd/server_transform.h
Examining data/cfengine3-3.15.2/cf-serverd/cf-serverd.c
Examining data/cfengine3-3.15.2/cf-serverd/strlist.c
Examining data/cfengine3-3.15.2/cf-serverd/cf-serverd-functions.h
Examining data/cfengine3-3.15.2/cf-serverd/server_tls.h
Examining data/cfengine3-3.15.2/cf-serverd/cf-serverd-enterprise-stubs.h
Examining data/cfengine3-3.15.2/cf-serverd/server_common.c
Examining data/cfengine3-3.15.2/cf-serverd/server_access.c
Examining data/cfengine3-3.15.2/cf-serverd/server_tls.c
Examining data/cfengine3-3.15.2/cf-serverd/server_classic.c
Examining data/cfengine3-3.15.2/cf-serverd/cf-serverd-enterprise-stubs.c
Examining data/cfengine3-3.15.2/tests/unit/solaris_process_test.c
Examining data/cfengine3-3.15.2/tests/unit/parser_test.c
Examining data/cfengine3-3.15.2/tests/unit/syntax_test.c
Examining data/cfengine3-3.15.2/tests/unit/item_lib_test.c
Examining data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c
Examining data/cfengine3-3.15.2/tests/unit/process_terminate_unix_test.c
Examining data/cfengine3-3.15.2/tests/unit/aix_process_test.c
Examining data/cfengine3-3.15.2/tests/unit/policy_server_test.c
Examining data/cfengine3-3.15.2/tests/unit/db_stubs.c
Examining data/cfengine3-3.15.2/tests/unit/parsemode_test.c
Examining data/cfengine3-3.15.2/tests/unit/generic_agent_test.c
Examining data/cfengine3-3.15.2/tests/unit/granules_test.c
Examining data/cfengine3-3.15.2/tests/unit/item_test.c
Examining data/cfengine3-3.15.2/tests/unit/enterprise_extension_test_lib.c
Examining data/cfengine3-3.15.2/tests/unit/split_process_line_test.c
Examining data/cfengine3-3.15.2/tests/unit/arg_split_test.c
Examining data/cfengine3-3.15.2/tests/unit/evalfunction_test.c
Examining data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c
Examining data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c
Examining data/cfengine3-3.15.2/tests/unit/passopenfile_test.c
Examining data/cfengine3-3.15.2/tests/unit/package_versions_compare_test.c
Examining data/cfengine3-3.15.2/tests/unit/iteration_test.c
Examining data/cfengine3-3.15.2/tests/unit/avahi_config_test.c
Examining data/cfengine3-3.15.2/tests/unit/file_name_test.c
Examining data/cfengine3-3.15.2/tests/unit/addr_lib_test.c
Examining data/cfengine3-3.15.2/tests/unit/connection_management_test.c
Examining data/cfengine3-3.15.2/tests/unit/test.c
Examining data/cfengine3-3.15.2/tests/unit/var_expressions_test.c
Examining data/cfengine3-3.15.2/tests/unit/mustache_test.c
Examining data/cfengine3-3.15.2/tests/unit/new_packages_promise_test.c
Examining data/cfengine3-3.15.2/tests/unit/key_test.c
Examining data/cfengine3-3.15.2/tests/unit/conversion_test.c
Examining data/cfengine3-3.15.2/tests/unit/scope_test.c
Examining data/cfengine3-3.15.2/tests/unit/test.h
Examining data/cfengine3-3.15.2/tests/unit/cmockery.h
Examining data/cfengine3-3.15.2/tests/unit/mon_cpu_test.c
Examining data/cfengine3-3.15.2/tests/unit/variable_test.c
Examining data/cfengine3-3.15.2/tests/unit/exec-config-test.c
Examining data/cfengine3-3.15.2/tests/unit/nfs_test.c
Examining data/cfengine3-3.15.2/tests/unit/linux_process_test.c
Examining data/cfengine3-3.15.2/tests/unit/changes_migration_test.c
Examining data/cfengine3-3.15.2/tests/unit/mon_processes_test.c
Examining data/cfengine3-3.15.2/tests/unit/rlist_test.c
Examining data/cfengine3-3.15.2/tests/unit/findhub_test.c
Examining data/cfengine3-3.15.2/tests/unit/expand_test.c
Examining data/cfengine3-3.15.2/tests/unit/redirection_test.c
Examining data/cfengine3-3.15.2/tests/unit/schema.h
Examining data/cfengine3-3.15.2/tests/unit/domainname_test.c
Examining data/cfengine3-3.15.2/tests/unit/db_test.c
Examining data/cfengine3-3.15.2/tests/unit/regex_test.c
Examining data/cfengine3-3.15.2/tests/unit/sysinfo_test.c
Examining data/cfengine3-3.15.2/tests/unit/eval_context_test.c
Examining data/cfengine3-3.15.2/tests/unit/cf_upgrade_test.c
Examining data/cfengine3-3.15.2/tests/unit/protocol_test.c
Examining data/cfengine3-3.15.2/tests/unit/cmockery.c
Examining data/cfengine3-3.15.2/tests/unit/sort_test.c
Examining data/cfengine3-3.15.2/tests/unit/strlist_test.c
Examining data/cfengine3-3.15.2/tests/unit/files_lib_test.c
Examining data/cfengine3-3.15.2/tests/unit/lastseen_test.c
Examining data/cfengine3-3.15.2/tests/unit/assoc_test.c
Examining data/cfengine3-3.15.2/tests/unit/process_test.c
Examining data/cfengine3-3.15.2/tests/unit/mon_load_test.c
Examining data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c
Examining data/cfengine3-3.15.2/tests/unit/persistent_lock_test.c
Examining data/cfengine3-3.15.2/tests/unit/crypto_symmetric_test.c
Examining data/cfengine3-3.15.2/tests/unit/files_copy_test.c
Examining data/cfengine3-3.15.2/tests/unit/enterprise_extension_test.c
Examining data/cfengine3-3.15.2/tests/unit/redirection_test_stub.c
Examining data/cfengine3-3.15.2/tests/unit/set_domainname_test.c
Examining data/cfengine3-3.15.2/tests/unit/class_test.c
Examining data/cfengine3-3.15.2/tests/unit/string_expressions_test.c
Examining data/cfengine3-3.15.2/tests/unit/policy_test.c
Examining data/cfengine3-3.15.2/tests/unit/matching_test.c
Examining data/cfengine3-3.15.2/tests/unit/logging_test.c
Examining data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/027.c
Examining data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/staging/028.c
Examining data/cfengine3-3.15.2/tests/acceptance/xml-c14nize.c
Examining data/cfengine3-3.15.2/tests/acceptance/no_fds.c
Examining data/cfengine3-3.15.2/tests/acceptance/25_cf-execd/cf-execd-rpl-functions.c
Examining data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c
Examining data/cfengine3-3.15.2/tests/load/lastseen_load.c
Examining data/cfengine3-3.15.2/tests/load/db_load.c
Examining data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c
Examining data/cfengine3-3.15.2/cf-agent/package_module.h
Examining data/cfengine3-3.15.2/cf-agent/verify_methods.c
Examining data/cfengine3-3.15.2/cf-agent/findhub.c
Examining data/cfengine3-3.15.2/cf-agent/verify_users.h
Examining data/cfengine3-3.15.2/cf-agent/files_editxml.c
Examining data/cfengine3-3.15.2/cf-agent/findhub_priv.h
Examining data/cfengine3-3.15.2/cf-agent/verify_environments.h
Examining data/cfengine3-3.15.2/cf-agent/verify_acl.c
Examining data/cfengine3-3.15.2/cf-agent/files_operators.c
Examining data/cfengine3-3.15.2/cf-agent/files_links.c
Examining data/cfengine3-3.15.2/cf-agent/files_select.c
Examining data/cfengine3-3.15.2/cf-agent/vercmp.h
Examining data/cfengine3-3.15.2/cf-agent/nfs.c
Examining data/cfengine3-3.15.2/cf-agent/findhub.h
Examining data/cfengine3-3.15.2/cf-agent/verify_methods.h
Examining data/cfengine3-3.15.2/cf-agent/load_avahi.c
Examining data/cfengine3-3.15.2/cf-agent/files_repository.c
Examining data/cfengine3-3.15.2/cf-agent/files_properties.h
Examining data/cfengine3-3.15.2/cf-agent/verify_storage.c
Examining data/cfengine3-3.15.2/cf-agent/cf-agent.c
Examining data/cfengine3-3.15.2/cf-agent/verify_files_hashes.h
Examining data/cfengine3-3.15.2/cf-agent/agent-diagnostics.h
Examining data/cfengine3-3.15.2/cf-agent/verify_packages.h
Examining data/cfengine3-3.15.2/cf-agent/verify_files_utils.c
Examining data/cfengine3-3.15.2/cf-agent/verify_files_utils.h
Examining data/cfengine3-3.15.2/cf-agent/verify_storage.h
Examining data/cfengine3-3.15.2/cf-agent/comparray.h
Examining data/cfengine3-3.15.2/cf-agent/verify_databases.c
Examining data/cfengine3-3.15.2/cf-agent/package_module.c
Examining data/cfengine3-3.15.2/cf-agent/tokyo_check.h
Examining data/cfengine3-3.15.2/cf-agent/abstract_dir.h
Examining data/cfengine3-3.15.2/cf-agent/retcode.h
Examining data/cfengine3-3.15.2/cf-agent/abstract_dir.c
Examining data/cfengine3-3.15.2/cf-agent/verify_acl.h
Examining data/cfengine3-3.15.2/cf-agent/verify_new_packages.c
Examining data/cfengine3-3.15.2/cf-agent/files_editxml.h
Examining data/cfengine3-3.15.2/cf-agent/acl_posix.h
Examining data/cfengine3-3.15.2/cf-agent/verify_exec.h
Examining data/cfengine3-3.15.2/cf-agent/verify_databases.h
Examining data/cfengine3-3.15.2/cf-agent/verify_files_hashes.c
Examining data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.c
Examining data/cfengine3-3.15.2/cf-agent/nfs.h
Examining data/cfengine3-3.15.2/cf-agent/agent-diagnostics.c
Examining data/cfengine3-3.15.2/cf-agent/files_links.h
Examining data/cfengine3-3.15.2/cf-agent/vercmp.c
Examining data/cfengine3-3.15.2/cf-agent/files_operators.h
Examining data/cfengine3-3.15.2/cf-agent/verify_files.h
Examining data/cfengine3-3.15.2/cf-agent/verify_services.c
Examining data/cfengine3-3.15.2/cf-agent/vercmp_internal.h
Examining data/cfengine3-3.15.2/cf-agent/verify_packages.c
Examining data/cfengine3-3.15.2/cf-agent/verify_users_stub.c
Examining data/cfengine3-3.15.2/cf-agent/files_editline.h
Examining data/cfengine3-3.15.2/cf-agent/retcode.c
Examining data/cfengine3-3.15.2/cf-agent/verify_environments.c
Examining data/cfengine3-3.15.2/cf-agent/verify_files.c
Examining data/cfengine3-3.15.2/cf-agent/files_editline.c
Examining data/cfengine3-3.15.2/cf-agent/tokyo_check.c
Examining data/cfengine3-3.15.2/cf-agent/cf-agent-enterprise-stubs.h
Examining data/cfengine3-3.15.2/cf-agent/files_changes.c
Examining data/cfengine3-3.15.2/cf-agent/files_edit.c
Examining data/cfengine3-3.15.2/cf-agent/files_repository.h
Examining data/cfengine3-3.15.2/cf-agent/files_properties.c
Examining data/cfengine3-3.15.2/cf-agent/verify_users.c
Examining data/cfengine3-3.15.2/cf-agent/verify_processes.c
Examining data/cfengine3-3.15.2/cf-agent/vercmp_internal.c
Examining data/cfengine3-3.15.2/cf-agent/verify_services.h
Examining data/cfengine3-3.15.2/cf-agent/acl_posix.c
Examining data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.h
Examining data/cfengine3-3.15.2/cf-agent/cf-agent-windows-functions.h
Examining data/cfengine3-3.15.2/cf-agent/cf_sql.c
Examining data/cfengine3-3.15.2/cf-agent/files_select.h
Examining data/cfengine3-3.15.2/cf-agent/verify_new_packages.h
Examining data/cfengine3-3.15.2/cf-agent/files_changes.h
Examining data/cfengine3-3.15.2/cf-agent/verify_exec.c
Examining data/cfengine3-3.15.2/cf-agent/files_edit.h
Examining data/cfengine3-3.15.2/cf-agent/load_avahi.h
Examining data/cfengine3-3.15.2/cf-agent/comparray.c
Examining data/cfengine3-3.15.2/cf-agent/cf-agent-enterprise-stubs.c
Examining data/cfengine3-3.15.2/cf-agent/cf_sql.h
Examining data/cfengine3-3.15.2/cf-agent/verify_processes.h
Examining data/cfengine3-3.15.2/cf-agent/verify_users_pam.c
Examining data/cfengine3-3.15.2/libcfnet/addr_lib.h
Examining data/cfengine3-3.15.2/libcfnet/communication.c
Examining data/cfengine3-3.15.2/libcfnet/policy_server.c
Examining data/cfengine3-3.15.2/libcfnet/cfnet.h
Examining data/cfengine3-3.15.2/libcfnet/key.h
Examining data/cfengine3-3.15.2/libcfnet/stat_cache.c
Examining data/cfengine3-3.15.2/libcfnet/connection_info.c
Examining data/cfengine3-3.15.2/libcfnet/tls_generic.h
Examining data/cfengine3-3.15.2/libcfnet/protocol_version.h
Examining data/cfengine3-3.15.2/libcfnet/client_protocol.h
Examining data/cfengine3-3.15.2/libcfnet/communication.h
Examining data/cfengine3-3.15.2/libcfnet/tls_generic.c
Examining data/cfengine3-3.15.2/libcfnet/client_protocol.c
Examining data/cfengine3-3.15.2/libcfnet/protocol_version.c
Examining data/cfengine3-3.15.2/libcfnet/conn_cache.c
Examining data/cfengine3-3.15.2/libcfnet/connection_info.h
Examining data/cfengine3-3.15.2/libcfnet/tls_client.c
Examining data/cfengine3-3.15.2/libcfnet/client_code.h
Examining data/cfengine3-3.15.2/libcfnet/stat_cache.h
Examining data/cfengine3-3.15.2/libcfnet/misc.c
Examining data/cfengine3-3.15.2/libcfnet/conn_cache.h
Examining data/cfengine3-3.15.2/libcfnet/protocol.h
Examining data/cfengine3-3.15.2/libcfnet/classic.h
Examining data/cfengine3-3.15.2/libcfnet/classic.c
Examining data/cfengine3-3.15.2/libcfnet/client_code.c
Examining data/cfengine3-3.15.2/libcfnet/policy_server.h
Examining data/cfengine3-3.15.2/libcfnet/net.h
Examining data/cfengine3-3.15.2/libcfnet/key.c
Examining data/cfengine3-3.15.2/libcfnet/tls_client.h
Examining data/cfengine3-3.15.2/libcfnet/addr_lib.c
Examining data/cfengine3-3.15.2/libcfnet/server_code.c
Examining data/cfengine3-3.15.2/libcfnet/server_code.h
Examining data/cfengine3-3.15.2/libcfnet/protocol.c
Examining data/cfengine3-3.15.2/libcfnet/net.c
Examining data/cfengine3-3.15.2/cf-net/cf-net.c
FINAL RESULTS:
data/cfengine3-3.15.2/cf-agent/files_links.c:113:9: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(destination, linkbuf, CF_BUFSIZE - 1) == -1)
data/cfengine3-3.15.2/cf-agent/files_links.c:458:9: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(name, linkbuf, CF_BUFSIZE - 1) == -1)
data/cfengine3-3.15.2/cf-agent/files_links.c:647:17: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(dest, buff, CF_BUFSIZE - 1) == -1)
data/cfengine3-3.15.2/cf-agent/files_operators.c:174:32: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
ssize_t linksize = readlink(BufferData(deref_file), buf, statbuf.st_size);
data/cfengine3-3.15.2/cf-agent/files_select.c:498:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(filename, buffer, CF_BUFSIZE - 1) == -1)
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1193:13: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(vbuff, linkbuf, CF_BUFSIZE - 1);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3587:16: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
return readlink(sourcefile, linkbuf, buffsize - 1);
data/cfengine3-3.15.2/cf-check/diagnose.c:513:23: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
const ssize_t r = readlink(path, target_buf, sizeof(target_buf));
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:289:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(vbuff, 0600) != 0)
data/cfengine3-3.15.2/cf-serverd/server_common.c:744:13: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink(filename, linkbuf, CF_BUFSIZE - 1) == -1)
data/cfengine3-3.15.2/libntech/libcompat/fchmodat.c:53:12: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod(data->pathname, data->mode);
data/cfengine3-3.15.2/libntech/libcompat/fchownat.c:53:16: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
return chown(data->pathname, data->owner, data->group);
data/cfengine3-3.15.2/libntech/libcompat/readlinkat.c:46:12: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
return readlink(data->pathname, data->buf, data->bufsize);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:1089:12: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
return chown(path, owner, group);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:1118:12: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
return chmod(path, mode);
data/cfengine3-3.15.2/libntech/libutils/platform.h:543:5: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
int chown(const char *path, uid_t owner, gid_t group);
data/cfengine3-3.15.2/libntech/libutils/platform.h:656:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int chmod(const char *path, mode_t mode);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:138:18: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
result = chown(TEMP_DIR "/" TEST_FILE, 100, 100);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:139:18: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
result = chown(TEMP_DIR "/" TEST_SUBDIR "/" TEST_FILE, 100, 100);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:140:18: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
result = chown(TEMP_DIR "/" TEST_SUBSUBDIR "/" TEST_FILE, 100, 100);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:141:18: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
result = chown(TEMP_DIR "/" TEST_SUBDIR, 100, 100);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:142:18: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
result = chown(TEMP_DIR "/" TEST_SUBSUBDIR, 100, 100);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:462:26: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEMP_DIR "/" TEST_LINK, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:485:26: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEMP_DIR "/" TEST_LINK, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:786:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEMP_DIR "/" TEST_SUBDIR "/" TEST_FILE, 0, 0), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1028:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEST_FILE, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1052:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEST_SUBSUBDIR "/" TEST_FILE, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1076:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEMP_DIR "/" TEST_SUBSUBDIR "/" TEST_FILE, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1100:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown("/" TEMP_DIR "////" TEST_SUBSUBDIR "//" TEST_FILE, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1124:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEST_SUBDIR, 100, 100), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1155:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEST_SUBDIR "/" TEST_FILE, 0, 0), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1370:22: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
assert_int_equal(chmod(TEST_FILE, 0777), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1386:22: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
assert_int_equal(chmod(TEST_SUBDIR "/" TEST_FILE, 0777), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1402:22: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
assert_int_equal(chmod(TEMP_DIR "/" TEST_SUBDIR "/" TEST_FILE, 0777), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1418:22: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
assert_int_equal(chmod("/" TEMP_DIR "///" TEST_SUBDIR "//" TEST_FILE, 0777), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1447:22: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
assert_int_equal(chown(TEST_SUBDIR "/" TEST_FILE, 0, 0), 0);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1449:22: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
assert_int_equal(chmod(TEST_SUBDIR "/" TEST_FILE, 0777), 0);
data/cfengine3-3.15.2/libpromises/crypto.c:105:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(randfile, 0600);
data/cfengine3-3.15.2/libpromises/evalfunction.c:4284:27: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
ssize_t got = readlink(path_buffer, buffer, CF_BUFSIZE - 1);
data/cfengine3-3.15.2/libpromises/files_lib.c:314:21: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(tmpstr, _PATH_FORKSPECIFIER, CF_BUFSIZE);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1078:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(vbuff, sb.st_mode | 0700);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1091:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(vbuff, sb.st_mode | 0700);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1627:13: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(workdir, getuid(), getgid()) == -1)
data/cfengine3-3.15.2/libpromises/generic_agent.c:1639:13: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(workdir, (mode_t) (statbuf.st_mode & ~022)) == -1)
data/cfengine3-3.15.2/libpromises/generic_agent.c:1656:13: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(vbuff, getuid(), getgid()) == -1)
data/cfengine3-3.15.2/libpromises/generic_agent.c:1662:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(vbuff, (mode_t) 0755);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1684:13: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(vbuff, getuid(), getgid()) == -1)
data/cfengine3-3.15.2/libpromises/generic_agent.c:1690:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(vbuff, (mode_t) 0700);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1712:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(vbuff, (mode_t) 0700); /* Keys must be immutable to others */
data/cfengine3-3.15.2/cf-agent/cf-agent.c:1502:22: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access)
data/cfengine3-3.15.2/cf-agent/files_changes.c:164:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, file);
data/cfengine3-3.15.2/cf-agent/files_changes.c:433:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pos, SeqAt(files, c));
data/cfengine3-3.15.2/cf-agent/files_changes.c:736:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(from, ctime(&(cmpsb.st_mtime)));
data/cfengine3-3.15.2/cf-agent/files_changes.c:737:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(to, ctime(&(sb->st_mtime)));
data/cfengine3-3.15.2/cf-agent/files_editline.c:241:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context, stack->name);
data/cfengine3-3.15.2/cf-agent/files_editline.c:249:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(context, op);
data/cfengine3-3.15.2/cf-agent/files_editline.c:1566:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, sp);
data/cfengine3-3.15.2/cf-agent/files_editline.c:1584:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, final);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:337:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawxpath, a.xml.build_xpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:341:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawxpath, pp->promiser);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:924:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copyxpath, rawxpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:984:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copyxpath, rawxpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:1633:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawxpath, a->xml.build_xpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:1637:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawxpath, pp->promiser);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2402:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawname, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2411:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawvalue, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2429:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copypred, predicate);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2435:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(predicate, tail);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2457:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(head, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2477:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copyxpath, xpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2481:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tail, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2513:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawname, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2530:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(predicate, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2551:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawname, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2560:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawvalue, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2614:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, tok);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2617:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpath, tmpstr);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2631:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copyxpath, xpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2637:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpath, tail);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2650:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(copyxpath, xpath);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2658:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xpath, copyxpath);
data/cfengine3-3.15.2/cf-agent/files_links.c:81:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absto, AbsLinkPath(destination, to));
data/cfengine3-3.15.2/cf-agent/files_links.c:86:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absto, to);
data/cfengine3-3.15.2/cf-agent/files_links.c:210:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(linkto, destination);
data/cfengine3-3.15.2/cf-agent/files_links.c:213:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(linkto, source);
data/cfengine3-3.15.2/cf-agent/files_links.c:217:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(linkto, source);
data/cfengine3-3.15.2/cf-agent/files_links.c:239:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(expand, absto);
data/cfengine3-3.15.2/cf-agent/files_links.c:301:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, FILE_SEPARATOR_STR);
data/cfengine3-3.15.2/cf-agent/files_links.c:350:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absto, AbsLinkPath(destination, to));
data/cfengine3-3.15.2/cf-agent/files_links.c:355:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(absto, to);
data/cfengine3-3.15.2/cf-agent/files_links.c:466:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(linkpath, name); /* Get path to link */
data/cfengine3-3.15.2/cf-agent/files_links.c:474:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(linkpath, linkbuf);
data/cfengine3-3.15.2/cf-agent/files_links.c:635:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dest, node);
data/cfengine3-3.15.2/cf-agent/files_links.c:672:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dest, buff);
data/cfengine3-3.15.2/cf-agent/files_links.c:738:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destination, from); /* reuse to save stack space */
data/cfengine3-3.15.2/cf-agent/files_links.c:774:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(destination, sp);
data/cfengine3-3.15.2/cf-agent/files_operators.c:189:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, BufferData(deref_file));
data/cfengine3-3.15.2/cf-agent/files_operators.c:206:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, BufferData(deref_file));
data/cfengine3-3.15.2/cf-agent/files_operators.c:211:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(backup, stamp);
data/cfengine3-3.15.2/cf-agent/files_operators.c:216:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, BufferData(deref_file));
data/cfengine3-3.15.2/cf-agent/nfs.c:244:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s%s%s", buf1, buf2, buf3);
data/cfengine3-3.15.2/cf-agent/package_module.c:92:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(interpreter_path, X_OK) != 0)
data/cfengine3-3.15.2/cf-agent/package_module.c:101:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(script_path, R_OK) != 0)
data/cfengine3-3.15.2/cf-agent/package_module.c:111:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access(wrapper->path, X_OK) != 0)
data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.c:166:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nextbuffer, dirp->d_name);
data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.c:171:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nextbuffer, ip->name);
data/cfengine3-3.15.2/cf-agent/verify_databases.c:770:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(query, entry);
data/cfengine3-3.15.2/cf-agent/verify_files.c:621:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(pp->promiser, R_OK) == 0)
data/cfengine3-3.15.2/cf-agent/verify_files.c:768:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(edit_bundle_name, fp->name);
data/cfengine3-3.15.2/cf-agent/verify_files.c:773:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(edit_bundle_name, (char *) vp);
data/cfengine3-3.15.2/cf-agent/verify_files.c:806:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(edit_bundle_name, fp->name);
data/cfengine3-3.15.2/cf-agent/verify_files.c:811:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(edit_bundle_name, (char *) vp);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:797:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, to);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1050:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourcedir, source);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1052:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destdir, destination);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1101:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourcefile, sourcedir);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1110:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destfile, destdir);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1150:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sourcefile, source);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1151:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destfile, destination);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1836:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname, path);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1853:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname, path);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3609:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(linkbuf, sp->cf_readlink);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2641:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command_string, a.packages.package_add_command);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2658:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command_string, a.packages.package_delete_command);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2675:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command_string, a.packages.package_update_command);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2690:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command_string, a.packages.package_verify_command);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2757:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(offset, pi->name);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2815:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(offset, pi->name);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2958:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command_string, a.packages.package_patch_command);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3004:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(offset, pi->name);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3042:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(command_string, pi->name);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3480:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", name); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3482:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", version); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3487:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", arch); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3541:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arch, default_arch);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3547:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", name); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3553:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", version); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3561:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", arch); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3583:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", name); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3586:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", version); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3591:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s", arch); /* trim */
data/cfengine3-3.15.2/cf-agent/verify_storage.c:217:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, name);
data/cfengine3-3.15.2/cf-agent/verify_storage.c:221:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, FILE_SEPARATOR_STR);
data/cfengine3-3.15.2/cf-agent/verify_storage.c:224:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff, dirp->d_name);
data/cfengine3-3.15.2/cf-agent/verify_storage.c:407:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(vbuff, FILE_SEPARATOR_STR);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:88:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# error Your operating system lacks the proper string for the "usermod -e" utility.
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:399:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(final_cmd);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:726:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cmd, USERMOD);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:739:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1106:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
status = system(cmd);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1125:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cmd, USERADD);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1262:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cmd, USERDEL);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1281:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cmd, USERMOD);
data/cfengine3-3.15.2/cf-check/db_structs.h:76:17: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
apply_macro(syslog) \
data/cfengine3-3.15.2/cf-check/diagnose.c:563:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(symlink_target, F_OK) != 0)
data/cfengine3-3.15.2/cf-check/validate.c:145:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, ap);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:261:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, errmsg, config->agent_expireafter);
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:157:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(truncate ? HOST_FMT_TRUNCATE : HOST_FMT_NO_TRUNCATE,
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:171:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:640:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ldt_buff, buff);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:673:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ldt_buff, buff);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:955:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, name);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:976:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2, buffer);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:988:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, name);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1007:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2, buffer);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1013:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2, buffer);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1024:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2, buffer);
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1033:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer2, buffer);
data/cfengine3-3.15.2/cf-monitord/history.c:151:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(buf, "%s:", lval);
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:44:10: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
char syslog[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:55:12: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
strcpy(syslog, "/var/log/syslog");
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:62:40: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
cf_this[ob_syslog] = GetFileGrowth(syslog, ob_syslog);
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:55:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (snprintf(sysfspath, CF_BUFSIZE, SYSFSBLOCK "%s/queue/logical_block_size", sysfsname) >= CF_BUFSIZE)
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:99:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(sysfspath, F_OK) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:279:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access("/proc/diskstats", R_OK) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:285:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access("/proc/partitions", R_OK) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_mem_linux.c:140:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access("/proc/meminfo", R_OK) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_network.c:154:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(ip->name, "%*s %*s %*s %s %s", local, remote); /* linux-like */
data/cfengine3-3.15.2/cf-monitord/mon_network.c:158:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(ip->name, "%s %s", local, remote); /* solaris-like */
data/cfengine3-3.15.2/cf-monitord/mon_network.c:210:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(VNETSTAT[VSYSTEMHARDCLASS], "%s", comm);
data/cfengine3-3.15.2/cf-monitord/mon_network.c:323:24: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
case cfn_new: sscanf(vbuff, "%*s %*s %*s %s %s", local, remote); /* linux-like */
data/cfengine3-3.15.2/cf-monitord/mon_network.c:327:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(vbuff, "%s %s", local, remote);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:106:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(CF_TCPDUMP_COMM, "%s", buffer);
data/cfengine3-3.15.2/cf-monitord/monitoring.c:208:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(eventname, (char *) key);
data/cfengine3-3.15.2/cf-net/cf-net.c:818:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(threads[i]->data->local_file, PATH_MAX, local_file, i);
data/cfengine3-3.15.2/cf-net/cf-net.c:827:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(threads[i]->data->remote_file, PATH_MAX, remote_file, i);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:713:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(sendbuf, sizeof(sendbuf), &sendbuf_len, " -D", 0);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:714:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(sendbuf, sizeof(sendbuf), &sendbuf_len, DEFINECLASSES, 0);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:718:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(sendbuf, sizeof(sendbuf), &sendbuf_len, " -b ", 0);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:719:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(sendbuf, sizeof(sendbuf), &sendbuf_len, REMOTEBUNDLES, 0);
data/cfengine3-3.15.2/cf-serverd/server_access.c:111:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access && !NULL_OR_EMPTY(hostname) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:142:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access && !NULL_OR_EMPTY(key) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:156:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access && !NULL_OR_EMPTY(username) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:174:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access && found == NULL)
data/cfengine3-3.15.2/cf-serverd/server_access.c:185:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
assert((access && have_match) ||
data/cfengine3-3.15.2/cf-serverd/server_access.c:186:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(!access && !have_match && found != NULL));
data/cfengine3-3.15.2/cf-serverd/server_access.c:188:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access || !have_match) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:213:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access || !have_match) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:245:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access || !have_match) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:260:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access || !have_match) &&
data/cfengine3-3.15.2/cf-serverd/server_access.c:278:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
assert(! (access && !have_match));
data/cfengine3-3.15.2/cf-serverd/server_access.c:284:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access;
data/cfengine3-3.15.2/cf-serverd/server_access.c:362:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access;
data/cfengine3-3.15.2/cf-serverd/server_access.c:384:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access;
data/cfengine3-3.15.2/cf-serverd/server_classic.c:284:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/cfengine3-3.15.2/cf-serverd/server_classic.c:299:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access;
data/cfengine3-3.15.2/cf-serverd/server_classic.c:388:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/cfengine3-3.15.2/cf-serverd/server_classic.c:403:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access;
data/cfengine3-3.15.2/cf-serverd/server_classic.c:499:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/cfengine3-3.15.2/cf-serverd/server_common.c:850:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sendbuffer, cfst.cf_readlink);
data/cfengine3-3.15.2/cf-serverd/server_common.c:875:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuffer, CFD_FALSE);
data/cfengine3-3.15.2/cf-serverd/server_common.c:881:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuffer, CFD_TRUE);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1005:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuffer + offset, CFD_TERMINATOR);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1069:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sendbuffer + offset, CFD_TERMINATOR);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1648:5: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(cmdbuf, sizeof(cmdbuf), &cmdbuf_len, CFRUNCOMMAND, 0);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1673:17: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(cmdbuf, sizeof(cmdbuf), &cmdbuf_len,
data/cfengine3-3.15.2/cf-serverd/server_common.c:1675:17: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(cmdbuf, sizeof(cmdbuf), &cmdbuf_len,
data/cfengine3-3.15.2/cf-serverd/server_common.c:1703:17: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(cmdbuf, sizeof(cmdbuf), &cmdbuf_len,
data/cfengine3-3.15.2/cf-serverd/server_common.c:1705:17: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(cmdbuf, sizeof(cmdbuf), &cmdbuf_len,
data/cfengine3-3.15.2/cf-serverd/server_tls.c:376:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
ret = sscanf(line2, "IDENTITY %[^=]=%s%n", word1, word2, &chars_read);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:384:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(username, word2);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:403:15: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
ret = sscanf(&line2[line2_pos], " %[^=]=%s%n", word1, word2, &chars_read);
data/cfengine3-3.15.2/cf-upgrade/log.c:57:20: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
message_size = vsnprintf(buffer, MAX_LOG_ENTRY_SIZE - 1, format, args);
data/cfengine3-3.15.2/ext/rpmvercmp.c:66:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str1, a);
data/cfengine3-3.15.2/ext/rpmvercmp.c:67:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str2, b);
data/cfengine3-3.15.2/libcfnet/client_code.c:234:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(conn->remoteip, txtaddr);
data/cfengine3-3.15.2/libcfnet/client_protocol.c:145:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(localip, VIPADDRESS);
data/cfengine3-3.15.2/libcfnet/client_protocol.c:152:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dnsname, VFQNAME);
data/cfengine3-3.15.2/libcfnet/policy_server.c:110:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(POLICY_SERVER_IP, host_or_ip);
data/cfengine3-3.15.2/libcfnet/policy_server.c:117:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(POLICY_SERVER_PORT, port);
data/cfengine3-3.15.2/libcfnet/stat_cache.c:359:15: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int res = sscanf(buf, "OK:"
data/cfengine3-3.15.2/libcfnet/tls_generic.c:1016:13: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(cipher_suites, max_len, &cipher_suites_len, spec_ref.data, spec_ref.len + 1);
data/cfengine3-3.15.2/libcfnet/tls_generic.c:1020:13: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(ciphers, max_len, &ciphers_len, spec_ref.data, spec_ref.len + 1);
data/cfengine3-3.15.2/libenv/sysinfo.c:786:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workbuf, compile_str);
data/cfengine3-3.15.2/libenv/sysinfo.c:805:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(VIPADDRESS, inet_ntoa(cin.sin_addr));
data/cfengine3-3.15.2/libenv/sysinfo.c:1207:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(init_path, resolved_path);
data/cfengine3-3.15.2/libenv/sysinfo.c:1234:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access("/etc/os-release", R_OK) != -1)
data/cfengine3-3.15.2/libenv/sysinfo.c:1238:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access("/usr/lib/os-release", R_OK) != -1)
data/cfengine3-3.15.2/libenv/sysinfo.c:1732:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, vendor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1735:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1933:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, vendor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1939:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, edition);
data/cfengine3-3.15.2/libenv/sysinfo.c:1944:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1950:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1959:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, vendor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1963:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:1970:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2137:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2140:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2149:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2152:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2161:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(strversion, "VERSION = %s", strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2162:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(strpatch, "PATCHLEVEL = %s", strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2169:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2172:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2411:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(buffer, "%*s %[^.].%s", version, minor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2548:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, vendor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2551:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strmajor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2556:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(classbuf, strminor);
data/cfengine3-3.15.2/libenv/sysinfo.c:2641:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(buffer, "%*s %*s %*s %s", version);
data/cfengine3-3.15.2/libenv/sysinfo.c:2665:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(buffer, "%*s %s %*s %s", version, build);
data/cfengine3-3.15.2/libenv/sysinfo.c:2703:18: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
else if (sscanf(buffer, "VMware ESX Server %s", version) > 0)
data/cfengine3-3.15.2/libenv/unix_iface.c:439:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_name, ifp->ifr_name);
data/cfengine3-3.15.2/libenv/unix_iface.c:489:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ip, VIPADDRESS);
data/cfengine3-3.15.2/libenv/unix_iface.c:502:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip, VIPADDRESS);
data/cfengine3-3.15.2/libenv/unix_iface.c:519:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ip, txtaddr);
data/cfengine3-3.15.2/libenv/unix_iface.c:530:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(VIPADDRESS, txtaddr);
data/cfengine3-3.15.2/libenv/unix_iface.c:550:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip, txtaddr);
data/cfengine3-3.15.2/libenv/unix_iface.c:956:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(JsonObjectGetAsString(element, raw_key),
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:869:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (nl[0].n_name, LDAV_SYMBOL);
data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c:84:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = snprintf(tmp, sizeof tmp, fmt, src[0], src[1], src[2], src[3]);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:214:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#ifdef snprintf
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:215:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:217:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#ifdef vsnprintf
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:218:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef vsnprintf
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:283:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf rpl_snprintf
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:284:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf rpl_vsnprintf
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1506:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(NULL, 0, format, aq);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1510:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return vsnprintf(*ret, size, format, ap);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1535:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(str, size, format, ap);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1579:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int len = vsnprintf(staticbuf, sizeof(staticbuf), format, ap2);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1594:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buf_size, format, ap2);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1622:15: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int len = vfprintf(stdout, format, ap);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1637:11: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
len = vfprintf(stream, format, ap);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1647:15: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int len = vprintf(format, ap);
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:2164:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
r1 = sprintf(buf1, fmt[i], val[j]); \
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:2165:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
r2 = snprintf(buf2, sizeof(buf2), fmt[i], val[j]); \
data/cfengine3-3.15.2/libntech/libcompat/unsetenv.c:62:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s=", name);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:319:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int printed = vsnprintf(buffer->buffer + buffer->used, buffer->capacity - buffer->used, format, aq);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:328:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
printed = vsnprintf(buffer->buffer + buffer->used, buffer->capacity - buffer->used, format, ap);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:360:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int printed = vsnprintf(buffer->buffer, buffer->capacity, format, aq);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:370:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
printed = vsnprintf(buffer->buffer, buffer->capacity, format, ap);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:399:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int printed = vsnprintf(buffer->buffer, buffer->capacity, format, aq);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:404:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
printed = vsnprintf(buffer->buffer, buffer->capacity, format, ap);
data/cfengine3-3.15.2/libntech/libutils/deprecated.h:41:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
int sprintf(char *str, const char *format, ...) \
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:165:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(workbuf, CF_BUFSIZE, "%s/" #FOLDER, VAR##dir); \
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:169:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(workbuf, CF_BUFSIZE, "%s/" #FOLDER, GetWorkDir()); \
data/cfengine3-3.15.2/libntech/libutils/misc_lib.c:62:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stdout, fmt, ap);
data/cfengine3-3.15.2/libntech/libutils/misc_lib.c:86:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/cfengine3-3.15.2/libntech/libutils/misc_lib.c:119:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int ret = vsnprintf(str, str_size, format, ap);
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:93:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(buffer, PID_FMT, &pid) != 1)
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:192:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int len = snprintf(msg, sizeof(msg), PID_FMT, pid);
data/cfengine3-3.15.2/libntech/libutils/proc_keyvalue.c:38:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(value,
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:371:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, first);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:380:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, arg);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1392:6: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
void StrCat(char *dst, size_t dst_size, size_t *dst_len,
data/cfengine3-3.15.2/libntech/libutils/string_lib.h:269:6: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
void StrCat(char *dst, size_t dst_size, size_t *dst_len,
data/cfengine3-3.15.2/libntech/libutils/writer.c:121:12: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return vfprintf(writer->file, fmt, ap);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:211:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(shortAppend, element0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:212:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(shortAppend, element1);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:242:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(longAppend, element0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:243:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(longAppend, element2);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1683:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(xmlfile, format, args);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1704:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(xmlfile, format, args);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1745:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, args);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1753:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1885:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(timestamp, ctime(&ttime));
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1923:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, file);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1924:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, basename(path));
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1989:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(casename, test->name);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:2037:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xmlfile, "%s.xml", suitename);
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:11:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, inp); \
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:105:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(backup, src); \
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:118:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, src); \
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:709:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int acc_ret = access(filename, F_OK);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1875:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("sudo -n /bin/true") == 0)
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1877:9: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("sudo", "sudo", "-n", argv[0], NULL);
data/cfengine3-3.15.2/libntech/tests/unit/gcov-stub.c:19:12: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return execv(path, argv);
data/cfengine3-3.15.2/libntech/tests/unit/gcov-stub.c:44:12: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
return execv(path, args);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1097:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, "blah", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1100:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, "", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1103:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, " ", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1106:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, "blue", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1110:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, "1", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1120:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, src, 4);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1123:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, src, 4);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1126:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, src, 2);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1133:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, 4, &dst_len, "blah", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1137:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, 4, &dst_len, "", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1140:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, 4, &dst_len, "blue", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1146:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, 4, NULL, "blah", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1148:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, 4, NULL, "", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1150:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, 4, NULL, "blue", 0);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1156:9: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
StrCat(dst, sizeof(dst), &dst_len, "1", 0);
data/cfengine3-3.15.2/libpromises/audit.c:102:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, CF_BUFSIZE - 1, s, ap);
data/cfengine3-3.15.2/libpromises/cf3parse.c:771:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/cfengine3-3.15.2/libpromises/conversion.c:778:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(smaller, "%d %s %d", &day_small, month_small, &year_small);
data/cfengine3-3.15.2/libpromises/conversion.c:779:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(bigger, "%d %s %d", &day_big, month_big, &year_big);
data/cfengine3-3.15.2/libpromises/conversion.c:1134:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(usercopy, ip->name);
data/cfengine3-3.15.2/libpromises/conversion.c:1161:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(usercopy, uidbuff);
data/cfengine3-3.15.2/libpromises/conversion.c:1208:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(groupcopy, gidbuff);
data/cfengine3-3.15.2/libpromises/crypto.c:98:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(randfile, R_OK) && errno == ENOENT && RAND_write_file(randfile) != 1024)
data/cfengine3-3.15.2/libpromises/crypto.c:743:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, hexStr);
data/cfengine3-3.15.2/libpromises/dbm_api.c:723:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(repair_flag_file, F_OK) == 0)
data/cfengine3-3.15.2/libpromises/eval_context.c:1840:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(abbr + head, sep);
data/cfengine3-3.15.2/libpromises/eval_context.c:1841:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(abbr, last_line);
data/cfengine3-3.15.2/libpromises/evalfunction.c:795:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, CF_BUFSIZE - 1, ctrlstr, getenv(name));
data/cfengine3-3.15.2/libpromises/evalfunction.c:1822:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_line, line);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1824:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new_line, pm_name);
data/cfengine3-3.15.2/libpromises/evalfunction.c:5194:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(data, "%ld%s", &x, piece); // we don't care about the remainder and will overwrite it
data/cfengine3-3.15.2/libpromises/evalfunction.c:5195:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(piece, CF_BUFSIZE, format_piece, x);
data/cfengine3-3.15.2/libpromises/evalfunction.c:5208:25: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(data, "%lf%s", &x, piece); // we don't care about the remainder and will overwrite it
data/cfengine3-3.15.2/libpromises/evalfunction.c:5209:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(piece, CF_BUFSIZE, format_piece, x);
data/cfengine3-3.15.2/libpromises/evalfunction.c:5215:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(piece, CF_BUFSIZE, format_piece, data);
data/cfengine3-3.15.2/libpromises/evalfunction.c:5246:29: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(piece, CF_BUFSIZE, format_rewrite, StringWriterData(w));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5271:33: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(piece, CF_BUFSIZE, format_rewrite, StringWriterData(w));
data/cfengine3-3.15.2/libpromises/files_lib.c:209:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(currentpath, pathbuf);
data/cfengine3-3.15.2/libpromises/files_names.c:242:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, sep);
data/cfengine3-3.15.2/libpromises/files_names.c:275:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, sep);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1283:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(policy_dir, R_OK) != 0)
data/cfengine3-3.15.2/libpromises/generic_agent.c:2060:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(failsafe_path, R_OK) != 0)
data/cfengine3-3.15.2/libpromises/item_lib.c:627:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(sp, format, node) == 1 &&
data/cfengine3-3.15.2/libpromises/item_lib.c:659:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, ip->name);
data/cfengine3-3.15.2/libpromises/item_lib.c:1019:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, filename);
data/cfengine3-3.15.2/libpromises/item_lib.c:1020:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new, CF_EDITED);
data/cfengine3-3.15.2/libpromises/locks.c:449:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst, sp);
data/cfengine3-3.15.2/libpromises/locks.c:480:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst, con);
data/cfengine3-3.15.2/libpromises/ornaments.c:103:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(abbr + head, sep);
data/cfengine3-3.15.2/libpromises/ornaments.c:104:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(abbr, last_line);
data/cfengine3-3.15.2/libpromises/pipes_unix.c:311:19: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
res = execv(argv[0], argv);
data/cfengine3-3.15.2/libpromises/pipes_unix.c:315:19: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
res = execvp(argv[0], argv);
data/cfengine3-3.15.2/libpromises/pipes_unix.c:390:13: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execv(argv[0], argv) == -1)
data/cfengine3-3.15.2/libpromises/pipes_unix.c:512:13: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execv(argv[0], argv) == -1)
data/cfengine3-3.15.2/libpromises/pipes_unix.c:604:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SHELL_PATH, "sh", "-c", command, NULL);
data/cfengine3-3.15.2/libpromises/pipes_unix.c:718:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(SHELL_PATH, "sh", "-c", command, NULL);
data/cfengine3-3.15.2/libpromises/process_linux.c:95:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(p,
data/cfengine3-3.15.2/libpromises/syslog_client.c:53:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SYSLOG_HOST, host);
data/cfengine3-3.15.2/libpromises/unix.c:212:17: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execl(SHELL_PATH, "sh", "-c", command, NULL) == -1)
data/cfengine3-3.15.2/libpromises/unix.c:240:17: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (execv(argv[0], argv) == -1)
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:192:16: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(packages_file, "%s\n", serialized_package) != EOF)
data/cfengine3-3.15.2/tests/acceptance/no_fds.c:96:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(new_args[0], new_args);
data/cfengine3-3.15.2/tests/load/db_load.c:198:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/load/db_load.c:274:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, CF_BUFSIZE - 1, fmt, ap);
data/cfengine3-3.15.2/tests/load/lastseen_load.c:50:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:706:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1683:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(xmlfile, format, args);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1704:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(xmlfile, format, args);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1745:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, args);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1753:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1885:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(timestamp, ctime(&ttime));
data/cfengine3-3.15.2/tests/unit/cmockery.c:1923:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, file);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1924:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, basename(path));
data/cfengine3-3.15.2/tests/unit/cmockery.c:1989:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(casename, test->name);
data/cfengine3-3.15.2/tests/unit/cmockery.c:2037:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xmlfile, "%s.xml", suitename);
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:31:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/db_test.c:33:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/eval_context_test.c:28:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:31:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/files_lib_test.c:29:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/generic_agent_test.c:159:29: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ARG_UNUSED int ignore = system(cmd);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:56:9: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(program, (char * const *)args);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:123:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(SPAWN_PROCESS, "%s/%s", argv[c], argv[c+1]);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:136:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(SPAWN_PROCESS_ON_SIGNAL, "%s/%s", argv[c], argv[c+1]);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:165:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(PIDFILE, "%s/%s.pid", piddir, file);
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:47:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:85:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:48:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:50:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:58:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:233:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/mon_cpu_test.c:28:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(buf, "%s%ld%ld%ld%ld%ld%ld%ld", cpuname, &userticks,
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:26:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:56:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cbuff);
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:64:19: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int ret = sscanf(vbuff, " %s ", user);
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:116:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(DIALUP, write ? W_OK : R_OK) == 0) /* bind() has happened */
data/cfengine3-3.15.2/tests/unit/persistent_lock_test.c:27:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/cfengine3-3.15.2/tests/unit/process_test.c:48:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sleep", "/bin/sleep", "30", NULL);
data/cfengine3-3.15.2/tests/unit/process_test.c:77:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sleep", "/bin/sleep", "30", NULL);
data/cfengine3-3.15.2/tests/unit/process_test.c:157:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sleep", "/bin/sleep", "30", NULL);
data/cfengine3-3.15.2/tests/unit/redirection_test.c:79:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "%s%s", base, helper);
data/cfengine3-3.15.2/cf-agent/cf-agent.c:427:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc_new, argv_new, "tdvnKIf:g:w:D:N:VxMB:b:hC::ElT::",
data/cfengine3-3.15.2/cf-agent/load_avahi.c:73:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *env = getenv("AVAHI_PATH");
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:86:15: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
char *p = realpath(dbfilename, dbmeta->dbpath);
data/cfengine3-3.15.2/cf-agent/verify_exec.c:180:19: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (a.contain.chroot != NULL)
data/cfengine3-3.15.2/cf-agent/verify_exec.c:330:129: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
cf_popen_powershell_setuid(cmdline, open_mode, a->contain.owner, a->contain.group, a->contain.chdir, a->contain.chroot,
data/cfengine3-3.15.2/cf-agent/verify_exec.c:340:120: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
cf_popen_shsetuid(cmdline, open_mode, a->contain.owner, a->contain.group, a->contain.chdir, a->contain.chroot,
data/cfengine3-3.15.2/cf-agent/verify_exec.c:346:117: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
cf_popensetuid(cmdline, open_mode, a->contain.owner, a->contain.group, a->contain.chdir, a->contain.chroot,
data/cfengine3-3.15.2/cf-check/cf-check.c:146:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, (char *const *) argv, optstr, OPTIONS, &start_index))
data/cfengine3-3.15.2/cf-execd/cf-execd.c:195:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "dvnKIf:g:D:N:VxL:hFOV1gMWC::l",
data/cfengine3-3.15.2/cf-key/cf-key.c:260:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "dvIf:g:T:VMp:sNr:xt:hl:C::n",
data/cfengine3-3.15.2/cf-monitord/cf-monitord.c:146:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "dvnIf:g:VSxHTKMFhC::l",
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:165:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) time(NULL));
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1113:13: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (drand48() < 0.7) /* 70% chance of using full value - as in learning policy */
data/cfengine3-3.15.2/cf-monitord/history.c:297:49: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
a.contain.chroot, false);
data/cfengine3-3.15.2/cf-monitord/history.c:309:49: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
a.contain.chroot, false);
data/cfengine3-3.15.2/cf-monitord/history.c:315:46: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
a.contain.chroot, false);
data/cfengine3-3.15.2/cf-net/cf-net.c:280:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, optstr, OPTIONS, &start_index))
data/cfengine3-3.15.2/cf-net/cf-net.c:744:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, args, optstr, longopts, NULL))
data/cfengine3-3.15.2/cf-promises/cf-promises.c:250:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "dvnIw:f:g:D:N:VSrxMb:i:p:s:cg:hW:C::T:l",
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:266:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "t:q:db::vnKhIif:g:D:VSxo:s:MH:C::l",
data/cfengine3-3.15.2/cf-serverd/cf-serverd-functions.c:156:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "dvIKf:g:D:N:VSxLFMhAC::l",
data/cfengine3-3.15.2/cf-serverd/cf-serverd-functions.c:670:40: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *const queue_size_var = getenv("CF_SERVERD_LISTEN_QUEUE_SIZE");
data/cfengine3-3.15.2/cf-serverd/server_classic.c:126:9: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (realpath(req_path, res_path) == NULL)
data/cfengine3-3.15.2/cf-serverd/server_common.c:1368:15: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
char *p = realpath(reqpath, dst);
data/cfengine3-3.15.2/cf-testd/cf-testd.c:158:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "a:df:g:hIj:k:lp:vV", OPTIONS, NULL)) != -1)
data/cfengine3-3.15.2/libcfnet/tls_generic.c:512:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CFENGINE_TEST_PURIFY_OPENSSL") != NULL)
data/cfengine3-3.15.2/libenv/sysinfo.c:1204:17: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (realpath(init_path, resolved_path) != NULL &&
data/cfengine3-3.15.2/libntech/libcompat/drand48.c:32:8: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double drand48(void);
data/cfengine3-3.15.2/libntech/libcompat/drand48.c:36:8: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double drand48(void)
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:63:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv(const char *name);
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:252:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
posixly_correct = getenv ("POSIXLY_CORRECT");
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:629:1: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt (argc, argv, optstring)
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:659:11: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt (argc, argv, "abc:d:0123456789");
data/cfengine3-3.15.2/libntech/libcompat/getopt.h:107:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *shortopts);
data/cfengine3-3.15.2/libntech/libcompat/getopt.h:109:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/cfengine3-3.15.2/libntech/libcompat/getopt.h:111:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long (int argc, char *const *argv, const char *shortopts,
data/cfengine3-3.15.2/libntech/libcompat/getopt.h:123:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt ();
data/cfengine3-3.15.2/libntech/libcompat/getopt.h:124:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt_long ();
data/cfengine3-3.15.2/libntech/libcompat/getopt1.c:52:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *getenv ();
data/cfengine3-3.15.2/libntech/libcompat/getopt1.c:60:1: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long (argc, argv, options, long_options, opt_index)
data/cfengine3-3.15.2/libntech/libcompat/getopt1.c:116:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long (argc, argv, "abc:d:0123456789",
data/cfengine3-3.15.2/libntech/libcompat/srand48.c:37:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned) seed);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:1531:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *procdir = getenv("CFENGINE_TEST_OVERRIDE_PROCDIR");
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:113:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *workdir = getenv("CFENGINE_TEST_OVERRIDE_WORKDIR");
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:120:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *workdir = getenv("CFENGINE_TEST_OVERRIDE_WORKDIR");
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:145:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *logdir = getenv("CFENGINE_TEST_OVERRIDE_WORKDIR");
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:152:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *piddir = getenv("CFENGINE_TEST_OVERRIDE_WORKDIR");
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:159:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *VAR##dir = getenv("CFENGINE_TEST_OVERRIDE_WORKDIR"); \
data/cfengine3-3.15.2/libntech/libutils/man.c:233:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *source_date_epoch = getenv("SOURCE_DATE_EPOCH");
data/cfengine3-3.15.2/libntech/libutils/misc_lib.c:150:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (overwrite == 0 && getenv(name) != NULL)
data/cfengine3-3.15.2/libntech/libutils/platform.h:504:8: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double drand48(void);
data/cfengine3-3.15.2/libntech/libutils/platform.h:526:17: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
# define realpath(N,R) _fullpath((R), (N), PATH_MAX)
data/cfengine3-3.15.2/libntech/libutils/sequence.c:355:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/cfengine3-3.15.2/libntech/libutils/sequence.c:364:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(rand_state);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:147:21: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double d1 = drand48();
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:148:21: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double d2 = drand48();
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:196:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") == NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:199:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") != NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:200:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_string_equal(getenv("UNIT_TEST_VAR"), "VALUE");
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:203:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") != NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:204:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_string_equal(getenv("UNIT_TEST_VAR"), "NEW_VALUE");
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:207:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") == NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:212:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") == NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:215:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") != NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:216:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_string_equal(getenv("UNIT_TEST_VAR"), "VALUE");
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:219:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") != NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:220:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_string_equal(getenv("UNIT_TEST_VAR"), "NEW_VALUE");
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:223:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") != NULL);
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:224:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_string_equal(getenv("UNIT_TEST_VAR"), "NEW_VALUE");
data/cfengine3-3.15.2/libntech/tests/unit/misc_lib_test.c:227:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
assert_true(getenv("UNIT_TEST_VAR") == NULL);
data/cfengine3-3.15.2/libntech/tests/unit/rb-tree-test.c:135:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/cfengine3-3.15.2/libpromises/cf3.defs.h:1118:11: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
char *chroot;
data/cfengine3-3.15.2/libpromises/crypto.c:123:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned) pid * start_time ^
data/cfengine3-3.15.2/libpromises/dbm_tokyocab.c:128:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *perc = getenv("TCDB_OPTIMIZE_PERCENT");
data/cfengine3-3.15.2/libpromises/enterprise_extension.c:42:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CFENGINE_TEST_OVERRIDE_EXTENSION_LIBRARY_DO_CLOSE") != NULL)
data/cfengine3-3.15.2/libpromises/enterprise_extension.c:63:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CFENGINE_TEST_OVERRIDE_EXTENSION_LIBRARY_DO_CLOSE") != NULL)
data/cfengine3-3.15.2/libpromises/evalfunction.c:730:32: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int result = from + (int) (drand48() * (double) range);
data/cfengine3-3.15.2/libpromises/evalfunction.c:793:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv(name))
data/cfengine3-3.15.2/libpromises/evalfunction.c:795:51: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
snprintf(buffer, CF_BUFSIZE - 1, ctrlstr, getenv(name));
data/cfengine3-3.15.2/libpromises/extensions.c:79:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("CFENGINE_TEST_OVERRIDE_EXTENSION_LIBRARY_DO_CLOSE") == NULL)
data/cfengine3-3.15.2/libpromises/extensions.c:86:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *dir = getenv("CFENGINE_TEST_OVERRIDE_EXTENSION_LIBRARY_DIR");
data/cfengine3-3.15.2/libpromises/files_names.c:684:23: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
char *real_path = realpath(abs_path, NULL);
data/cfengine3-3.15.2/libpromises/files_names.c:692:23: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
char *real_path = realpath(abs_path, path_buf);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1908:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *color_env = getenv("CFENGINE_COLOR");
data/cfengine3-3.15.2/libpromises/pipes_unix.c:491:17: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (chroot(chrootv) == -1)
data/cfengine3-3.15.2/libpromises/pipes_unix.c:697:17: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (chroot(chrootv) == -1)
data/cfengine3-3.15.2/libpromises/verify_classes.c:213:20: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
double fluct = drand48() * total;
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:372:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *workdir = getenv("CFENGINE_TEST_OVERRIDE_WORKDIR");
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:373:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *tempdir = getenv("TEMP");
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:387:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "", OPTIONS, &option_index)) != EOF)
data/cfengine3-3.15.2/tests/load/db_load.c:218:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/cfengine3-3.15.2/tests/unit/enterprise_extension_test_lib.c:25:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *version = getenv("CFENGINE_TEST_RETURN_VERSION");
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:159:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *piddir = getenv("CFTEST_PREFIX");
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:188:23: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
char *using = tempnam("/tmp", "cfpof");
data/cfengine3-3.15.2/cf-agent/agent-diagnostics.c:54:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diagnostics_path[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-agent/cf-agent.c:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/cf-agent/cf-agent.c:793:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/cf-agent.c:920:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/cf-agent/cf-agent.c:936:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/cf-agent/cf-agent.c:1371:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context_report_file[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/cf-agent.c:1966:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/cf-agent.c:2028:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/cf_sql.c:125:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
cfdb->rowdata[i] = (char *) thisrow[i];
data/cfengine3-3.15.2/cf-agent/cf_sql.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mess_digest[EVP_MAX_MD_SIZE + 1]; /* Content digest */
data/cfengine3-3.15.2/cf-agent/files_changes.c:88:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chk_key + 2 + CHANGES_HASH_FILE_NAME_OFFSET, name, len);
data/cfengine3-3.15.2/cf-agent/files_changes.c:97:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static ChecksumValue *NewHashValue(unsigned char digest[EVP_MAX_MD_SIZE + 1])
data/cfengine3-3.15.2/cf-agent/files_changes.c:103:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chk_val->mess_digest, digest, EVP_MAX_MD_SIZE + 1);
data/cfengine3-3.15.2/cf-agent/files_changes.c:113:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool ReadHash(CF_DB *dbp, HashMethod type, const char *name, unsigned char digest[EVP_MAX_MD_SIZE + 1])
data/cfengine3-3.15.2/cf-agent/files_changes.c:113:78: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool ReadHash(CF_DB *dbp, HashMethod type, const char *name, unsigned char digest[EVP_MAX_MD_SIZE + 1])
data/cfengine3-3.15.2/cf-agent/files_changes.c:123:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, chk_val.mess_digest, EVP_MAX_MD_SIZE + 1);
data/cfengine3-3.15.2/cf-agent/files_changes.c:134:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int WriteHash(CF_DB *dbp, HashMethod type, const char *name, unsigned char digest[EVP_MAX_MD_SIZE + 1])
data/cfengine3-3.15.2/cf-agent/files_changes.c:134:78: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int WriteHash(CF_DB *dbp, HashMethod type, const char *name, unsigned char digest[EVP_MAX_MD_SIZE + 1])
data/cfengine3-3.15.2/cf-agent/files_changes.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[file_len + 1];
data/cfengine3-3.15.2/cf-agent/files_changes.c:236:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_key[ksize + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:239:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_key + 2, key, ksize);
data/cfengine3-3.15.2/cf-agent/files_changes.c:280:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_key[ksize + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:283:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_key + 2, key, ksize);
data/cfengine3-3.15.2/cf-agent/files_changes.c:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char migrated_db_name[PATH_MAX];
data/cfengine3-3.15.2/cf-agent/files_changes.c:328:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char migrated_db_name[PATH_MAX];
data/cfengine3-3.15.2/cf-agent/files_changes.c:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[strlen(path) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[strlen(path) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_entries[size];
data/cfengine3-3.15.2/cf-agent/files_changes.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[strlen(path) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_entries[size];
data/cfengine3-3.15.2/cf-agent/files_changes.c:449:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool FileChangesCheckAndUpdateHash_impl(const char *filename,
data/cfengine3-3.15.2/cf-agent/files_changes.c:450:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-agent/files_changes.c:457:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dbdigest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/cf-agent/files_changes.c:494:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:522:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *filename,
data/cfengine3-3.15.2/cf-agent/files_changes.c:523:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-agent/files_changes.c:591:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[strlen(name) + strlen(file) + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:602:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[strlen(name) + strlen(db_file) + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:650:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[strlen(file) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:682:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_temp[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:694:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_temp[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:706:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_temp[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:718:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_temp[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:733:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:734:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:742:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_temp[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.c:788:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_changes.h:40:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *filename,
data/cfengine3-3.15.2/cf-agent/files_changes.h:41:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-agent/files_editline.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:169:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bundlename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:181:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context[CF_BUFSIZE] = "any";
data/cfengine3-3.15.2/cf-agent/files_editline.c:211:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/cf-agent/files_editline.c:212:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brack[4] = "";
data/cfengine3-3.15.2/cf-agent/files_editline.c:265:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sp, ip->name, len);
data/cfengine3-3.15.2/cf-agent/files_editline.c:355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:493:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:1134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_buff[CF_EXPANDSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:1135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char after[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:1265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char separator[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_editline.c:1504:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toadd[4];
data/cfengine3-3.15.2/cf-agent/files_editline.c:1516:29: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(toadd, "\\s+");
data/cfengine3-3.15.2/cf-agent/files_editline.c:1971:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:82:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool BuildXPathInFile(EvalContext *ctx, char xpath[CF_BUFSIZE], xmlDocPtr doc, const Attributes *a, const Promise *pp, EditContext *edcontext, PromiseResult *result);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:83:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool BuildXPathInNode(EvalContext *ctx, char xpath[CF_BUFSIZE], xmlDocPtr doc, const Attributes *a, const Promise *pp, EditContext *edcontext, PromiseResult *result);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:118:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr PredicateExtractNode(char predicate[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:119:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool PredicateRemoveHead(char xpath[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:121:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr XPathHeadExtractNode(EvalContext *ctx, char xpath[CF_BUFSIZE], const Attributes *a, const Promise *pp, PromiseResult *result);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:122:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr XPathTailExtractNode(EvalContext *ctx, char xpath[CF_BUFSIZE], const Attributes *a, const Promise *pp, PromiseResult *result);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:123:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr XPathSegmentExtractNode(char segment[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:124:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char* XPathGetTail(char xpath[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:125:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool XPathRemoveHead(char xpath[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:126:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool XPathRemoveTail(char xpath[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:139:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlChar *CharToXmlChar(char c[CF_BUFSIZE]);
data/cfengine3-3.15.2/cf-agent/files_editxml.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE], rawxpath[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-agent/files_editxml.c:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:454:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:524:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:584:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:644:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:704:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_editxml.c:917:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool BuildXPathInFile(EvalContext *ctx, char rawxpath[CF_BUFSIZE], xmlDocPtr doc, const Attributes *a,
data/cfengine3-3.15.2/cf-agent/files_editxml.c:922:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyxpath[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-agent/files_editxml.c:978:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool BuildXPathInNode(EvalContext *ctx, char rawxpath[CF_BUFSIZE], xmlDocPtr doc, const Attributes *a,
data/cfengine3-3.15.2/cf-agent/files_editxml.c:982:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyxpath[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-agent/files_editxml.c:1629:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rawxpath[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2386:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmlNodePtr PredicateExtractNode(char predicate[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rawname[CF_BUFSIZE] = { 0 }, rawvalue[CF_BUFSIZE] = { 0 }, *tok;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2425:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool PredicateRemoveHead(char predicate[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copypred[CF_BUFSIZE] = { 0 }, *tail = NULL;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2443:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr XPathHeadExtractNode(EvalContext *ctx, char xpath[CF_BUFSIZE], const Attributes *a, const Promise *pp, PromiseResult *result)
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2446:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[CF_BUFSIZE] = {0}, *tok = NULL;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2472:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr XPathTailExtractNode(EvalContext *ctx, char xpath[CF_BUFSIZE], const Attributes *a, const Promise *pp, PromiseResult *result)
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyxpath[CF_BUFSIZE] = {0}, tail[CF_BUFSIZE] = {0}, *tok = NULL;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2494:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static xmlNodePtr XPathSegmentExtractNode(char segment[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char predicate[CF_BUFSIZE] = { 0 }, rawname[CF_BUFSIZE] = { 0 }, rawvalue[CF_BUFSIZE] = { 0 }, *tok;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2587:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char* XPathGetTail(char xpath[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2589:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[CF_BUFSIZE] = {0}, *tok = NULL;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2627:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool XPathRemoveHead(char xpath[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2629:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyxpath[CF_BUFSIZE] = { 0 }, *tail = NULL;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2645:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool XPathRemoveTail(char xpath[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2647:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyxpath[CF_BUFSIZE] = { 0 }, *tail = NULL;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2725:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regexp[CF_BUFSIZE] = {'\0'};
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2737:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (regexp, "^(\\/(( |\\t)*(\\w|-|\\.)+( |\\t)*)"
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2757:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regexp[CF_BUFSIZE] = {'\0'};
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2760:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (regexp, "\\[\\s*([^\\[\\]]*\\s*(\\||(or)|(and)))?\\s*" // [ (stuff) (|/or/and)
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2779:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
xmlChar *CharToXmlChar(char c[CF_BUFSIZE])
data/cfengine3-3.15.2/cf-agent/files_links.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[CF_BUFSIZE], linkbuf[CF_BUFSIZE], absto[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char absto[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:205:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expand[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkto[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[CF_BUFSIZE], linkto[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[CF_BUFSIZE], absto[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkbuf[CF_BUFSIZE], tmp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkpath[CF_BUFSIZE], *sp;
data/cfengine3-3.15.2/cf-agent/files_links.c:589:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:590:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[CF_MAXLINKSIZE];
data/cfengine3-3.15.2/cf-agent/files_links.c:627:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dest, "/..");
data/cfengine3-3.15.2/cf-agent/files_links.c:731:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char destination[CF_BUFSIZE]; /* GLOBAL_R, no need to initialize */
data/cfengine3-3.15.2/cf-agent/files_operators.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[CF_BUFSIZE], saved[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_operators.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new[CF_BUFSIZE], backup[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_operators.c:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_operators.c:172:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[statbuf.st_size + 1];
data/cfengine3-3.15.2/cf-agent/files_operators.c:188:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[BufferSize(deref_file) + 1];
data/cfengine3-3.15.2/cf-agent/files_operators.c:214:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(backup, ".cf-before-edit");
data/cfengine3-3.15.2/cf-agent/files_operators.c:217:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(new, ".cf-after-edit");
data/cfengine3-3.15.2/cf-agent/files_properties.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_repository.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destination[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_select.c:282:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ownerName[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_select.c:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_SMALLBUF];
data/cfengine3-3.15.2/cf-agent/files_select.c:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/files_select.c:569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_SMALLBUF];
data/cfengine3-3.15.2/cf-agent/findhub.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[AVAHI_ADDRESS_STR_MAX];
data/cfengine3-3.15.2/cf-agent/findhub_priv.h:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Hostname[4096];
data/cfengine3-3.15.2/cf-agent/findhub_priv.h:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IPAddress[AVAHI_ADDRESS_STR_MAX];
data/cfengine3-3.15.2/cf-agent/nfs.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[CF_BUFSIZE], buf2[CF_BUFSIZE], buf3[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/nfs.c:283:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256], source[1024], mounton[1024];
data/cfengine3-3.15.2/cf-agent/nfs.c:442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fstab[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/nfs.c:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fstype_upper[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/nfs.c:518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regex[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/nfs.c:544:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aixcomm[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/nfs.c:626:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/nfs.c:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/package_module.c:408:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
api_version = atoi(RlistScalarValue(response));
data/cfengine3-3.15.2/cf-agent/package_module.c:573:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1];
data/cfengine3-3.15.2/cf-agent/package_module.c:604:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package_key[strlen(name) + strlen(ver) +
data/cfengine3-3.15.2/cf-agent/package_module.c:627:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[val_size + strlen(arch) + strlen(ver) + 8];
data/cfengine3-3.15.2/cf-agent/package_module.c:641:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[strlen(arch) + strlen(ver) + 8];
data/cfengine3-3.15.2/cf-agent/package_module.c:662:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *package_data[3] = {NULL, NULL, NULL};
data/cfengine3-3.15.2/cf-agent/package_module.c:1060:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char package_key[strlen(info->name) + 4];
data/cfengine3-3.15.2/cf-agent/package_module.c:1074:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[val_size + 1];
data/cfengine3-3.15.2/cf-agent/package_module.c:1086:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[strlen(package_line)];
data/cfengine3-3.15.2/cf-agent/package_module.c:1087:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arch[strlen(package_line)];
data/cfengine3-3.15.2/cf-agent/package_module.c:1562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cache_updates_lock_name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.c:122:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextbuffer[CF_BUFSIZE], nextbufferOrig[CF_BUFSIZE], regex[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/retcode.c:43:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retcodeStr[PRINTSIZE(retcode)];
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbpath[PATH_MAX + 1]; /* full pathname to the database file */
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hbuf[256];
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:88:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
-1 == (dbmeta->fd = open(dbmeta->dbpath, O_RDONLY)))
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:111:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(dbmeta->bucket_count), hbuf + 40, sizeof(uint64_t));
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&opts, hbuf + 36, sizeof(uint8_t));
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:118:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(dbmeta->record_count), hbuf + 48, sizeof(uint64_t));
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:119:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(dbmeta->record_offset), hbuf + 64, sizeof(uint64_t));
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(dbmeta->alignment_pow), hbuf + 34, sizeof(uint8_t));
data/cfengine3-3.15.2/cf-agent/vercmp_internal.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, numeral[30], separator[2];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char database[CF_MAXVARSIZE], table[CF_MAXVARSIZE], query[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:160:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(a->database.operation, "drop");
data/cfengine3-3.15.2/cf-agent/verify_databases.c:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[CF_BUFSIZE], name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char root_key[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_MAXVARSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:740:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[CF_MAXVARSIZE], query[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:793:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_databases.c:993:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *const aliases[3][2] =
data/cfengine3-3.15.2/cf-agent/verify_environments.c:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *CF_SUSPENDED[CF_MAX_CONCURRENT_ENVIRONMENTS];
data/cfengine3-3.15.2/cf-agent/verify_environments.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hyper_uri[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_environments.c:395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *networks[CF_MAX_CONCURRENT_ENVIRONMENTS];
data/cfengine3-3.15.2/cf-agent/verify_environments.c:444:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultxml[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_environments.c:924:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defaultxml[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[20];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdOutBuf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module_context[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeout_str[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_exec.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner_str[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/cf-agent/verify_exec.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_str[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/cf-agent/verify_files.c:351:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basedir[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files.c:366:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files.c:620:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char existing_output_digest[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/cf-agent/verify_files.c:641:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rendered_output_digest[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/cf-agent/verify_files.c:740:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char edit_bundle_name[CF_BUFSIZE], lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_hashes.c:40:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest1[EVP_MAX_MD_SIZE + 1] = { 0 }, digest2[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/cf-agent/verify_files_hashes.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff1[BUFSIZ], buff2[BUFSIZ];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:628:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newfrom[CF_BUFSIZE], newto[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:761:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(newto, "dummy");
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:787:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backup[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:799:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(backup, ".cf-moved");
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1016:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourcefile[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1017:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sourcedir[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1018:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destdir[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1019:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destfile[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1188:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backup[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new[CF_BUFSIZE], *linkable;
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1419:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1818:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2329:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basedir[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2661:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2755:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2979:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char promiserpath[CF_BUFSIZE], sourcepath[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3085:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest1[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3086:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest2[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3136:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destination[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3262:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3890:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errormsg[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3938:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errormsg[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_methods.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_new_packages.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char promise_lock[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:647:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char update_timestamp_file[PATH_MAX];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:691:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(update_timestamp_file, O_WRONLY | O_CREAT, 0600);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:809:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:859:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:899:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE], version[CF_MAXVARSIZE], arch[CF_MAXVARSIZE], mgr[CF_MAXVARSIZE], line[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char thismanager[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:928:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fin = fopen(name, "r")) == NULL)
data/cfengine3-3.15.2/cf-agent/verify_packages.c:1501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refAnyVerEsc[CF_EXPANDSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:1502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char largestVerAvail[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:1503:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char largestPackAvail[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:1504:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_EXPANDSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:1765:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_arch[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:1766:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inst_ver[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2345:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arch[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2494:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2495:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2496:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arch[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3242:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char quotedPath[CF_MAXVARSIZE]; /* GLOBAL_R, no need to initialize */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3347:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineSafe[res * 2 + 1];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3348:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lineSafe, line, res + 1);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arch[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3476:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3521:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[CF_MAXVARSIZE] = ""; /* GLOBAL_X */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3522:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char arch[CF_MAXVARSIZE] = ""; /* GLOBAL_X */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3523:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[CF_MAXVARSIZE] = ""; /* GLOBAL_X */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3524:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vbuff[CF_MAXVARSIZE] = ""; /* GLOBAL_X */
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3539:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "CF_NOMATCH");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3540:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(version, "CF_NOMATCH");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3578:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arch[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3579:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-agent/verify_processes.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_storage.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_storage.c:397:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_storage.c:403:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vbuff, "..");
data/cfengine3-3.15.2/cf-agent/verify_storage.c:408:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(vbuff, "..");
data/cfengine3-3.15.2/cf-agent/verify_storage.c:444:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_users.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:135:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hash_buf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_regex_str[strlen(puser) + 3];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:189:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash_buf, buf + submatch_vec[2], submatch_vec[3] - submatch_vec[2]);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:392:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final_cmd[strlen(cmd_str) + strlen(puser) + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char change_string[total_len + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backup_file[strlen(passwd_file) + strlen(".cf-backup") + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:479:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char edit_file[strlen(passwd_file) + strlen(".cf-edit") + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:495:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int edit_fd_int = open(edit_file, O_WRONLY | O_CREAT | O_EXCL, S_IWUSR);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:556:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_line[strlen(line) + strlen(password) + 2];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE + strlen(puser)];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:758:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_hash[strlen(hash) + 2];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:866:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (atoi(key) == entry->gr_gid);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:975:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (u->uid != NULL && (atoi (u->uid) != passwd_info->pw_uid))
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1025:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gid = atoi(u->group_primary);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1060:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_command[strlen(cmd) + sizeof(help_argument)];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sec_group_args[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1153:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep[2] = { '\0', '\0' };
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-check/backup.c:43:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char backup_dir[PATH_MAX];
data/cfengine3-3.15.2/cf-check/backup.c:44:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char backup_root[PATH_MAX];
data/cfengine3-3.15.2/cf-check/diagnose.c:86:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char unknown[1024];
data/cfengine3-3.15.2/cf-check/diagnose.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target_buf[4096] = { 0 };
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char twinfilename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:175:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char starttime_str[64];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:195:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char esc_command[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:201:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:204:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canonified_fq_name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:348:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_escaped[res * 2 + 1];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:349:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line_escaped, line, res + 1);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:658:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prev_file[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:701:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:756:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:757:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/cf-execd/cf-execd.c:552:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char promiser_buf[CF_SMALLBUF];
data/cfengine3-3.15.2/cf-execd/cf-execd.c:558:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myuid[PRINTSIZE(unsigned)];
data/cfengine3-3.15.2/cf-execd/cf-execd.c:664:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VDOMAIN, "undefined.domain");
data/cfengine3-3.15.2/cf-execd/execd-config.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char splay[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NI_MAXHOST];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[26];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char equivalent[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:402:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:404:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vtmp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:474:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:476:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vtmp[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-key/cf-key.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LICENSE_SOURCE[MAX_FILENAME] = ""; /* GLOBAL_A */
data/cfengine3-3.15.2/cf-monitord/cf-monitord.c:303:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VPREFIX, "cf-monitord");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ENVFILE_NEW[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ENVFILE[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:211:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timekey[CF_SMALLBUF];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:385:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:592:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[CF_BUFSIZE], ldt_buff[CF_BUFSIZE], name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:599:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:800:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:927:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE], buffer2[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:959:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "_high");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:963:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "_low");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:967:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "_normal");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:977:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer2, "_microanomaly");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:992:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "_high");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:996:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "_low");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1000:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "_normal");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1008:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer2, "_normal");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1014:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer2, "_dev1");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1025:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer2, "_dev2");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1034:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer2, "_anomaly");
data/cfengine3-3.15.2/cf-monitord/env_monitor.c:1048:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timekey[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:147:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MAXVARSIZE], lval[CF_MAXVARSIZE], rval[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[CF_BUFSIZE], sdate[CF_MAXVARSIZE], filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/history.c:738:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_cpu.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpuname[CF_MAXVARSIZE], buf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char accesslog[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorlog[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char syslog[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messages[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:53:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(accesslog, "/var/log/apache2/access_log");
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:54:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errorlog, "/var/log/apache2/error_log");
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:55:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(syslog, "/var/log/syslog");
data/cfengine3-3.15.2/cf-monitord/mon_disk.c:56:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(messages, "/var/log/messages");
data/cfengine3-3.15.2/cf-monitord/mon_entropy.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfspath[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfspath[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysfspath[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:169:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fh = fopen("/proc/diskstats", "r")))
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diskname[256];
data/cfengine3-3.15.2/cf-monitord/mon_network.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network.c:147:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network.c:148:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network.c:149:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[CF_BUFSIZE], remote[CF_BUFSIZE], comm[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network.c:220:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(comm, " -an");
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const TCPNAMES[CF_NETATTR] =
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tcpbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tcpbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src[CF_BUFSIZE], dest[CF_BUFSIZE], flag = '.', *arr;
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:463:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_processes.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_processes.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pscomm[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/mon_processes.c:121:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[64];
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CF_BUFSIZE], buf[CF_BUFSIZE], index[4];
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:145:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "r")) == NULL)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:205:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:209:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(path, "r")) == NULL)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:215:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/monitoring.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-monitord/monitoring.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_contents_new[MAX_KEY_FILE_SIZE] = {0};
data/cfengine3-3.15.2/cf-monitord/monitoring.c:107:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-monitord/monitoring.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventname[CF_MAXVARSIZE], assignment[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-net/cf-net.c:495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/cf-net/cf-net.c:682:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_file[PATH_MAX];
data/cfengine3-3.15.2/cf-net/cf-net.c:683:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_file[PATH_MAX];
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:149:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char OUTPUT_DIRECTORY[CF_BUFSIZE] = ""; /* GLOBAL_P */
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:155:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SENDCLASSES[CF_MAXVARSIZE] = ""; /* GLOBAL_A */
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:156:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DEFINECLASSES[CF_MAXVARSIZE] = ""; /* GLOBAL_A */
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:157:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char REMOTEBUNDLES[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:454:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey[CF_HOSTKEY_STRING_SIZE], user[CF_SMALLBUF];
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:456:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[8];
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:708:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuf[CF_BUFSIZE - CF_INBAND_OFFSET] = "EXEC";
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:742:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:797:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/cf-serverd-functions.c:407:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VDOMAIN, "undefined.domain");
data/cfengine3-3.15.2/cf-serverd/cf-serverd-functions.c:658:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/cf-serverd/cf-serverd.c:48:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(NULLFILE, O_RDWR, 0);
data/cfengine3-3.15.2/cf-serverd/server.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFRUNCOMMAND[CF_MAXVARSIZE] = { 0 }; /* GLOBAL_P */
data/cfengine3-3.15.2/cf-serverd/server.c:142:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intime[PRINTSIZE(now)];
data/cfengine3-3.15.2/cf-serverd/server.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aligned_ipaddr[CF_MAX_IP_LEN + 2];
data/cfengine3-3.15.2/cf-serverd/server.h:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/cf-serverd/server.h:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char revdns[NI_MAXHOST]; /* only populated in new protocol */
data/cfengine3-3.15.2/cf-serverd/server.h:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sid[CF_MAXSIDSIZE]; /* 2K size too big! */
data/cfengine3-3.15.2/cf-serverd/server.h:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-serverd/server.h:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-serverd/server.h:158:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char CFRUNCOMMAND[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-serverd/server_access.c:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled_path[PATH_MAX];
data/cfengine3-3.15.2/cf-serverd/server_access.c:326:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mangled_path, reqpath, reqpath_len + 1);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transrequest[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char translated_req_path[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char transpath[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:307:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_regex[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:533:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out1, sp, len1);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:537:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out2, sp, len2);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:541:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out3, sp, len3);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:549:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstring[CF_MAXVARSIZE], fqname[CF_MAXVARSIZE], username[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:628:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_classic.c:657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sauth[10] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_classic.c:720:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decrypted_challenge[PRIVKEY_size];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:877:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char counter_challenge[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:887:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encrypted_counter_challenge[encrypted_len];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:922:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bignum_buf[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_classic.c:939:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recv_buf[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_classic.c:978:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_key[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1007:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conn->session_key, session_key, session_key_size);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1011:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decrypted_session_key[PRIVKEY_size];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1033:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conn->session_key, decrypted_session_key, session_key_size);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1045:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE + CF_BUFEXT], check[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1046:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1047:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE], buffer[CF_BUFSIZE], out[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1296:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1369:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1454:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1493:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1497:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, recvbuffer + strlen(recvbuffer) + CF_SMALL_OFFSET,
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1515:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1551:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1587:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1622:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, recvbuffer + CF_PROTO_OFFSET, len);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1653:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "BAD: Request denied");
data/cfengine3-3.15.2/cf-serverd/server_common.c:146:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:376:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE + 256], filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:570:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE + 256], out[CF_BUFSIZE], filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:571:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[32] =
data/cfengine3-3.15.2/cf-serverd/server_common.c:707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkbuf[CF_BUFSIZE], filename[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:746:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "BAD: unable to read link");
data/cfengine3-3.15.2/cf-serverd/server_common.c:849:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "OK:");
data/cfengine3-3.15.2/cf-serverd/server_common.c:854:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "OK:");
data/cfengine3-3.15.2/cf-serverd/server_common.c:861:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool CompareLocalHash(const char *filename, const char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-serverd/server_common.c:861:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool CompareLocalHash(const char *filename, const char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-serverd/server_common.c:862:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CFD_FALSE_SIZE])
data/cfengine3-3.15.2/cf-serverd/server_common.c:866:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char translated_filename[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_common.c:869:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char file_digest[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_common.c:889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle[CF_BUFSIZE], out[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:920:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:935:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE - CF_INBAND_OFFSET];
data/cfengine3-3.15.2/cf-serverd/server_common.c:948:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:965:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:971:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "BAD: request to access a non-absolute filename");
data/cfengine3-3.15.2/cf-serverd/server_common.c:1022:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-serverd/server_common.c:1026:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "BAD: request to access a non-absolute filename");
data/cfengine3-3.15.2/cf-serverd/server_common.c:1203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[path_size];
data/cfengine3-3.15.2/cf-serverd/server_common.c:1249:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replacement_expanded[path_size];
data/cfengine3-3.15.2/cf-serverd/server_common.c:1250:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(replacement_expanded, replacement, replacement_len + 1);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1276:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, replacement_expanded, replacement_expanded_len);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1278:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[replacement_expanded_len], &path[first_part_len],
data/cfengine3-3.15.2/cf-serverd/server_common.c:1286:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, dst, dst_len + 1);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[reqpath_size];
data/cfengine3-3.15.2/cf-serverd/server_common.c:1408:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqpath, dst, dst_len + 1);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1427:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conn->username, username, username_len + 1);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1590:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg0[PATH_MAX];
data/cfengine3-3.15.2/cf-serverd/server_common.c:1643:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdbuf[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/cf-serverd/server_common.h:53:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool CompareLocalHash(const char *filename, const char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-serverd/server_common.h:53:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool CompareLocalHash(const char *filename, const char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/cf-serverd/server_common.h:54:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CFD_FALSE_SIZE]);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[peek_size];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[1024] = "";
data/cfengine3-3.15.2/cf-serverd/server_tls.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[CF_MAXVARSIZE];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:365:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word1[1024], word2[1024];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024] = "OK WELCOME";
data/cfengine3-3.15.2/cf-serverd/server_tls.c:547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[sizeof(conn->username)] = "";
data/cfengine3-3.15.2/cf-serverd/server_tls.c:646:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE + CF_BUFEXT] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_tls.c:648:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE - CF_INBAND_OFFSET] = { 0 };
data/cfengine3-3.15.2/cf-serverd/server_tls.c:649:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE + 1]; /* +1 for appending slash sometimes */
data/cfengine3-3.15.2/cf-serverd/server_tls.c:964:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:968:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, recvbuffer + strlen(recvbuffer) + CF_SMALL_OFFSET,
data/cfengine3-3.15.2/cf-serverd/server_tls.c:978:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[256];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:1001:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_regex[256];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:1058:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[256], name[128];
data/cfengine3-3.15.2/cf-serverd/server_tls.c:1141:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "BAD: Request denied");
data/cfengine3-3.15.2/cf-serverd/server_tls.h:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const PROTOCOL_NEW[PROTOCOL_COMMAND_BAD + 1] =
data/cfengine3-3.15.2/cf-serverd/server_transform.c:391:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CFRUNCOMMAND, value, strlen(value) + 1);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:851:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[2 + strlen(name)], *c = copy;
data/cfengine3-3.15.2/cf-serverd/server_transform.c:972:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regex[strlen(host) + extra], *dst = regex;
data/cfengine3-3.15.2/cf-serverd/server_transform.c:994:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, dot, len);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1211:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1217:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(path, pp->promiser, path_len + 1);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1486:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unslashed_path[path_len + 1];
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1487:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(unslashed_path, path, path_len + 1);
data/cfengine3-3.15.2/cf-serverd/strlist.c:62:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->str, s, s_len + 1);
data/cfengine3-3.15.2/cf-testd/cf-testd.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[sizeof(conn->username)] = "";
data/cfengine3-3.15.2/cf-testd/cf-testd.c:282:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[CF_BUFSIZE];
data/cfengine3-3.15.2/cf-testd/cf-testd.c:329:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sendbuffer, "BAD: Request denied");
data/cfengine3-3.15.2/cf-testd/cf-testd.c:340:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE + CF_BUFEXT] = "";
data/cfengine3-3.15.2/cf-testd/cf-testd.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE - CF_INBAND_OFFSET] = "";
data/cfengine3-3.15.2/cf-testd/cf-testd.c:385:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[256], name[128];
data/cfengine3-3.15.2/cf-testd/cf-testd.c:523:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/cf-upgrade/configuration.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *arguments[CF_UPGRADE_MAX_ARGUMENTS]; /*!< upgrade command and arguments */
data/cfengine3-3.15.2/cf-upgrade/log.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_LOG_ENTRY_SIZE];
data/cfengine3-3.15.2/cf-upgrade/log.c:93:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_fd = open(path, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
data/cfengine3-3.15.2/cf-upgrade/log.c:95:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_fd = open(path, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR);
data/cfengine3-3.15.2/cf-upgrade/process.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[32768];
data/cfengine3-3.15.2/cf-upgrade/process.c:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[32768];
data/cfengine3-3.15.2/cf-upgrade/update.c:51:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
source_fd = open(source, O_RDONLY);
data/cfengine3-3.15.2/cf-upgrade/update.c:58:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
destination_fd = open(destination, O_WRONLY|O_CREAT|O_EXCL, S_IRWXU|S_IRGRP|S_IROTH);
data/cfengine3-3.15.2/cf-upgrade/update.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/cfengine3-3.15.2/cf-upgrade/update.c:113:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
source_fd = open(source, O_BINARY|O_RDONLY);
data/cfengine3-3.15.2/cf-upgrade/update.c:120:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
destination_fd = open(destination, O_BINARY|O_WRONLY|O_CREAT|O_EXCL, S_IRWXU);
data/cfengine3-3.15.2/cf-upgrade/update.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/cfengine3-3.15.2/cf-upgrade/update.c:274:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[CF_UPGRADE_MAX_ARGUMENTS + 1];
data/cfengine3-3.15.2/cf-upgrade/update.c:330:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[COMMAND_LINE_OPTIONS + 1];
data/cfengine3-3.15.2/ext/rpmvercmp.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[strlen(a)+1], bbuf[strlen(b)+1];
data/cfengine3-3.15.2/ext/rpmvercmp.c:196:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint32_t epochOne = first->epoch ? atoi(first->epoch) : 0;
data/cfengine3-3.15.2/ext/rpmvercmp.c:197:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint32_t epochTwo = second->epoch ? atoi(second->epoch) : 0;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[CF_ADDRSIZE];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:155:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[64], buffer2[64];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:258:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[64], buffer2[64];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, refbase[1024];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[CF_BUFSIZE], buf2[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[CF_ADDRSIZE];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:476:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[64];
data/cfengine3-3.15.2/libcfnet/addr_lib.c:508:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[CF_ADDRSIZE];
data/cfengine3-3.15.2/libcfnet/cfnet.h:35:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char CFENGINE_PORT_STR[16]; /* GLOBAL_P GLOBAL_E */
data/cfengine3-3.15.2/libcfnet/cfnet.h:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[CF_SMALLBUF];
data/cfengine3-3.15.2/libcfnet/cfnet.h:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remoteip[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/libcfnet/classic.c:135:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int SendSocketStream(int sd, const char buffer[CF_BUFSIZE], int tosend)
data/cfengine3-3.15.2/libcfnet/classic.h:30:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int SendSocketStream(int sd, const char buffer[CF_BUFSIZE], int tosend);
data/cfengine3-3.15.2/libcfnet/client_code.c:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFENGINE_PORT_STR[16] = "5308";
data/cfengine3-3.15.2/libcfnet/client_code.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/libcfnet/client_code.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/client_code.c:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/client_code.c:335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/client_code.c:336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/client_code.c:369:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sendbuffer + CF_PROTO_OFFSET, out, cipherlen);
data/cfengine3-3.15.2/libcfnet/client_code.c:397:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in, recvbuffer, nbytes);
data/cfengine3-3.15.2/libcfnet/client_code.c:464:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char d[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libcfnet/client_code.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/client_code.c:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/client_code.c:480:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/client_code.c:481:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/client_code.c:505:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sendbuffer + CF_PROTO_OFFSET, out, cipherlen);
data/cfengine3-3.15.2/libcfnet/client_code.c:554:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf, in[CF_BUFSIZE], out[CF_BUFSIZE], workbuf[CF_BUFSIZE], cfchangedstr[265];
data/cfengine3-3.15.2/libcfnet/client_code.c:555:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[32] =
data/cfengine3-3.15.2/libcfnet/client_code.c:599:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(workbuf + CF_PROTO_OFFSET, out, cipherlen);
data/cfengine3-3.15.2/libcfnet/client_code.c:715:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2];
data/cfengine3-3.15.2/libcfnet/client_code.c:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf, workbuf[CF_BUFSIZE], cfchangedstr[265];
data/cfengine3-3.15.2/libcfnet/client_protocol.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char VIPADDRESS[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/libcfnet/client_protocol.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[CF_BUFSIZE], sendbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/client_protocol.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dnsname[CF_MAXVARSIZE], localip[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/libcfnet/client_protocol.c:156:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dnsname, "skipident");
data/cfengine3-3.15.2/libcfnet/client_protocol.c:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_EXPANDSIZE], in[CF_BUFSIZE], *out, *decrypted_cchall;
data/cfengine3-3.15.2/libcfnet/client_protocol.c:214:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libcfnet/client_protocol.c:285:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sendbuffer + CF_RSA_PROTO_OFFSET, out, encrypted_len);
data/cfengine3-3.15.2/libcfnet/client_protocol.c:289:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sendbuffer + CF_RSA_PROTO_OFFSET, in, nonce_len);
data/cfengine3-3.15.2/libcfnet/net.c:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char BINDINTERFACE[CF_MAXVARSIZE]; /* cf3globals.c, cf3.extern.h */
data/cfengine3-3.15.2/libcfnet/net.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/libcfnet/net.c:86:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(work + CF_INBAND_OFFSET, buffer, len);
data/cfengine3-3.15.2/libcfnet/net.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[CF_INBAND_OFFSET + 1] = { 0 };
data/cfengine3-3.15.2/libcfnet/policy_server.c:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char POLICY_SERVER_PORT[CF_MAX_PORT_LEN]; // only port part
data/cfengine3-3.15.2/libcfnet/policy_server.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char POLICY_SERVER_IP[CF_MAX_IP_LEN]; // resolved IP
data/cfengine3-3.15.2/libcfnet/policy_server.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char contents[CF_MAX_SERVER_LEN] = "";
data/cfengine3-3.15.2/libcfnet/policy_server.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_ipaddr[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/libcfnet/protocol.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MSGSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/protocol.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MSGSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/protocol.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfchangedstr[sizeof(CF_CHANGEDSTR1 CF_CHANGEDSTR2)];
data/cfengine3-3.15.2/libcfnet/protocol.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libcfnet/server_code.c:168:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/libcfnet/stat_cache.c:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/stat_cache.c:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendbuffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/stat_cache.c:159:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in[CF_BUFSIZE], out[CF_BUFSIZE];
data/cfengine3-3.15.2/libcfnet/stat_cache.c:175:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sendbuffer + CF_PROTO_OFFSET, out, cipherlen);
data/cfengine3-3.15.2/libcfnet/tls_client.c:195:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024] = "";
data/cfengine3-3.15.2/libcfnet/tls_client.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[128];
data/cfengine3-3.15.2/libcfnet/tls_client.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "IDENTITY");
data/cfengine3-3.15.2/libcfnet/tls_generic.c:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const tls_version_strings[TLS_LAST + 1] = {"1.0", "1.1", "1.2", "1.3"};
data/cfengine3-3.15.2/libcfnet/tls_generic.c:783:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[bytes_still_buffered];
data/cfengine3-3.15.2/libcfnet/tls_generic.c:1005:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ciphers[max_len];
data/cfengine3-3.15.2/libcfnet/tls_generic.c:1008:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher_suites[max_len];
data/cfengine3-3.15.2/libenv/sysinfo.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dnsname[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libenv/sysinfo.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fqn[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:391:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:419:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, workbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:423:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libenv/sysinfo.c:428:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char real_version[_SYS_NMLN];
data/cfengine3-3.15.2/libenv/sysinfo.c:436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *components[COMPONENTS_SIZE] = { "cf-twin", "cf-agent", "cf-serverd", "cf-monitord", "cf-know",
data/cfengine3-3.15.2/libenv/sysinfo.c:443:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE], quoteName[CF_MAXVARSIZE], shortname[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:459:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VSYSNAME.sysname, "android");
data/cfengine3-3.15.2/libenv/sysinfo.c:465:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VSYSNAME.sysname, "busybox");
data/cfengine3-3.15.2/libenv/sysinfo.c:519:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysname[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:608:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pubkey_digest[CF_HOSTKEY_STRING_SIZE] = { 0 };
data/cfengine3-3.15.2/libenv/sysinfo.c:683:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:816:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone[ZONENAME_MAX];
data/cfengine3-3.15.2/libenv/sysinfo.c:817:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:867:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lval[1024];
data/cfengine3-3.15.2/libenv/sysinfo.c:912:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env[CF_BUFSIZE], context[CF_BUFSIZE], name[CF_MAXVARSIZE], value[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1029:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1043:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1198:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char init_path[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1203:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resolved_path[PATH_MAX]; /* realpath() needs PATH_MAX */
data/cfengine3-3.15.2/libenv/sysinfo.c:1372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1390:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1504:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1597:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1605:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1613:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1624:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1653:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1679:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1709:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strmajor[PRINTSIZE(major)];
data/cfengine3-3.15.2/libenv/sysinfo.c:1730:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classbuf[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1788:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1903:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strmajor[PRINTSIZE(major)], strminor[PRINTSIZE(minor)];
data/cfengine3-3.15.2/libenv/sysinfo.c:1929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classbuf[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:1989:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classbuf[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2001:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2009:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[CF_BUFSIZE], strversion[CF_MAXVARSIZE], strpatch[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2057:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(classbuf, "SLES8");
data/cfengine3-3.15.2/libenv/sysinfo.c:2125:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strmajor[PRINTSIZE(major)], strminor[PRINTSIZE(minor)];
data/cfengine3-3.15.2/libenv/sysinfo.c:2134:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classbuf, "SUSE");
data/cfengine3-3.15.2/libenv/sysinfo.c:2146:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classbuf, "SuSE");
data/cfengine3-3.15.2/libenv/sysinfo.c:2166:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(classbuf, "SLES");
data/cfengine3-3.15.2/libenv/sysinfo.c:2202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/libenv/sysinfo.c:2203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flavor[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2282:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2305:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(os, "cumulus");
data/cfengine3-3.15.2/libenv/sysinfo.c:2336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[CF_MAXVARSIZE], buffer[CF_MAXVARSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2410:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char minor[CF_MAXVARSIZE] = {0};
data/cfengine3-3.15.2/libenv/sysinfo.c:2442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2488:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char relstring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strmajor[PRINTSIZE(major)], strminor[PRINTSIZE(minor)];
data/cfengine3-3.15.2/libenv/sysinfo.c:2546:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classbuf[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2580:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[128];
data/cfengine3-3.15.2/libenv/sysinfo.c:2583:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2600:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2610:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[128];
data/cfengine3-3.15.2/libenv/sysinfo.c:2613:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2629:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2637:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE], class[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2655:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2663:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2683:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, buffer[CF_BUFSIZE], classbuf[CF_BUFSIZE], version[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/sysinfo.c:2909:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[13];
data/cfengine3-3.15.2/libenv/sysinfo.c:3001:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_SMALLBUF] = "1_cpu";
data/cfengine3-3.15.2/libenv/sysinfo.c:3218:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uptime += ((time_t) atoi(backref)) * seconds;
data/cfengine3-3.15.2/libenv/time_classes.c:60:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:80:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int aix_get_mac_addr(const char *device_name, uint8_t mac[6]);
data/cfengine3-3.15.2/libenv/unix_iface.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw_mac[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw_mac[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw_mac[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mac[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:233:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hw_mac, "%.2x:%.2x:%.2x:%.2x:%.2x:%.2x",
data/cfengine3-3.15.2/libenv/unix_iface.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hw_mac[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:320:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libenv/unix_iface.c:325:34: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_UP) strcat(buffer, " up");
data/cfengine3-3.15.2/libenv/unix_iface.c:326:41: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_BROADCAST) strcat(buffer, " broadcast");
data/cfengine3-3.15.2/libenv/unix_iface.c:327:37: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_DEBUG) strcat(buffer, " debug");
data/cfengine3-3.15.2/libenv/unix_iface.c:328:40: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_LOOPBACK) strcat(buffer, " loopback");
data/cfengine3-3.15.2/libenv/unix_iface.c:329:43: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_POINTOPOINT) strcat(buffer, " pointopoint");
data/cfengine3-3.15.2/libenv/unix_iface.c:332:42: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_NOTRAILERS) strcat(buffer, " notrailers");
data/cfengine3-3.15.2/libenv/unix_iface.c:335:39: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_RUNNING) strcat(buffer, " running");
data/cfengine3-3.15.2/libenv/unix_iface.c:336:37: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_NOARP) strcat(buffer, " noarp");
data/cfengine3-3.15.2/libenv/unix_iface.c:337:39: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_PROMISC) strcat(buffer, " promisc");
data/cfengine3-3.15.2/libenv/unix_iface.c:338:40: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_ALLMULTI) strcat(buffer, " allmulti");
data/cfengine3-3.15.2/libenv/unix_iface.c:339:41: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (ifr->ifr_flags & IFF_MULTICAST) strcat(buffer, " multicast");
data/cfengine3-3.15.2/libenv/unix_iface.c:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, workbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:361:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_name[sizeof(ifp->ifr_name)] = "";
data/cfengine3-3.15.2/libenv/unix_iface.c:472:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/libenv/unix_iface.c:488:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ip, "ipv4_");
data/cfengine3-3.15.2/libenv/unix_iface.c:518:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ip, "ipv4_");
data/cfengine3-3.15.2/libenv/unix_iface.c:660:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifconfig_line[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:661:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_interface[CF_BUFSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:731:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char variable_name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libenv/unix_iface.c:771:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixed_ip[CF_MAX_IP_LEN + sizeof(IPV6_PREFIX)] = {0};
data/cfengine3-3.15.2/libenv/unix_iface.c:818:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE],regex[256];
data/cfengine3-3.15.2/libenv/unix_iface.c:822:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fin = fopen(filename,"r")) == NULL)
data/cfengine3-3.15.2/libenv/unix_iface.c:863:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int aix_get_mac_addr(const char *device_name, uint8_t mac[6])
data/cfengine3-3.15.2/libenv/unix_iface.c:898:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac, ndd[i].ndd_addr, 6);
data/cfengine3-3.15.2/libenv/zones.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone[ZONENAME_MAX];
data/cfengine3-3.15.2/libenv/zones.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sp, zone[ZONENAME_MAX];
data/cfengine3-3.15.2/libntech/libcompat/closefrom.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_dir[50];
data/cfengine3-3.15.2/libntech/libcompat/generic_at.c:82:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cwd = open(".", O_RDONLY);
data/cfengine3-3.15.2/libntech/libcompat/getaddrinfo.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[HOST_NAME_MAX+1];
data/cfengine3-3.15.2/libntech/libcompat/getaddrinfo.c:173:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = (unsigned short)atoi(service);
data/cfengine3-3.15.2/libntech/libcompat/getaddrinfo.c:221:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = (unsigned short)atoi(service);
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:583:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ldavgbuf[40];
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:587:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (LINUX_LDAV_FILE, O_RDONLY);
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:619:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (NETBSD_LDAV_FILE, "r");
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:910:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
channel = open ("/dev/kmem", 0);
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:995:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
naptime = atoi (argv[1]);
data/cfengine3-3.15.2/libntech/libcompat/gmtime_r.c:46:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, ret, sizeof(struct tm));
data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "255.255.255.255"];
data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, len + 1);
data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"], *tp;
data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c:187:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, tp - tmp);
data/cfengine3-3.15.2/libntech/libcompat/inet_pton.c:86:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[NS_INADDRSZ], *tp;
data/cfengine3-3.15.2/libntech/libcompat/inet_pton.c:115:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_INADDRSZ);
data/cfengine3-3.15.2/libntech/libcompat/inet_pton.c:140:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
data/cfengine3-3.15.2/libntech/libcompat/inet_pton.c:214:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_IN6ADDRSZ);
data/cfengine3-3.15.2/libntech/libcompat/localtime_r.c:46:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, ret, sizeof(struct tm));
data/cfengine3-3.15.2/libntech/libcompat/memdup.c:44:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m, data, size);
data/cfengine3-3.15.2/libntech/libcompat/openat.c:47:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data->fd = open(data->pathname, data->flags, data->mode);
data/cfengine3-3.15.2/libntech/libcompat/rpl_ctime.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[26];
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[MAX_CONVERT_LENGTH];
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[MAX_CONVERT_LENGTH];
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fconvert[MAX_CONVERT_LENGTH];
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1087:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char econvert[4]; /* "e-12" (without nul-termination). */
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:1574:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char staticbuf[1024];
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:2141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[1024], buf2[1024];
data/cfengine3-3.15.2/libntech/libcompat/snprintf.c:2196:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf(buf1, "%.1f", value);
data/cfengine3-3.15.2/libntech/libcompat/strdup.c:45:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sp, str, len);
data/cfengine3-3.15.2/libntech/libcompat/strerror.c:37:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[20];
data/cfengine3-3.15.2/libntech/libcompat/strndup.c:46:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(copy, str, len);
data/cfengine3-3.15.2/libntech/libcompat/strsignal.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char SIGNAL_TEXT[16];
data/cfengine3-3.15.2/libntech/libutils/buffer.c:246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer->buffer + buffer->used, str, len);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:277:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer->buffer + buffer->used, bytes, actual_length);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:285:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer->buffer + buffer->used, bytes, length);
data/cfengine3-3.15.2/libntech/libutils/encode.c:62:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, buffer->data, buffer->length - 1);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:50:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((test = fopen(path, modes)) != NULL)
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:128:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE] = {0};
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[PATH_MAX] = {0};
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:217:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[READ_BUFSIZE];
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:564:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open(pathname, flags, create_perms);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[path_bufsize];
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:1246:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subpath[PATH_MAX];
data/cfengine3-3.15.2/libntech/libutils/hash.c:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const CF_DIGEST_TYPES[10] =
data/cfengine3-3.15.2/libntech/libutils/hash.c:68:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE];
data/cfengine3-3.15.2/libntech/libutils/hash.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printable[EVP_MAX_MD_SIZE * 4];
data/cfengine3-3.15.2/libntech/libutils/hash.c:93:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hash->printable, "MD5=");
data/cfengine3-3.15.2/libntech/libutils/hash.c:101:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hash->printable, "SHA=");
data/cfengine3-3.15.2/libntech/libutils/hash.c:104:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(hash->printable, "UNK=");
data/cfengine3-3.15.2/libntech/libutils/hash.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/cfengine3-3.15.2/libntech/libutils/hash.c:259:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[buf_len];
data/cfengine3-3.15.2/libntech/libutils/hash.c:301:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*destination)->digest, origin->digest, origin->size);
data/cfengine3-3.15.2/libntech/libutils/hash.c:402:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.c:424:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024];
data/cfengine3-3.15.2/libntech/libutils/hash.c:444:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const filename,
data/cfengine3-3.15.2/libntech/libutils/hash.c:445:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.c:479:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const buffer,
data/cfengine3-3.15.2/libntech/libutils/hash.c:481:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.c:532:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.c:573:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[buf_len];
data/cfengine3-3.15.2/libntech/libutils/hash.c:595:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char digest1[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.c:596:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char digest2[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.c:635:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, prefix, dst_len);
data/cfengine3-3.15.2/libntech/libutils/hash.c:694:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libntech/libutils/hash.c:706:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hash_prefix_start, md5_prefix, md5_prefix_length);
data/cfengine3-3.15.2/libntech/libutils/hash.h:154:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HashFile(const char *filename, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type, bool text_mode);
data/cfengine3-3.15.2/libntech/libutils/hash.h:154:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HashFile(const char *filename, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type, bool text_mode);
data/cfengine3-3.15.2/libntech/libutils/hash.h:155:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HashString(const char *buffer, int len, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type);
data/cfengine3-3.15.2/libntech/libutils/hash.h:155:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HashString(const char *buffer, int len, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type);
data/cfengine3-3.15.2/libntech/libutils/hash.h:157:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char digest1[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.h:158:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char digest2[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libntech/libutils/hash.h:163:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HashPubKey(const RSA *key, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type);
data/cfengine3-3.15.2/libntech/libutils/json.c:1882:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const parse_errors[JSON_PARSE_ERROR_MAX] = {
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char OVERRIDE_BINDIR[PATH_MAX] = {0};
data/cfengine3-3.15.2/libntech/libutils/known_dirs.c:161:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char workbuf[CF_BUFSIZE]; \
data/cfengine3-3.15.2/libntech/libutils/known_dirs.h:30:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *GetDefaultDir_helper(char dir[PATH_MAX], const char *root_dir,
data/cfengine3-3.15.2/libntech/libutils/known_dirs.h:30:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *GetDefaultDir_helper(char dir[PATH_MAX], const char *root_dir,
data/cfengine3-3.15.2/libntech/libutils/libcrypto-compat.c:342:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, meth, sizeof(*meth));
data/cfengine3-3.15.2/libntech/libutils/logging.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VPREFIX[1024] = ""; /* GLOBAL_C */
data/cfengine3-3.15.2/libntech/libutils/logging.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char AgentType[80] = "generic";
data/cfengine3-3.15.2/libntech/libutils/logging.c:202:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool LoggingFormatTimestamp(char dest[64], size_t n, struct tm *timestamp)
data/cfengine3-3.15.2/libntech/libutils/logging.c:228:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatted_timestamp[64];
data/cfengine3-3.15.2/libntech/libutils/logging.c:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logmsg[4096];
data/cfengine3-3.15.2/libntech/libutils/logging.c:286:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libntech/libutils/logging.c:298:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(errbuf, "Unknown error");
data/cfengine3-3.15.2/libntech/libutils/logging.c:390:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dst[buflen+1];
data/cfengine3-3.15.2/libntech/libutils/logging.c:419:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *log_modules[LOG_MOD_MAX] =
data/cfengine3-3.15.2/libntech/libutils/logging.h:92:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool LoggingFormatTimestamp(char dest[64], size_t n, struct tm *timestamp);
data/cfengine3-3.15.2/libntech/libutils/man.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program_upper[256] = { 0 };
data/cfengine3-3.15.2/libntech/libutils/man.c:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_modified[20] = { 0 };
data/cfengine3-3.15.2/libntech/libutils/misc_lib.c:156:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char buf[buffer_size];
data/cfengine3-3.15.2/libntech/libutils/mustache.c:597:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc_delim_start[MUSTACHE_MAX_DELIM_SIZE] = {0};
data/cfengine3-3.15.2/libntech/libutils/mustache.c:601:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc_delim_end[MUSTACHE_MAX_DELIM_SIZE] = {0};
data/cfengine3-3.15.2/libntech/libutils/mustache.c:888:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delim_start[MUSTACHE_MAX_DELIM_SIZE] = "{{";
data/cfengine3-3.15.2/libntech/libutils/mustache.c:891:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char delim_end[MUSTACHE_MAX_DELIM_SIZE] = "}}";
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PID_MSG_SIZE + 1];
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:167:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char answer[sizeof(ACK_MSG) + 1]; /* +1 for the '\0' below */
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[PID_MSG_SIZE];
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_message_data[CMSG_SPACE(sizeof(descriptor))];
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_MESSAGE_SIZE] = "PassOpenFile: failed to transmit any message";
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:448:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control_message_data[CMSG_SPACE(sizeof(received_descriptor))];
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:122:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
text = memcpy(text, replacement, length + 1);
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:468:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result_offset, subject + offset, (size_t)matches[matchpos].submatch_offset[0] - offset);
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:475:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result_offset, job->substitute->text + job->substitute->block_offset[segment], job->substitute->block_length[segment]);
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:484:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:496:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result_offset, subject + offset, subject_length - offset);
data/cfengine3-3.15.2/libntech/libutils/platform.h:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysname[_SYS_NMLN];
data/cfengine3-3.15.2/libntech/libutils/platform.h:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodename[_SYS_NMLN];
data/cfengine3-3.15.2/libntech/libutils/platform.h:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[_SYS_NMLN];
data/cfengine3-3.15.2/libntech/libutils/platform.h:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[_SYS_NMLN];
data/cfengine3-3.15.2/libntech/libutils/platform.h:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char machine[_SYS_NMLN];
data/cfengine3-3.15.2/libntech/libutils/proc_keyvalue.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/cfengine3-3.15.2/libntech/libutils/set.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char minibuf[2];
data/cfengine3-3.15.2/libntech/libutils/stack.c:160:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_stack->data, stack->data, sizeof(void *) * stack->size);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:421:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, source + start, end - start + 1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[buf_size];
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:795:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp[tmp_len], &buf[buf_idx], prefix_len);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:798:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp[tmp_len], replace, replace_len);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:811:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp[tmp_len], &buf[buf_idx], leftover_len + 1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:815:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, tmp, tmp_len + 1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:961:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr[i], sp, len);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1294:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obuf, isp, l);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1300:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obuf, isp, limit-1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1369:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&path[path_len + 1], leaf, leaf_len + 1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1406:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[dlen], src, slen);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1412:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[dlen], src, dst_size - dlen - 1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1456:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[dlen], src, slen);
data/cfengine3-3.15.2/libntech/libutils/string_sequence.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[SEQ_PREFIX_LEN];
data/cfengine3-3.15.2/libntech/libutils/threaded_deque.c:509:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_deque->data, deque->data,
data/cfengine3-3.15.2/libntech/libutils/threaded_queue.c:399:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_queue->data, queue->data,
data/cfengine3-3.15.2/libntech/libutils/threaded_stack.c:181:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_stack->base.data, stack->base.data, sizeof(void *) * stack->base.size);
data/cfengine3-3.15.2/libntech/libutils/unix_dir.c:208:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)entry->d_name, filename, length + 1);
data/cfengine3-3.15.2/libntech/libutils/writer.c:110:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(writer->string.data + writer->string.len, str, len);
data/cfengine3-3.15.2/libntech/libutils/writer.c:201:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2] = { c, '\0' };
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_m1[DEFAULT_BUFFER_CAPACITY - 1];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_0[DEFAULT_BUFFER_CAPACITY];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_p1[DEFAULT_BUFFER_CAPACITY + 1];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_m1[DEFAULT_BUFFER_CAPACITY - 1];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_0[DEFAULT_BUFFER_CAPACITY];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_p1[DEFAULT_BUFFER_CAPACITY + 1];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:393:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_m1[DEFAULT_BUFFER_CAPACITY];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_0[DEFAULT_BUFFER_CAPACITY + 1];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_p1[DEFAULT_BUFFER_CAPACITY + 2];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:546:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_m1[DEFAULT_BUFFER_CAPACITY];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_0[DEFAULT_BUFFER_CAPACITY + 1];
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:548:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer_p1[DEFAULT_BUFFER_CAPACITY + 2];
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1025:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(set, values, number_of_values * sizeof(values[0]));
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1180:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, memory, size);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1509:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *guards[2] = { block - MALLOC_GUARD_SIZE,
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1682:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xmlfile = fopen(global_xmlfile, "w");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1703:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xmlfile = fopen(global_xmlfile, "a");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1727:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xmlfile = fopen(ofile, "ab");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1728:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xml_tmp = fopen(ifile, "rb");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[1024];
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1916:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024] = {0};
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1917:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024] = {0};
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1918:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suitename[1024] = {0};
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char casename[1024] = {0};
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1920:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmlfile[1024] = {0};
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1929:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "xml_tmp_suite");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1990:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "xml_tmp_case");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1995:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "xml_tmp_suite");
data/cfengine3-3.15.2/libntech/tests/unit/csv_parser_test.c:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[5] = {
data/cfengine3-3.15.2/libntech/tests/unit/csv_parser_test.c:160:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("./data/csv_file.csv", "r");
data/cfengine3-3.15.2/libntech/tests/unit/csv_parser_test.c:215:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("./data/csv_file_edge_cases.csv", "r");
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "AB\"CD"); \
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:97:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ORIG_DIR = open(".", O_RDONLY);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:125:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(TEMP_DIR "/" TEST_FILE, O_WRONLY | O_CREAT | O_TRUNC, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:128:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_SUBDIR "/" TEST_FILE, O_WRONLY | O_CREAT | O_TRUNC, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:131:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_SUBSUBDIR "/" TEST_FILE, O_WRONLY | O_CREAT | O_TRUNC, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[strlen(str) + 1];
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:648:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_FILE "///", O_RDONLY);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:717:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(TEST_FILE, O_WRONLY|O_CREAT, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1623:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = {0};
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1648:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[length];
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1658:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[length]; // ASAN should panic if we overflow
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1668:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[half];
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1698:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(TEMP_DIR "/" TEST_FILE, O_CREAT | O_RDWR, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1716:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_FILE, O_CREAT | O_RDWR, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1740:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_FILE, O_CREAT | O_RDWR, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1765:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_FILE, O_CREAT | O_RDWR, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lock_test.c:56:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(TEMP_DIR "/" TEST_FILE, O_CREAT | O_RDWR, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/file_lock_test.c:105:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(TEMP_DIR "/" TEST_FILE, O_CREAT | O_RDWR, 0644);
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:28:10: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(file);
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:218:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest_a[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:219:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest_b[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:220:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest_c[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:221:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest_d[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/cfengine3-3.15.2/libntech/tests/unit/json_test.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/cfengine3-3.15.2/libntech/tests/unit/logging_timestamp_test.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:89:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[i+1];
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[i+1];
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[i+1];
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[i+1];
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:462:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[i+1];
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:475:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[i+1];
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:741:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[4];
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:742:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[4];
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:743:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[2];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weirdstuff_copy_lowercased[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lo_alphabet_lowercased[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hi_alphabet_lowercased[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weirdstuff_copy_uppercased[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lo_alphabet_uppercased[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hi_alphabet_uppercased[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[29] = "%%%%%%%%%%%%%%";
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:912:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[0 + 1];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:913:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[1 + 1];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[2 + 1];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:915:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char non_terminated[3];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:918:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[buf_size];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e[buf_size];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:920:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[buf_size];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:921:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g[buf_size];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:922:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h[buf_size];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:973:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:986:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ones[2] = {'1', '1'};
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:994:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:995:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp[30];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1005:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sp,"\n2345678901234567890abcdefghi");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1009:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sp,"12345678901234567890abcdefghi");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1013:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sp,"12345678901234567890abcde\nghi");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1017:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sp,"123456789012345\n7890abcdefghi");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1024:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[10];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1091:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[10];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[10];
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1193:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dst, "12345678");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1198:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dst, "12345678");
data/cfengine3-3.15.2/libpromises/audit.c:99:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/bootstrap.c:172:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cf_promises_validated_filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/bootstrap.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[26] = { 0 };
data/cfengine3-3.15.2/libpromises/bootstrap.c:193:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/libpromises/bootstrap.c:253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char failsafe_path[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/bootstrap.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/libpromises/bootstrap.c:375:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[RANDOM_BYTES];
data/cfengine3-3.15.2/libpromises/cf3.defs.h:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sid[CF_MAXSIDSIZE]; /* Invalid sid indicates unset */
data/cfengine3-3.15.2/libpromises/cf3.extern.h:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char BINDINTERFACE[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/cf3.extern.h:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char VIPADDRESS[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/libpromises/cf3.extern.h:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char VPREFIX[1024];
data/cfengine3-3.15.2/libpromises/cf3.extern.h:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char VDOMAIN[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/cf3.extern.h:58:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const OBSERVABLES[CF_OBSERVABLES][2];
data/cfengine3-3.15.2/libpromises/cf3globals.c:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VFQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */
data/cfengine3-3.15.2/libpromises/cf3globals.c:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VUQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E */
data/cfengine3-3.15.2/libpromises/cf3globals.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VDOMAIN[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */
data/cfengine3-3.15.2/libpromises/cf3globals.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VIPADDRESS[CF_MAX_IP_LEN] = ""; /* GLOBAL_E */
data/cfengine3-3.15.2/libpromises/cf3globals.c:140:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char BINDINTERFACE[CF_MAXVARSIZE]; /* GLOBAL_P */
data/cfengine3-3.15.2/libpromises/cf3parse.c:1017:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/cfengine3-3.15.2/libpromises/cf3parse.c:1204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/cfengine3-3.15.2/libpromises/cf3parse.c:2015:32: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(P.lval,"no lval");
data/cfengine3-3.15.2/libpromises/cf3parse.c:3078:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/cf3parse.c:3103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/class.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[ strlen(ns) + 1 + strlen(name) + 1 ];
data/cfengine3-3.15.2/libpromises/class.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[ strlen(ns) + 1 + strlen(name) + 1 ];
data/cfengine3-3.15.2/libpromises/constants.c:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *const OBSERVABLES[CF_OBSERVABLES][2] =
data/cfengine3-3.15.2/libpromises/conversion.c:665:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const ACL_INHERIT_TYPES[5] =
data/cfengine3-3.15.2/libpromises/conversion.c:673:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const ACL_DEFAULT_TYPES[5] =
data/cfengine3-3.15.2/libpromises/conversion.c:774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month_small[CF_SMALLBUF];
data/cfengine3-3.15.2/libpromises/conversion.c:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month_big[CF_SMALLBUF];
data/cfengine3-3.15.2/libpromises/conversion.c:830:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[CF_SMALLBUF], day[CF_SMALLBUF], year[CF_SMALLBUF];
data/cfengine3-3.15.2/libpromises/conversion.c:831:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[CF_SMALLBUF];
data/cfengine3-3.15.2/libpromises/conversion.c:868:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, start, len);
data/cfengine3-3.15.2/libpromises/conversion.c:887:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char arg[CF_BUFSIZE]; /* GLOBAL_R, no initialization needed */
data/cfengine3-3.15.2/libpromises/conversion.c:1006:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/conversion.c:1067:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupname[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char randfile[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:139:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char randfile[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:280:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/crypto.c:283:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_public_key_filename[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/crypto.c:285:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:298:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_public_key_filename[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/crypto.c:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[CF_MAXVARSIZE], newname[CF_BUFSIZE], oldname[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[CF_MAXVARSIZE], filename[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:524:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/crypto.c:544:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/crypto.c:597:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[32] =
data/cfengine3-3.15.2/libpromises/crypto.c:679:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char iv[32] =
data/cfengine3-3.15.2/libpromises/crypto.c:729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/crypto.c:730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexStr[3]; // one byte as hex
data/cfengine3-3.15.2/libpromises/dbm_api.c:129:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const DB_PATHS_WORKDIR[sizeof(DB_PATHS_STATEDIR) / sizeof(const char * const)] = {
data/cfengine3-3.15.2/libpromises/dbm_api.c:694:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
val = memcpy(val, value, value_size);
data/cfengine3-3.15.2/libpromises/dbm_api.c:716:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char repair_flag_file[PATH_MAX] = { 0 };
data/cfengine3-3.15.2/libpromises/dbm_lmdb.c:784:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, data.mv_data, dest_size);
data/cfengine3-3.15.2/libpromises/dbm_lmdb.c:924:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cursor->curkv, mkey.mv_data, mkey.mv_size);
data/cfengine3-3.15.2/libpromises/dbm_lmdb.c:928:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) cursor->curkv + keybuf_size, data.mv_data, data.mv_size);
data/cfengine3-3.15.2/libpromises/dbm_migration.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[64];
data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c:100:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&old_data_q, (const char *) value + QPOINT0_OFFSET,
data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c:103:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c:113:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c:123:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quality_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/dbm_tokyocab.c:418:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(dbpath, "r");
data/cfengine3-3.15.2/libpromises/dbm_tokyocab.c:437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hbuf[256];
data/cfengine3-3.15.2/libpromises/dbm_tokyocab.c:460:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&declared_size, &hbuf[56], sizeof(uint64_t));
data/cfengine3-3.15.2/libpromises/enterprise_stubs.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[CF_BUFSIZE] = { 0 };
data/cfengine3-3.15.2/libpromises/enterprise_stubs.c:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/eval_context.c:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *STACK_FRAME_TYPE_STR[STACK_FRAME_TYPE_MAX] = {
data/cfengine3-3.15.2/libpromises/eval_context.c:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/eval_context.c:1430:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/eval_context.c:1447:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[PRINTSIZE(uintmax_t)];
data/cfengine3-3.15.2/libpromises/eval_context.c:1452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v[PRINTSIZE(int)];
data/cfengine3-3.15.2/libpromises/eval_context.c:1598:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context_copy[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/eval_context.c:1599:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canonified_context[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/eval_context.c:1830:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abbr[sizeof(sep) + 2 * N];
data/cfengine3-3.15.2/libpromises/eval_context.c:1839:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(abbr, promiser, head);
data/cfengine3-3.15.2/libpromises/evalfunction.c:181:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char naked[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:515:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NI_MAXHOST];
data/cfengine3-3.15.2/libpromises/evalfunction.c:610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINTSIZE(uintmax_t)];
data/cfengine3-3.15.2/libpromises/evalfunction.c:772:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/evalfunction.c:786:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE] = "", ctrlstr[CF_SMALLBUF];
data/cfengine3-3.15.2/libpromises/evalfunction.c:851:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:867:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/libpromises/evalfunction.c:889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NI_MAXHOST];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1118:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuffer[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1153:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuffer[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:1214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1718:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1730:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *const fin = fopen(filename, "r");
data/cfengine3-3.15.2/libpromises/evalfunction.c:1821:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_line[new_line_size];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1854:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regex[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1898:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1905:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuffer[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1906:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/evalfunction.c:1932:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, string, len + 1);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1992:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, string + offset , len - offset + 1);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1996:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, string + len - max, max + 1);
data/cfengine3-3.15.2/libpromises/evalfunction.c:2048:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX];
data/cfengine3-3.15.2/libpromises/evalfunction.c:2075:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:2178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modulecmd[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:2222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class_name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:2538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:2568:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:2936:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:3063:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:3515:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int from = CF_NOINT, to = CF_NOINT, step_size = atoi(step);
data/cfengine3-3.15.2/libpromises/evalfunction.c:3795:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char naked[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:3862:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:3874:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:3889:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:3907:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:4072:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:4087:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_raw_names[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:4113:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:4263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:4347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:4377:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char check_buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5171:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char piece[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5222:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format_rewrite[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5508:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_FILENAME];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5522:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:5568:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5610:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5657:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5677:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class_name[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5801:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:5990:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[CF_MAXVARSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:6226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:6383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epoch[PRINTSIZE(when)];
data/cfengine3-3.15.2/libpromises/evalfunction.c:6387:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char * SearchReplacePair[2];
data/cfengine3-3.15.2/libpromises/evalfunction.c:6448:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:6491:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char failure[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:6751:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module_context[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libpromises/evalfunction.c:6921:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[key_len];
data/cfengine3-3.15.2/libpromises/evalfunction.c:7050:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:7456:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_BUFSIZE], handle[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:8063:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char context[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/evalfunction.c:8112:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg0[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/evalfunction.c:8122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_BUFSIZE], content[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/exec_tools.c:136:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(NULLFILE, O_RDWR, 0);
data/cfengine3-3.15.2/libpromises/expand.c:357:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char naked[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/expand.c:547:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char naked[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/expand.c:1189:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &s[2], s_len - 3);
data/cfengine3-3.15.2/libpromises/extensions.c:85:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *dirs_to_try[3] = { NULL };
data/cfengine3-3.15.2/libpromises/extensions.c:107:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[strlen(dirs_to_try[i]) + strlen(lib) + strlen(name) + 2];
data/cfengine3-3.15.2/libpromises/files_copy.c:202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_raw_names[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_copy.c:225:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_lib.c:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentpath[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_lib.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_lib.c:444:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sub_path[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_lib.c:492:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024];
data/cfengine3-3.15.2/libpromises/files_lib.c:516:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "rb");
data/cfengine3-3.15.2/libpromises/files_lib.c:524:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/cfengine3-3.15.2/libpromises/files_lib.c:550:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[CF_BUFSIZE], to[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_names.c:79:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_names.c:485:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[CF_BUFSIZE]; /* GLOBAL_R, no initialization needed */
data/cfengine3-3.15.2/libpromises/files_names.c:496:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[CF_BUFSIZE]; /* GLOBAL_R, no initialization needed */
data/cfengine3-3.15.2/libpromises/files_names.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/files_names.c:575:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, rootlen);
data/cfengine3-3.15.2/libpromises/files_names.c:648:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abs_path[PATH_MAX] = { 0 };
data/cfengine3-3.15.2/libpromises/files_names.c:657:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_path[2 * PATH_MAX] = { 0 };
data/cfengine3-3.15.2/libpromises/generic_agent.c:77:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char PIDFILE[CF_BUFSIZE] = ""; /* GLOBAL_C */
data/cfengine3-3.15.2/libpromises/generic_agent.c:182:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX];
data/cfengine3-3.15.2/libpromises/generic_agent.c:573:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canonified_ipaddr[strlen(bootstrap_ip) + 1];
data/cfengine3-3.15.2/libpromises/generic_agent.c:752:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_dirname[PATH_MAX + 1];
data/cfengine3-3.15.2/libpromises/generic_agent.c:806:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char git_checksum[GENERIC_AGENT_CHECKSUM_SIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:880:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release_id[GENERIC_AGENT_CHECKSUM_SIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:912:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:917:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfpromises[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1003:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1004:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuff[CF_EXPANDSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1153:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[cwd_size];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char git_filename[PATH_MAX + 1];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1222:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char git_head[128];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1312:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/libpromises/generic_agent.c:1338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[max_size];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1505:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_FILENAME];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1599:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1729:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char input_path[CF_BUFSIZE]; /* GLOBAL_R, no initialization needed */
data/cfengine3-3.15.2/libpromises/generic_agent.c:2045:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char failsafe_path[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/granules.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[18]; /* GLOBAL_R, no initialization needed */
data/cfengine3-3.15.2/libpromises/instrumentation.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[CF_BUFSIZE], *mid = NULL;
data/cfengine3-3.15.2/libpromises/item_lib.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sep2[3] = { sep, '\\', '\0' };
data/cfengine3-3.15.2/libpromises/item_lib.c:563:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[buf_len], string, z);
data/cfengine3-3.15.2/libpromises/item_lib.c:602:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[buf_len], string, z);
data/cfengine3-3.15.2/libpromises/item_lib.c:618:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[256];
data/cfengine3-3.15.2/libpromises/item_lib.c:695:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tail, ip->name, space);
data/cfengine3-3.15.2/libpromises/item_lib.c:701:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tail, ip->name, len);
data/cfengine3-3.15.2/libpromises/item_lib.c:1018:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/keyring.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keysdir[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/keyring.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/keyring.c:86:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyfilename[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char databuf[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quality_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char back_address[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:211:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/lastseen.c:460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufkey[CF_BUFSIZE + 1];
data/cfengine3-3.15.2/libpromises/lastseen.c:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufhost[CF_BUFSIZE + 1];
data/cfengine3-3.15.2/libpromises/lastseen.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:493:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bufkey, "qi");
data/cfengine3-3.15.2/libpromises/lastseen.c:497:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bufkey, "qo");
data/cfengine3-3.15.2/libpromises/lastseen.c:527:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufkey[CF_BUFSIZE + 1];
data/cfengine3-3.15.2/libpromises/lastseen.c:528:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufhost[CF_BUFSIZE + 1];
data/cfengine3-3.15.2/libpromises/lastseen.c:533:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:560:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bufkey, "qi");
data/cfengine3-3.15.2/libpromises/lastseen.c:564:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bufkey, "qo");
data/cfengine3-3.15.2/libpromises/lastseen.c:600:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyhost_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:610:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incoming_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/lastseen.c:622:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outgoing_key[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/loading.c:318:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1] = { 0 };
data/cfengine3-3.15.2/libpromises/loading.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuffer[CF_HOSTKEY_STRING_SIZE] = { 0 };
data/cfengine3-3.15.2/libpromises/loading.c:473:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/loading.c:628:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX];
data/cfengine3-3.15.2/libpromises/locks.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lock[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/locks.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/locks.c:198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest2[LMDB_MAX_KEY_SIZE];
data/cfengine3-3.15.2/libpromises/locks.c:253:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ohash[LMDB_MAX_KEY_SIZE];
data/cfengine3-3.15.2/libpromises/locks.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *days[7] = { "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun" };
data/cfengine3-3.15.2/libpromises/locks.c:280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *months[12] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/cfengine3-3.15.2/libpromises/locks.c:352:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest2[LMDB_MAX_KEY_SIZE];
data/cfengine3-3.15.2/libpromises/locks.c:502:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ohash[LMDB_MAX_KEY_SIZE];
data/cfengine3-3.15.2/libpromises/locks.c:571:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void PromiseRuntimeHash(const Promise *pp, const char *salt,
data/cfengine3-3.15.2/libpromises/locks.c:572:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libpromises/locks.c:729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_digest[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/locks.c:731:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/locks.c:751:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc_operator[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/locks.c:753:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char promise[CF_MAXVARSIZE - CF_BUFFERMARGIN];
data/cfengine3-3.15.2/libpromises/locks.c:758:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc_operand[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/locks.c:781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cflock[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/locks.c:785:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cflast[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/libpromises/locks.c:944:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1];
data/cfengine3-3.15.2/libpromises/locks.c:946:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_digest[CF_HOSTKEY_STRING_SIZE];
data/cfengine3-3.15.2/libpromises/locks.c:1022:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int from_fd = open(from, O_RDONLY | O_BINARY);
data/cfengine3-3.15.2/libpromises/locks.c:1031:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int to_fd = open(tmp_file_name, O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0600);
data/cfengine3-3.15.2/libpromises/locks.h:49:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void PromiseRuntimeHash(const Promise *pp, const char *salt,
data/cfengine3-3.15.2/libpromises/locks.h:50:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/libpromises/match_scope.c:53:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char substring[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/matching.c:42:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char backreference[CF_BUFSIZE]; /* GLOBAL_R, no initialization needed */
data/cfengine3-3.15.2/libpromises/matching.c:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strDup[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/math_eval.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[50]; \
data/cfengine3-3.15.2/libpromises/monitoring_read.c:34:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *UNITS[CF_OBSERVABLES] = /* constant */
data/cfengine3-3.15.2/libpromises/monitoring_read.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/monitoring_read.c:176:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/monitoring_read.c:178:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CF_MAXVARSIZE], desc[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/monitoring_read.c:179:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char units[CF_MAXVARSIZE] = "unknown";
data/cfengine3-3.15.2/libpromises/monitoring_read.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timekey[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/ornaments.c:93:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abbr[sizeof(sep) + 2 * max_fragment];
data/cfengine3-3.15.2/libpromises/ornaments.c:102:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(abbr, src, head);
data/cfengine3-3.15.2/libpromises/ornaments.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/ornaments.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pretty_promise_name[n+1];
data/cfengine3-3.15.2/libpromises/parser_state.h:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blocktype[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/parser_state.h:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blockid[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/parser_state.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/parser_state.h:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lval[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/parser_state.h:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currentid[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/parser_state.h:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currenttype[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/parser_state.h:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *currentfnid[CF_MAX_NESTING];
data/cfengine3-3.15.2/libpromises/pipes.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[CF_BUFSIZE] = {0};
data/cfengine3-3.15.2/libpromises/pipes_unix.c:367:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int nullfd = open(NULLFILE, O_WRONLY);
data/cfengine3-3.15.2/libpromises/policy.c:86:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/policy.c:804:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ns[256] = { 0 };
data/cfengine3-3.15.2/libpromises/policy.c:2848:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/policy.c:2890:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/process_linux.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[64];
data/cfengine3-3.15.2/libpromises/process_linux.c:46:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, O_RDONLY)) != -1)
data/cfengine3-3.15.2/libpromises/process_linux.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stat[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/process_linux.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_state[2];
data/cfengine3-3.15.2/libpromises/process_solaris.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/process_solaris.c:44:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_RDONLY);
data/cfengine3-3.15.2/libpromises/process_solaris.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/process_solaris.c:73:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_RDONLY);
data/cfengine3-3.15.2/libpromises/processes_select.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *column[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[4]; /* Abbreviated month name */
data/cfengine3-3.15.2/libpromises/processes_select.c:607:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrow_str[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/processes_select.c:610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_str[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/processes_select.c:615:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[PRINTSIZE(lineindex)];
data/cfengine3-3.15.2/libpromises/processes_select.c:906:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[200];
data/cfengine3-3.15.2/libpromises/processes_select.c:967:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *colHeaders[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:987:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lineSplit[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:1027:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[16];
data/cfengine3-3.15.2/libpromises/processes_select.c:1191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:1299:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char limit[21];
data/cfengine3-3.15.2/libpromises/processes_select.c:1323:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(limit) < 1024)
data/cfengine3-3.15.2/libpromises/processes_select.c:1399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:1441:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *columns[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/processes_select.c:1558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pscomm[CF_MAXLINKSIZE];
data/cfengine3-3.15.2/libpromises/processes_select.c:1590:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[CF_PROCCOLS];
data/cfengine3-3.15.2/libpromises/promises.c:310:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char body_name[strlen(cp->lval) + 6];
data/cfengine3-3.15.2/libpromises/promises.c:816:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char id[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/promises.c:817:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/rlist.c:409:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_to, buffer_from, var_start);
data/cfengine3-3.15.2/libpromises/rlist.c:413:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer_to + var_start, repl, repl_len);
data/cfengine3-3.15.2/libpromises/rlist.c:696:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[CF_MAXVARSIZE] = { 0 };
data/cfengine3-3.15.2/libpromises/rlist.c:1048:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[1 + consume - escapes], *dst = copy;
data/cfengine3-3.15.2/libpromises/rlist.c:1208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/rlist.c:1237:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node, sp, len);
data/cfengine3-3.15.2/libpromises/rlist.c:1544:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char naked[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/scope.c:150:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char naked[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/scope.c:333:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void JoinScopeName(const char *ns, const char *bundle, char scope_out[CF_MAXVARSIZE])
data/cfengine3-3.15.2/libpromises/scope.c:333:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void JoinScopeName(const char *ns, const char *bundle, char scope_out[CF_MAXVARSIZE])
data/cfengine3-3.15.2/libpromises/scope.c:333:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void JoinScopeName(const char *ns, const char *bundle, char scope_out[CF_MAXVARSIZE])
data/cfengine3-3.15.2/libpromises/scope.h:60:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void JoinScopeName(const char *ns, const char *bundle, char scope_out[CF_MAXVARSIZE]);
data/cfengine3-3.15.2/libpromises/scope.h:60:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void JoinScopeName(const char *ns, const char *bundle, char scope_out[CF_MAXVARSIZE]);
data/cfengine3-3.15.2/libpromises/scope.h:60:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void JoinScopeName(const char *ns, const char *bundle, char scope_out[CF_MAXVARSIZE]);
data/cfengine3-3.15.2/libpromises/signals.c:158:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX] = { 0 }; /* trying to avoid memory allocation */
data/cfengine3-3.15.2/libpromises/signals.c:161:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_CREAT|O_RDWR, CF_PERMS_DEFAULT);
data/cfengine3-3.15.2/libpromises/signals.c:208:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX] = { 0 }; /* trying to avoid memory allocation */
data/cfengine3-3.15.2/libpromises/signals.c:211:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_CREAT|O_RDWR, CF_PERMS_DEFAULT);
data/cfengine3-3.15.2/libpromises/sort.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remainder[4096];
data/cfengine3-3.15.2/libpromises/sort.c:342:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char left[bytes], right[bytes];
data/cfengine3-3.15.2/libpromises/syntax.c:266:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *const msgs[SYNTAX_TYPE_MATCH_MAX] =
data/cfengine3-3.15.2/libpromises/syslog_client.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char SYSLOG_HOST[MAXHOSTNAMELEN] = "localhost";
data/cfengine3-3.15.2/libpromises/syslog_client.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strport[PRINTSIZE(unsigned)];
data/cfengine3-3.15.2/libpromises/syslog_client.c:94:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txtaddr[CF_MAX_IP_LEN] = "";
data/cfengine3-3.15.2/libpromises/syslog_client.c:111:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[rfc3164_len];
data/cfengine3-3.15.2/libpromises/syslog_client.c:112:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuffer[26];
data/cfengine3-3.15.2/libpromises/systype.h:61:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const CLASSTEXT[PLATFORM_CONTEXT_MAX];
data/cfengine3-3.15.2/libpromises/systype.h:62:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const VPSCOMM[PLATFORM_CONTEXT_MAX];
data/cfengine3-3.15.2/libpromises/systype.h:63:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const VPSOPTS[PLATFORM_CONTEXT_MAX];
data/cfengine3-3.15.2/libpromises/systype.h:64:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *const VFSTAB[PLATFORM_CONTEXT_MAX];
data/cfengine3-3.15.2/libpromises/unix.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[GETPW_R_SIZE_MAX] = {0};
data/cfengine3-3.15.2/libpromises/unix.c:225:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((devnull = open("/dev/null", O_WRONLY)) == -1)
data/cfengine3-3.15.2/libpromises/var_expressions.c:516:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ref->scope, StringSubstring(ref->scope, len, 0, len - strlen("_meta")), len - strlen("_meta"));
data/cfengine3-3.15.2/libpromises/vars.c:190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/vars.c:269:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[CF_BUFSIZE];
data/cfengine3-3.15.2/libpromises/vars.c:325:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack[MAX_VARIABLE_REFERENCE_LEVELS] = { 0, str[1], 0 };
data/cfengine3-3.15.2/libpromises/verify_classes.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char splay[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/verify_classes.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[CF_MAXVARSIZE];
data/cfengine3-3.15.2/libpromises/verify_reports.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unique_name[CF_EXPANDSIZE];
data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/027.c:13:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *boxes[HOURLY];
data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/staging/028.c:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *boxes[DAILY];
data/cfengine3-3.15.2/tests/acceptance/25_cf-execd/cf-execd-rpl-functions.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recvbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:7:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char AVAILABLE_PACKAGES_FILE_NAME[PATH_MAX];
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:8:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char INSTALLED_PACKAGES_FILE_NAME[PATH_MAX];
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:185:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *packages_file = fopen(database_filename, "r");
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serialized_package[MAX_PACKAGE_ENTRY_LENGTH];
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:209:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *packages_file = fopen(database_filename, "w");
data/cfengine3-3.15.2/tests/acceptance/mock_package_manager.c:276:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *packages_file = fopen(db_file_name, "w");
data/cfengine3-3.15.2/tests/acceptance/no_fds.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_args[argc - startarg + 1];
data/cfengine3-3.15.2/tests/load/db_load.c:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/load/db_load.c:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readData[sizeof(READWRITEDATA1)];
data/cfengine3-3.15.2/tests/load/db_load.c:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/load/db_load.c:214:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int numthreads = atoi(argv[1]);
data/cfengine3-3.15.2/tests/load/db_load.c:271:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/tests/load/lastseen_load.c:8:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/load/lastseen_load.c:39:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey[50];
data/cfengine3-3.15.2/tests/load/lastseen_load.c:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[50];
data/cfengine3-3.15.2/tests/load/lastseen_load.c:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/load/lastseen_load.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VIPADDRESS[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/tests/load/lastseen_load.c:98:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HashPubKey(const RSA *key, unsigned char digest[EVP_MAX_MD_SIZE + 1], HashMethod type)
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:82:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry, value, vsize);
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:131:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey[50];
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:133:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[50];
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:288:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey[50];
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:290:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[50];
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:364:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_report[32] = {0};
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test_string[64];
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:14:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "www.cfengine.com"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:19:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "www.cfengine.com:80"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:24:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "www.cfengine.com:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:29:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "localhost"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:34:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "localhost:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:39:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "localhost:80"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:44:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[localhost]"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:49:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[localhost]:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:54:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[localhost]:80"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:59:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[www.cfengine.com]"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:64:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[www.cfengine.com]:80"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:69:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[www.cfengine.com]:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:75:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "1.2.3.4"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:80:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "1.2.3.4:80"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:85:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "1.2.3.4:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:91:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[ffff::dd:12:34]"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:96:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[ffff::dd:12:34]:80"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:101:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[ffff::dd:12:34]:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:107:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "ffff::dd:12:34"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:113:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "::ffff:192.0.2.128"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:118:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[::ffff:192.0.2.128]"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:130:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[]"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:135:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
ParseHostPort(strcpy(test_string, "[]:"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/avahi_config_test.c:10:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("/tmp/test_file", "w+");
data/cfengine3-3.15.2/tests/unit/avahi_config_test.c:33:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *testfile = fopen("/tmp/test_file", "r+");
data/cfengine3-3.15.2/tests/unit/avahi_config_test.c:35:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *optfile = fopen("/tmp/avahi_config", "r+");
data/cfengine3-3.15.2/tests/unit/avahi_config_test.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[256], buffer2[256];
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:36:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *CHECKSUM_VALUE[NO_FILES] =
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checksum_key[NO_FILES][30] =
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *filestat_key[NO_FILES] =
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char checksum_key[NO_FILES][30] =
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *filestat_key[NO_FILES] =
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:148:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[vsize];
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:156:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[vsize];
data/cfengine3-3.15.2/tests/unit/cmockery.c:1025:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(set, values, number_of_values * sizeof(values[0]));
data/cfengine3-3.15.2/tests/unit/cmockery.c:1180:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, memory, size);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1509:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *guards[2] = { block - MALLOC_GUARD_SIZE,
data/cfengine3-3.15.2/tests/unit/cmockery.c:1682:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xmlfile = fopen(global_xmlfile, "w");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1703:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xmlfile = fopen(global_xmlfile, "a");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1727:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xmlfile = fopen(ofile, "ab");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1728:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* xml_tmp = fopen(ifile, "rb");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[1024];
data/cfengine3-3.15.2/tests/unit/cmockery.c:1916:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024] = {0};
data/cfengine3-3.15.2/tests/unit/cmockery.c:1917:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024] = {0};
data/cfengine3-3.15.2/tests/unit/cmockery.c:1918:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suitename[1024] = {0};
data/cfengine3-3.15.2/tests/unit/cmockery.c:1919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char casename[1024] = {0};
data/cfengine3-3.15.2/tests/unit/cmockery.c:1920:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmlfile[1024] = {0};
data/cfengine3-3.15.2/tests/unit/cmockery.c:1929:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "xml_tmp_suite");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1990:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "xml_tmp_case");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1995:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "xml_tmp_suite");
data/cfengine3-3.15.2/tests/unit/connection_management_test.c:24:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[64];
data/cfengine3-3.15.2/tests/unit/connection_management_test.c:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[64];
data/cfengine3-3.15.2/tests/unit/connection_management_test.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[64];
data/cfengine3-3.15.2/tests/unit/connection_management_test.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[64];
data/cfengine3-3.15.2/tests/unit/conversion_test.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[128];
data/cfengine3-3.15.2/tests/unit/crypto_symmetric_test.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ciphertext[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/crypto_symmetric_test.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plaintext_out[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:70:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[256];
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[256];
data/cfengine3-3.15.2/tests/unit/db_test.c:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_test.c:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_test.c:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_test.c:50:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value, "myvalue");
data/cfengine3-3.15.2/tests/unit/db_test.c:139:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(filename, "w");
data/cfengine3-3.15.2/tests/unit/db_test.c:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tcdb_db[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_test.c:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qdbm_db[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_test.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lmdb_db[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/db_test.c:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/domainname_test.c:5:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fqname[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/domainname_test.c:6:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uqname[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/domainname_test.c:7:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/eval_context_test.c:7:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/eval_context_test.c:26:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/exec-config-test.c:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/cfengine3-3.15.2/tests/unit/exec-config-test.c:30:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VFQNAME, "localhost.localdomain");
data/cfengine3-3.15.2/tests/unit/exec-config-test.c:31:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VIPADDRESS, "127.0.0.100");
data/cfengine3-3.15.2/tests/unit/file_name_test.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char joined[PATH_MAX] = { 0 };
data/cfengine3-3.15.2/tests/unit/file_name_test.c:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[PATH_MAX] = { 0 };
data/cfengine3-3.15.2/tests/unit/file_name_test.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig[PATH_MAX] = { 0 };
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TEST_SUBDIR[256];
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TEST_SRC_FILE[256];
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TEST_DST_FILE[256];
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:86:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_CREAT | O_WRONLY | O_BINARY, 0700);
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:208:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[i], GARBAGE,
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:216:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(name, O_CREAT | O_WRONLY | O_TRUNC | O_BINARY, 0700);
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:229:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename, "rb");
data/cfengine3-3.15.2/tests/unit/files_copy_test.c:233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebuf[DEV_BSIZE];
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:14:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FILE_NAME[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:15:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FILE_NAME_CORRUPT[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:16:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FILE_NAME_EMPTY[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:36:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(filename, "w");
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:46:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fh = fopen(filename, "w");
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:57:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fin = fopen(FILE_NAME, "r");
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:78:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fin = fopen(FILE_NAME, "r");
data/cfengine3-3.15.2/tests/unit/files_lib_test.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_lib_test.c:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FILE_NAME[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_lib_test.c:14:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FILE_NAME_EMPTY[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_lib_test.c:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/files_lib_test.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected_output[FILE_SIZE + 1];
data/cfengine3-3.15.2/tests/unit/generic_agent_test.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputdir[CF_BUFSIZE] = "";
data/cfengine3-3.15.2/tests/unit/generic_agent_test.c:95:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testpath[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/generic_agent_test.c:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[sizeof(rm_rf) + sizeof(TEMPDIR)];
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:49:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * args[NEXT_PROCESS_ARGC + 2]; // One for program and one for NULL.
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:179:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fptr = fopen(PIDFILE, "w");
data/cfengine3-3.15.2/tests/unit/iteration_test.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[1] = {'b'};
data/cfengine3-3.15.2/tests/unit/iteration_test.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8] = {'c', 'c', 'c', 'c', 'c', 'c', 'c', 'c'};
data/cfengine3-3.15.2/tests/unit/iteration_test.c:224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char A[4] = {'a','b','.','c'};
data/cfengine3-3.15.2/tests/unit/iteration_test.c:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char B[3] = {'a',':','b'};
data/cfengine3-3.15.2/tests/unit/iteration_test.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char C[1] = {'a'};
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[128];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:24:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char read_value[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:163:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(khs0.address, "1.2.3.4");
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyhash[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:263:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VIPADDRESS[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:280:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ARG_UNUSED unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostkey[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:633:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VIPADDRESS[CF_MAX_IP_LEN];
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:645:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ARG_UNUSED unsigned char digest[EVP_MAX_MD_SIZE + 1],
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:9:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *filecontents[2] = {
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:16:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open(const char *filename, ARG_UNUSED int flags, ...)
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:54:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, filecontents[0], strlen(filecontents[0]));
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:81:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, filecontents[1] + filepos[1], 1);
data/cfengine3-3.15.2/tests/unit/logging_test.c:11:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VFQNAME[CF_MAXVARSIZE];
data/cfengine3-3.15.2/tests/unit/mon_cpu_test.c:13:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpuname[CF_MAXVARSIZE], buf[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_cpu_test.c:16:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen("/proc/stat", "r")) == NULL)
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:10:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:24:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuff[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:58:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(cbuff, "r")) == NULL)
data/cfengine3-3.15.2/tests/unit/mon_processes_test.c:136:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CFWORKDIR, "data");
data/cfengine3-3.15.2/tests/unit/mustache_test.c:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/cfengine3-3.15.2/tests/unit/parser_test.c:10:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char DIALUP[PATH_MAX] = ""; /* synchronisation file for listen()/connect() */
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:389:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/cfengine3-3.15.2/tests/unit/persistent_lock_test.c:9:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CFWORKDIR[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/persistent_lock_test.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/persistent_lock_test.c:25:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[CF_BUFSIZE];
data/cfengine3-3.15.2/tests/unit/policy_test.c:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/cfengine3-3.15.2/tests/unit/policy_test.c:49:5: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
mkstemp(tmp);
data/cfengine3-3.15.2/tests/unit/policy_test.c:52:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(tmp, "w");
data/cfengine3-3.15.2/tests/unit/policy_test.c:73:5: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
mkstemp(tmp);
data/cfengine3-3.15.2/tests/unit/redirection_test.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_MAX];
data/cfengine3-3.15.2/tests/unit/redirection_test.c:20:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message_back[128];
data/cfengine3-3.15.2/tests/unit/redirection_test.c:30:10: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(redirection);
data/cfengine3-3.15.2/tests/unit/rlist_test.c:239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MAXVARSIZE * 2], *tail = buf + CF_MAXVARSIZE;
data/cfengine3-3.15.2/tests/unit/rlist_test.c:255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MAXVARSIZE * 2 + 2], *tail = buf + CF_MAXVARSIZE + 1;
data/cfengine3-3.15.2/tests/unit/rlist_test.c:259:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + CF_MAXVARSIZE / 2, "\\,", 2);
data/cfengine3-3.15.2/tests/unit/rlist_test.c:260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tail + CF_MAXVARSIZE / 2, "\\,", 2);
data/cfengine3-3.15.2/tests/unit/rlist_test.c:760:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CONTEXTID[32];
data/cfengine3-3.15.2/tests/unit/scope_test.c:10:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MAXVARSIZE] = { 0 };
data/cfengine3-3.15.2/tests/unit/scope_test.c:16:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CF_MAXVARSIZE] = { 0 };
data/cfengine3-3.15.2/tests/unit/set_domainname_test.c:12:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VFQNAME[CF_MAXVARSIZE];
data/cfengine3-3.15.2/tests/unit/set_domainname_test.c:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VUQNAME[CF_MAXVARSIZE];
data/cfengine3-3.15.2/tests/unit/set_domainname_test.c:14:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VDOMAIN[CF_MAXVARSIZE];
data/cfengine3-3.15.2/tests/unit/set_domainname_test.c:26:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "laptop.intra");
data/cfengine3-3.15.2/tests/unit/solaris_process_test.c:16:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open(const char *filename, int flags, ...)
data/cfengine3-3.15.2/tests/unit/solaris_process_test.c:52:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &psinfo, sizeof(psinfo));
data/cfengine3-3.15.2/tests/unit/solaris_process_test.c:70:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &pstatus, sizeof(pstatus));
data/cfengine3-3.15.2/tests/unit/solaris_process_test.c:88:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &pstatus, sizeof(pstatus));
data/cfengine3-3.15.2/tests/unit/solaris_process_test.c:106:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &pstatus, sizeof(pstatus));
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:24:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:25:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:93:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[CF_PROCCOLS] = { 0 }; /* Headers */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:479:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *field[CF_PROCCOLS] = { 0 }; /* Content */
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:647:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *pslines[NUM_OF_PLATFORMS][20] = {
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:745:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *exceptions[NUM_OF_PLATFORMS][10] = {
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:776:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[CF_PROCCOLS] = { 0 };
data/cfengine3-3.15.2/tests/unit/split_process_line_test.c:777:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fields[CF_PROCCOLS] = { 0 };
data/cfengine3-3.15.2/cf-agent/acl_posix.c:857:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idsz = strlen(*str);
data/cfengine3-3.15.2/cf-agent/acl_posix.c:902:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
idsz = strlen(*str);
data/cfengine3-3.15.2/cf-agent/cf-agent.c:812:34: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
const mode_t current_umask = umask(0777); // Gets and changes umask
data/cfengine3-3.15.2/cf-agent/cf-agent.c:813:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(current_umask); // Restores umask
data/cfengine3-3.15.2/cf-agent/cf-agent.c:1619:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) + len + 3 >= siz) // ", " + NULL
data/cfengine3-3.15.2/cf-agent/cf-agent.c:1821:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(name) > 30) ? "..." : "");
data/cfengine3-3.15.2/cf-agent/cf-agent.c:2086:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ipaddr) < CF_MAX_IP_LEN)
data/cfengine3-3.15.2/cf-agent/files_changes.c:79:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(name);
data/cfengine3-3.15.2/cf-agent/files_changes.c:162:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_len = strlen(file);
data/cfengine3-3.15.2/cf-agent/files_changes.c:350:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char key[strlen(path) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:357:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char key[strlen(path) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:415:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char key[strlen(path) + 3];
data/cfengine3-3.15.2/cf-agent/files_changes.c:426:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(SeqAt(files, c)) + 1;
data/cfengine3-3.15.2/cf-agent/files_changes.c:434:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(pos) + 1;
data/cfengine3-3.15.2/cf-agent/files_changes.c:591:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(name) + strlen(file) + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:591:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(name) + strlen(file) + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:602:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(name) + strlen(db_file) + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:602:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(name) + strlen(db_file) + 2];
data/cfengine3-3.15.2/cf-agent/files_changes.c:650:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char key[strlen(file) + 3];
data/cfengine3-3.15.2/cf-agent/files_editline.c:209:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buffer, "[%CFEngine", strlen("[%CFEngine")) == 0)
data/cfengine3-3.15.2/cf-agent/files_editline.c:214:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(buffer+strlen("[%CFEngine"), "%1024s %3s", op, brack);
data/cfengine3-3.15.2/cf-agent/files_editline.c:214:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sscanf(buffer+strlen("[%CFEngine"), "%1024s %3s", op, brack);
data/cfengine3-3.15.2/cf-agent/files_editline.c:246:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcmp(op + strlen(op)-2, "::") == 0)
data/cfengine3-3.15.2/cf-agent/files_editline.c:248:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(op + strlen(op)-2) = '\0';
data/cfengine3-3.15.2/cf-agent/files_editline.c:256:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ip->name);
data/cfengine3-3.15.2/cf-agent/files_editline.c:264:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(ip->name);
data/cfengine3-3.15.2/cf-agent/files_editline.c:827:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buf_size = strlen(chunk) + 1;
data/cfengine3-3.15.2/cf-agent/files_editline.c:831:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (const char *sp = chunk; sp <= chunk + strlen(chunk); sp++)
data/cfengine3-3.15.2/cf-agent/files_editline.c:835:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(buf);
data/cfengine3-3.15.2/cf-agent/files_editline.c:872:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (++sp <= chunk + strlen(chunk))
data/cfengine3-3.15.2/cf-agent/files_editline.c:1161:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (match_len == strlen(line_buff))
data/cfengine3-3.15.2/cf-agent/files_editline.c:1444:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t final_size = strlen(final) + 1;
data/cfengine3-3.15.2/cf-agent/files_editline.c:1492:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (lastchar = final + strlen(final) - 1; (lastchar > firstchar) && (isspace((int)*lastchar)); lastchar--);
data/cfengine3-3.15.2/cf-agent/files_editline.c:1580:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(final + strlen(final) - 4, "\\s*", 3) != 0)
data/cfengine3-3.15.2/cf-agent/files_editline.c:1587:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = work + strlen(work) - 1; (sp > work) && (isspace((int)*sp)); sp--);
data/cfengine3-3.15.2/cf-agent/files_editline.c:1603:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(final_size > strlen(final));
data/cfengine3-3.15.2/cf-agent/files_editline.c:1661:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(exp, buf, strlen(buf));
data/cfengine3-3.15.2/cf-agent/files_editline.c:1748:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (char *sp = chunk; sp <= chunk + strlen(chunk); sp++)
data/cfengine3-3.15.2/cf-agent/files_editline.c:1750:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(chunk) + 1 > buf_size)
data/cfengine3-3.15.2/cf-agent/files_editline.c:1752:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_size = strlen(chunk) + 1;
data/cfengine3-3.15.2/cf-agent/files_editline.c:1758:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(buf);
data/cfengine3-3.15.2/cf-agent/files_editline.c:2130:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(selector, line, strlen(selector)) == 0)
data/cfengine3-3.15.2/cf-agent/files_editline.c:2145:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(selector, line, strlen(selector)) == 0)
data/cfengine3-3.15.2/cf-agent/files_editline.c:2312:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*(s + strlen(s) - 1) != '$')
data/cfengine3-3.15.2/cf-agent/files_editxml.c:966:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((strlen(copyxpath) > 0) && ((head = XPathHeadExtractNode(ctx, copyxpath, a, pp, result)) != NULL))
data/cfengine3-3.15.2/cf-agent/files_editxml.c:987:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((strlen(copyxpath) > 0) && (!XmlSelectNode(ctx, copyxpath, doc, &docnode, a, pp, edcontext, result)))
data/cfengine3-3.15.2/cf-agent/files_editxml.c:1871:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2532:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(predicate) > 0)
data/cfengine3-3.15.2/cf-agent/files_editxml.c:2794:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((rc = pcre_exec(rx, NULL, rawstring, strlen(rawstring), 0, 0, ovector, OVECCOUNT)) >= 0)
data/cfengine3-3.15.2/cf-agent/files_links.c:300:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, ".");
data/cfengine3-3.15.2/cf-agent/files_links.c:468:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = linkpath + strlen(linkpath); (*sp != FILE_SEPARATOR) && (sp >= linkpath); sp--)
data/cfengine3-3.15.2/cf-agent/files_links.c:613:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(node);
data/cfengine3-3.15.2/cf-agent/files_links.c:632:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dest, "/");
data/cfengine3-3.15.2/cf-agent/files_links.c:765:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(destination) == 0)
data/cfengine3-3.15.2/cf-agent/files_links.c:767:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(destination, "/");
data/cfengine3-3.15.2/cf-agent/files_operators.c:154:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *deref_file = BufferNewFrom(file, strlen(file));
data/cfengine3-3.15.2/cf-agent/files_select.c:560:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(owner, pw->pw_name, ownerSz - 1);
data/cfengine3-3.15.2/cf-agent/nfs.c:301:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(buf1, "%255[^:]:%1023s", host, source);
data/cfengine3-3.15.2/cf-agent/nfs.c:341:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(buf1, "%255[^:]:%1023s", host, source);
data/cfengine3-3.15.2/cf-agent/package_module.c:307:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *type = line + strlen("PackageType=");
data/cfengine3-3.15.2/cf-agent/package_module.c:336:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SafeStringDuplicate(line + strlen("Name="));
data/cfengine3-3.15.2/cf-agent/package_module.c:351:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SafeStringDuplicate(line + strlen("Version="));
data/cfengine3-3.15.2/cf-agent/package_module.c:366:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SafeStringDuplicate(line + strlen("Architecture="));
data/cfengine3-3.15.2/cf-agent/package_module.c:604:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char package_key[strlen(name) + strlen(ver) +
data/cfengine3-3.15.2/cf-agent/package_module.c:604:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char package_key[strlen(name) + strlen(ver) +
data/cfengine3-3.15.2/cf-agent/package_module.c:605:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(arch) + 11];
data/cfengine3-3.15.2/cf-agent/package_module.c:622:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (HasKeyDB(db_installed, package_key, strlen(package_key) + 1))
data/cfengine3-3.15.2/cf-agent/package_module.c:626:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ValueSizeDB(db_installed, package_key, strlen(package_key) + 1);
data/cfengine3-3.15.2/cf-agent/package_module.c:627:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buff[val_size + strlen(arch) + strlen(ver) + 8];
data/cfengine3-3.15.2/cf-agent/package_module.c:627:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buff[val_size + strlen(arch) + strlen(ver) + 8];
data/cfengine3-3.15.2/cf-agent/package_module.c:636:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(db_installed, package_key, buff, strlen(buff));
data/cfengine3-3.15.2/cf-agent/package_module.c:641:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buff[strlen(arch) + strlen(ver) + 8];
data/cfengine3-3.15.2/cf-agent/package_module.c:641:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buff[strlen(arch) + strlen(ver) + 8];
data/cfengine3-3.15.2/cf-agent/package_module.c:643:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(db_installed, package_key, buff, strlen(buff));
data/cfengine3-3.15.2/cf-agent/package_module.c:694:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
package_data[0] = line + strlen("Name=");
data/cfengine3-3.15.2/cf-agent/package_module.c:699:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
package_data[1] = line + strlen("Version=");
data/cfengine3-3.15.2/cf-agent/package_module.c:703:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
package_data[2] = line + strlen("Architecture=");
data/cfengine3-3.15.2/cf-agent/package_module.c:751:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(inventory_list));
data/cfengine3-3.15.2/cf-agent/package_module.c:1060:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char package_key[strlen(info->name) + 4];
data/cfengine3-3.15.2/cf-agent/package_module.c:1086:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char version[strlen(package_line)];
data/cfengine3-3.15.2/cf-agent/package_module.c:1087:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char arch[strlen(package_line)];
data/cfengine3-3.15.2/cf-agent/package_module.c:1258:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(install_formatted_list) > 0)
data/cfengine3-3.15.2/cf-agent/promiser_regex_resolver.c:75:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ip->name == NULL) || (strlen(ip->name) == 0))
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:99:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (256 != read(dbmeta->fd, hbuf, 256))
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:191:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int b = read(dbmeta->fd, &offset, dbmeta->bytes_per);
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:231:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_bytes += read(fd, &c, 1);
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:265:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (1 != read(dbmeta->fd, &(rec->magic), 1))
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:277:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
length += read(dbmeta->fd, &(rec->hash), 1);
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:278:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
length += read(dbmeta->fd, &(rec->left), dbmeta->bytes_per);
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:281:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
length += read(dbmeta->fd, &(rec->right), dbmeta->bytes_per);
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:284:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
length += read(dbmeta->fd, &(rec->pad_size), 2);
data/cfengine3-3.15.2/cf-agent/tokyo_check.c:299:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rec->length += read(dbmeta->fd, &length, sizeof(length));
data/cfengine3-3.15.2/cf-agent/vercmp_internal.c:195:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(numeral);
data/cfengine3-3.15.2/cf-agent/verify_databases.c:124:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(database) == 0)
data/cfengine3-3.15.2/cf-agent/verify_databases.c:143:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(database) == 0)
data/cfengine3-3.15.2/cf-agent/verify_databases.c:198:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(table) == 0) || ((strlen(table) > 0) && (strcmp(a->database.operation, "drop") != 0)))
data/cfengine3-3.15.2/cf-agent/verify_databases.c:198:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(table) == 0) || ((strlen(table) > 0) && (strcmp(a->database.operation, "drop") != 0)))
data/cfengine3-3.15.2/cf-agent/verify_databases.c:210:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(table) == 0)
data/cfengine3-3.15.2/cf-agent/verify_databases.c:774:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(query, ",");
data/cfengine3-3.15.2/cf-agent/verify_databases.c:778:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(query, ")");
data/cfengine3-3.15.2/cf-agent/verify_databases.c:873:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(db, table_path, sp - table_path - 1);
data/cfengine3-3.15.2/cf-agent/verify_exec.c:165:19: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if (a.contain.umask != (mode_t)CF_UNDEFINED)
data/cfengine3-3.15.2/cf-agent/verify_exec.c:316:78: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
Log(LOG_LEVEL_VERBOSE, "Setting umask to %jo", (uintmax_t)a->contain.umask);
data/cfengine3-3.15.2/cf-agent/verify_exec.c:317:19: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
maskval = umask(a->contain.umask);
data/cfengine3-3.15.2/cf-agent/verify_exec.c:317:36: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
maskval = umask(a->contain.umask);
data/cfengine3-3.15.2/cf-agent/verify_exec.c:397:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineOutLen = strlen(comm) + strlen(line) + 12;
data/cfengine3-3.15.2/cf-agent/verify_exec.c:397:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineOutLen = strlen(comm) + strlen(line) + 12;
data/cfengine3-3.15.2/cf-agent/verify_exec.c:464:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(maskval);
data/cfengine3-3.15.2/cf-agent/verify_exec.c:518:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prelen = strlen(prefixes[i]);
data/cfengine3-3.15.2/cf-agent/verify_files_hashes.c:90:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes1 = read(fd1, buff1, BUFSIZ);
data/cfengine3-3.15.2/cf-agent/verify_files_hashes.c:91:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes2 = read(fd2, buff2, BUFSIZ);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:630:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(localdir) < 2)
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:674:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filename, localdir, CF_BUFSIZE - 2);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:752:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(from) == 0) /* Check for root dir */
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:807:20: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(0);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:811:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:814:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1545:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rsrcbytesr = read(rsrcrd, rsrcbuf, CF_BUFSIZE);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:1828:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (attr->rename.newname && strlen(attr->rename.newname) > 0)
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2104:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
maskvalue = umask(0); /* This makes the DEFAULT modes absolute */
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2175:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(maskvalue);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2309:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(maskvalue);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:2703:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(vbuff, ".");
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3272:30: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t oldmode = umask(077); // This setxidlist file must only be accesible by root
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3278:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(oldmode);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3599:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sp->cf_readlink) + 1 > buffsize)
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3874:32: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t saveumask = umask(0);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3896:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(saveumask);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3900:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(saveumask);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3919:32: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t saveumask = umask(0);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3953:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(saveumask);
data/cfengine3-3.15.2/cf-agent/verify_files_utils.c:3961:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(saveumask);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:444:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(RlistScalarValue(rp)) > CF_MAXVARSIZE - 1)
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2599:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(pi->name) + strlen(" ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2599:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(pi->name) + strlen(" ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2639:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
estimated_size += strlen(a.packages.package_add_command) + 2;
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2656:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
estimated_size += strlen(a.packages.package_delete_command) + 2;
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2673:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
estimated_size += strlen(a.packages.package_update_command) + 2;
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2688:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
estimated_size += strlen(a.packages.package_verify_command) + 2;
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2702:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*(command_string + strlen(command_string) - 1) == '$')
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2704:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(command_string + strlen(command_string) - 1) = '\0';
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2728:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_string, " ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2740:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t command_len = strlen(command_string);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2796:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t command_len = strlen(command_string);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2818:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_string, " ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2921:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(pi->name) + strlen(" ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2921:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(pi->name) + strlen(" ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2957:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_string = xmalloc(estimated_size + strlen(a.packages.package_patch_command) + 2);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2968:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (command_string[strlen(command_string) - 1] == '$')
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2970:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
command_string[strlen(command_string) - 1] = '\0';
data/cfengine3-3.15.2/cf-agent/verify_packages.c:2993:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_string, " ");
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3002:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *offset = command_string + strlen(command_string);
data/cfengine3-3.15.2/cf-agent/verify_packages.c:3043:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(command_string, " ");
data/cfengine3-3.15.2/cf-agent/verify_processes.c:162:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(attribute_name != NULL && strlen(attribute_name) > 0);
data/cfengine3-3.15.2/cf-agent/verify_storage.c:219:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buff[strlen(buff)] != FILE_SEPARATOR)
data/cfengine3-3.15.2/cf-agent/verify_storage.c:401:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (vbuff[strlen(vbuff) - 1] == FILE_SEPARATOR)
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:140:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t puser_len = strlen(puser);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:141:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char name_regex_str[strlen(puser) + 3];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:161:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pcre_result = pcre_exec(name_regex, NULL, buf, strlen(buf), 0, 0, submatch_vec, 6);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:186:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pcre_result = pcre_exec(hash_regex, NULL, buf, strlen(buf), 0, 0, submatch_vec, 6);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:256:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(passwd_info->pw_passwd) <= 4)
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:392:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char final_cmd[strlen(cmd_str) + strlen(puser) + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:392:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char final_cmd[strlen(cmd_str) + strlen(puser) + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:425:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t total_len = strlen(puser) + strlen(password) + 2;
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:425:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t total_len = strlen(puser) + strlen(password) + 2;
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:475:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char backup_file[strlen(passwd_file) + strlen(".cf-backup") + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:475:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char backup_file[strlen(passwd_file) + strlen(".cf-backup") + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:479:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char edit_file[strlen(passwd_file) + strlen(".cf-edit") + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:479:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char edit_file[strlen(passwd_file) + strlen(".cf-edit") + 1];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:556:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char new_line[strlen(line) + strlen(password) + 2];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:556:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char new_line[strlen(line) + strlen(password) + 2];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:572:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t new_line_size = strlen(new_line);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:724:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char cmd[CF_BUFSIZE + strlen(puser)];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:758:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char new_hash[strlen(hash) + 2];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:920:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(data) != strspn(data, "0123456789"))
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1009:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool group_could_be_gid = (strlen(u->group_primary) == strspn(u->group_primary, "0123456789"));
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1060:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char help_command[strlen(cmd) + sizeof(help_argument)];
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1066:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t optlen = strlen(option);
data/cfengine3-3.15.2/cf-agent/verify_users_pam.c:1095:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cmd) >= sizeof_cmd - 1)
data/cfengine3-3.15.2/cf-check/diagnose.c:64:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(strerror_string, unknown, strlen(unknown)) == 0)
data/cfengine3-3.15.2/cf-check/validate.c:198:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hostkey + 4) != 64)
data/cfengine3-3.15.2/cf-check/validate.c:206:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hostkey + 4) != 32)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:186:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(config->exec_command) > 0)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:263:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errmsg[strlen(errmsg) - 1] = '\0';
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:366:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(config->mail_to_address) == 0)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:368:17: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(line_escaped, "\n", sizeof(line_escaped) - 1 - strlen(line_escaped));
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:368:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(line_escaped, "\n", sizeof(line_escaped) - 1 - strlen(line_escaped));
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:509:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pcre_exec(regex, regex_extra, old_msg, strlen(old_msg), 0, 0, NULL, 0) >= 0)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:517:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pcre_exec(regex, regex_extra, new_msg, strlen(new_msg), 0, 0, NULL, 0) >= 0)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:670:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(config->mail_server) == 0) || (strlen(config->mail_to_address) == 0))
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:670:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(config->mail_server) == 0) || (strlen(config->mail_to_address) == 0))
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:710:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(config->mail_from_address) == 0)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:753:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sd, vbuff, strlen(vbuff), 0);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:772:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sd, vbuff, strlen(vbuff), 0);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:781:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sd, vbuff, strlen(vbuff), 0);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:784:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(config->mail_from_address) == 0)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:797:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sd, vbuff, strlen(vbuff), 0);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:801:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sd, vbuff, strlen(vbuff), 0);
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:829:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (send(sd, line, strlen(line), 0) == -1)
data/cfengine3-3.15.2/cf-execd/cf-execd-runner.c:864:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sent = send(sd, s, strlen(s), 0);
data/cfengine3-3.15.2/cf-execd/cf-execd.c:376:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(077);
data/cfengine3-3.15.2/cf-execd/cf-execd.c:442:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(077);
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:146:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hostname, "-");
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:391:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(hash, value, strlen(hash)))
data/cfengine3-3.15.2/cf-key/cf-key-functions.c:463:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(ip, value, strlen(ip)))
data/cfengine3-3.15.2/cf-monitord/cf-monitord.c:302:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(077);
data/cfengine3-3.15.2/cf-monitord/history.c:149:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, key, CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/history.c:155:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rval, stored, CF_BUFSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/history.c:276:88: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
Log(LOG_LEVEL_VERBOSE, "(Setting pipe umask to %jo)", (uintmax_t)a.contain.umask);
data/cfengine3-3.15.2/cf-monitord/history.c:277:23: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
maskval = umask(a.contain.umask);
data/cfengine3-3.15.2/cf-monitord/history.c:277:39: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
maskval = umask(a.contain.umask);
data/cfengine3-3.15.2/cf-monitord/history.c:380:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(maskval);
data/cfengine3-3.15.2/cf-monitord/history.c:491:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, ExtractFirstReference(a->measure.extraction_regex, match->name), CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/history.c:645:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, ExtractFirstReference(a->measure.extraction_regex, match->name), CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/history.c:667:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, ExtractFirstReference(a->measure.extraction_regex, match->name), CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/history.c:724:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sdate, ctime(&now), CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/history.c:746:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(dbp, id, value, strlen(value) + 1);
data/cfengine3-3.15.2/cf-monitord/mon_cpu.c:67:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, "%1023s%ld%ld%ld%ld%ld%ld%ld", cpuname, &userticks, &niceticks, &systemticks, &idle, &iowait, &irq,
data/cfengine3-3.15.2/cf-monitord/mon_io_linux.c:195:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buf, "%*u %*u %255s %lu %*u %lu %*u %lu %*u %lu",
data/cfengine3-3.15.2/cf-monitord/mon_network.c:145:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ip->name) > 0)
data/cfengine3-3.15.2/cf-monitord/mon_network.c:161:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vbuff, remote, CF_BUFSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/mon_network.c:164:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = vbuff + strlen(vbuff) - 1; isdigit((int) *sp) && (sp > vbuff); sp--)
data/cfengine3-3.15.2/cf-monitord/mon_network.c:331:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(local) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_network.c:338:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = local + strlen(local); (*sp != '.') && (*sp != ':') && (sp > local); sp--)
data/cfengine3-3.15.2/cf-monitord/mon_network.c:377:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = remote + strlen(remote) - 1; (sp >= remote) && (isdigit((int) *sp)); sp--)
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:259:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(arr, "%4095s %*c %4095s %c ", src, dest, &flag);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:316:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(arr, "%4095s %*c %4095s %c ", src, dest, &flag);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:339:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(arr, "%4095s %*c %4095s %c ", src, dest, &flag);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:362:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(arr, "%4095s %*c %4095s %c ", src, dest, &flag);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:390:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(arrival, "%4095s", src);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:410:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, src, 60);
data/cfengine3-3.15.2/cf-monitord/mon_network_sniffer.c:581:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chop < address + strlen(address))
data/cfengine3-3.15.2/cf-monitord/mon_processes.c:122:19: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int ret = sscanf(vbuff, " %63s ", user);
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:335:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, name, strlen(name)) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:374:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, name, strlen(name)) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:407:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, "CPU Temp:", strlen("CPU Temp:")) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:414:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, "M/B Temp:", strlen("M/B Temp:")) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:421:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, "Sys Temp:", strlen("Sys Temp:")) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:428:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, "AUX Temp:", strlen("AUX Temp:")) == 0)
data/cfengine3-3.15.2/cf-monitord/mon_temp.c:450:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, name, strlen(name)) == 0)
data/cfengine3-3.15.2/cf-monitord/monitoring.c:156:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, OBSERVABLES[i][0], CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/monitoring.c:157:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(desc, OBSERVABLES[i][1], CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/monitoring.c:163:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, SLOTS[i - ob_spare]->name, CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/monitoring.c:164:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(desc, SLOTS[i - ob_spare]->description, CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/monitoring.c:168:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, OBSERVABLES[i][0], CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-monitord/monitoring.c:169:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(desc, OBSERVABLES[i][1], CF_MAXVARSIZE - 1);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:295:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(SENDCLASSES);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:307:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(DEFINECLASSES);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:409:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(REMOTEBUNDLES);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:444:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(077);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:709:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sendbuf_len = strlen(sendbuf);
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:752:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(recvbuffer, CFD_TERMINATOR, strlen(CFD_TERMINATOR)) == 0)
data/cfengine3-3.15.2/cf-runagent/cf-runagent.c:757:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t recv_len = strlen(recvbuffer);
data/cfengine3-3.15.2/cf-serverd/cf-serverd.c:37:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(077);
data/cfengine3-3.15.2/cf-serverd/server.c:302:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (len = strlen(aligned_ipaddr); len < 17; len++)
data/cfengine3-3.15.2/cf-serverd/server_access.c:301:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t reqpath_len = strlen(reqpath);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:109:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int cmdlen = strlen(PROTOCOL_CLASSIC[i]);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:142:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(res_path); i++)
data/cfengine3-3.15.2/cf-serverd/server_classic.c:153:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t stemlen = strlen(stem);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:167:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(request) > stemlen &&
data/cfengine3-3.15.2/cf-serverd/server_classic.c:315:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(in, "CALL_ME_BACK", strlen("CALL_ME_BACK")) == 0)
data/cfengine3-3.15.2/cf-serverd/server_classic.c:321:9: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(in, "QUERY %128s", name);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:540:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(sp);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:557:5: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(buf, "%255s %255s %255s", ipstring, fqname, username);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:661:18: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int nparam = sscanf(recvbuffer, "%9s %c %u %u %c",
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1064:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(recvbuffer) == 0)
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1084:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SetConnectionData(conn, (char *) (recvbuffer + strlen("CAUTH ")));
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1147:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t EXEC_len = strlen(PROTOCOL_CLASSIC[PROTOCOL_COMMAND_EXEC]);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1233:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cfscanf(buffer, strlen("GET"), strlen("dummykey"), check, sendbuffer, filename);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1233:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cfscanf(buffer, strlen("GET"), strlen("dummykey"), check, sendbuffer, filename);
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1497:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(digest, recvbuffer + strlen(recvbuffer) + CF_SMALL_OFFSET,
data/cfengine3-3.15.2/cf-serverd/server_classic.c:1627:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(recvbuffer, "CALL_ME_BACK collect_calls", strlen("CALL_ME_BACK collect_calls")) != 0)
data/cfengine3-3.15.2/cf-serverd/server_common.c:187:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(recvbuffer, CFD_TERMINATOR, strlen(CFD_TERMINATOR)) == 0)
data/cfengine3-3.15.2/cf-serverd/server_common.c:243:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(ip->name, CFD_TERMINATOR, strlen(CFD_TERMINATOR)) == 0)
data/cfengine3-3.15.2/cf-serverd/server_common.c:266:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(CFD_TERMINATOR) + 1, CF_DONE) == -1)
data/cfengine3-3.15.2/cf-serverd/server_common.c:474:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n_read = read(fd, sendbuffer, blocksize)) == -1)
data/cfengine3-3.15.2/cf-serverd/server_common.c:624:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((n_read = read(fd, sendbuffer, blocksize)) == -1)
data/cfengine3-3.15.2/cf-serverd/server_common.c:714:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ReadLastNode(filename)) > CF_MAXLINKSIZE)
data/cfengine3-3.15.2/cf-serverd/server_common.c:864:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(CFD_FALSE_SIZE == (strlen(CFD_FALSE) + 1));
data/cfengine3-3.15.2/cf-serverd/server_common.c:865:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(CFD_FALSE) >= strlen(CFD_TRUE));
data/cfengine3-3.15.2/cf-serverd/server_common.c:865:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(CFD_FALSE) >= strlen(CFD_TRUE));
data/cfengine3-3.15.2/cf-serverd/server_common.c:908:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sendbuffer, strlen(sendbuffer) + 1,
data/cfengine3-3.15.2/cf-serverd/server_common.c:925:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(query) == 0)
data/cfengine3-3.15.2/cf-serverd/server_common.c:950:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sendbuffer, strlen(sendbuffer) + 1,
data/cfengine3-3.15.2/cf-serverd/server_common.c:991:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dirp->d_name) + 1 + offset >= CF_BUFSIZE - CF_MAXLINKSIZE)
data/cfengine3-3.15.2/cf-serverd/server_common.c:1002:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(dirp->d_name) + 1; /* +1 for '\0' */
data/cfengine3-3.15.2/cf-serverd/server_common.c:1006:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(CFD_TERMINATOR) + 1; /* +1 for '\0' */
data/cfengine3-3.15.2/cf-serverd/server_common.c:1028:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sendbuffer, strlen(sendbuffer) + 1,
data/cfengine3-3.15.2/cf-serverd/server_common.c:1039:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sendbuffer, strlen(sendbuffer) + 1,
data/cfengine3-3.15.2/cf-serverd/server_common.c:1053:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dirp->d_name) + 1 + offset >= CF_BUFSIZE - CF_MAXLINKSIZE)
data/cfengine3-3.15.2/cf-serverd/server_common.c:1066:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(dirp->d_name) + 1;
data/cfengine3-3.15.2/cf-serverd/server_common.c:1073:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sendbuffer, offset + 2 + strlen(CFD_TERMINATOR),
data/cfengine3-3.15.2/cf-serverd/server_common.c:1204:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = strlen(path);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1239:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t replacement_len = strlen(replacement);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1324:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t reqpath_len = strlen(reqpath);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1391:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dst_len = strlen(dst);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1420:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t username_len = strlen(username);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1477:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(s);
data/cfengine3-3.15.2/cf-serverd/server_common.c:1771:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:251:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (memcmp(&buf[CF_INBAND_OFFSET], "CAUTH", strlen("CAUTH")) == 0)
data/cfengine3-3.15.2/cf-serverd/server_tls.c:345:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *line2 = memmem(input, input_len, id_line, strlen(id_line));
data/cfengine3-3.15.2/cf-serverd/server_tls.c:382:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(word2) < username_size) && (IsUserNameValid(word2) == true))
data/cfengine3-3.15.2/cf-serverd/server_tls.c:416:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:619:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int cmdlen = strlen(PROTOCOL_NEW[i]);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:674:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(recvbuffer) == 0)
data/cfengine3-3.15.2/cf-serverd/server_tls.c:693:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t EXEC_len = strlen(PROTOCOL_NEW[PROTOCOL_COMMAND_EXEC]);
data/cfengine3-3.15.2/cf-serverd/server_tls.c:753:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PathRemoveTrailingSlash(filename, strlen(filename));
data/cfengine3-3.15.2/cf-serverd/server_tls.c:816:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PathAppendTrailingSlash(filename, strlen(filename));
data/cfengine3-3.15.2/cf-serverd/server_tls.c:881:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PathAppendTrailingSlash(filename, strlen(filename));
data/cfengine3-3.15.2/cf-serverd/server_tls.c:885:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PathRemoveTrailingSlash(filename, strlen(filename));
data/cfengine3-3.15.2/cf-serverd/server_tls.c:948:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PathRemoveTrailingSlash(filename, strlen(filename));
data/cfengine3-3.15.2/cf-serverd/server_tls.c:968:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(digest, recvbuffer + strlen(recvbuffer) + CF_SMALL_OFFSET,
data/cfengine3-3.15.2/cf-serverd/server_tls.c:1060:20: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int ret2 = sscanf(recvbuffer, "QUERY %127s", name);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:383:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) >= sizeof(CFRUNCOMMAND))
data/cfengine3-3.15.2/cf-serverd/server_transform.c:391:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(CFRUNCOMMAND, value, strlen(value) + 1);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:778:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(s, "SHA=", strlen("SHA=")) == 0 ||
data/cfengine3-3.15.2/cf-serverd/server_transform.c:779:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(s, "MD5=", strlen("MD5=")) == 0)
data/cfengine3-3.15.2/cf-serverd/server_transform.c:851:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char copy[2 + strlen(name)], *c = copy;
data/cfengine3-3.15.2/cf-serverd/server_transform.c:972:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char regex[strlen(host) + extra], *dst = regex;
data/cfengine3-3.15.2/cf-serverd/server_transform.c:991:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = d ? d - dot : strlen(dot);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1212:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = strlen(pp->promiser);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1287:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pp->promiser, strlen(pp->promiser), PATH_MAX);
data/cfengine3-3.15.2/cf-serverd/server_transform.c:1485:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = strlen(path);
data/cfengine3-3.15.2/cf-serverd/strlist.c:55:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/cfengine3-3.15.2/cf-serverd/strlist.c:614:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(s);
data/cfengine3-3.15.2/cf-serverd/strlist.c:699:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(s);
data/cfengine3-3.15.2/cf-testd/cf-testd.c:290:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(query) == 0)
data/cfengine3-3.15.2/cf-testd/cf-testd.c:357:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(recvbuffer) == 0)
data/cfengine3-3.15.2/cf-testd/cf-testd.c:387:20: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int ret2 = sscanf(recvbuffer, "QUERY %127s", name);
data/cfengine3-3.15.2/cf-testd/cf-testd.c:621:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
StringReplace(pub_key_path, strlen(pub_key_path) + 1,
data/cfengine3-3.15.2/cf-upgrade/process.c:87:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t filenamelog_size = (strlen(filename) +
data/cfengine3-3.15.2/cf-upgrade/process.c:88:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("-YYYYMMDD-HHMMSS") +
data/cfengine3-3.15.2/cf-upgrade/process.c:89:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(".log") + 1);
data/cfengine3-3.15.2/cf-upgrade/update.c:69:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this_read = read(source_fd, buffer, sizeof(buffer));
data/cfengine3-3.15.2/cf-upgrade/update.c:131:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this_read = read(source_fd, buffer, sizeof(buffer));
data/cfengine3-3.15.2/ext/rpmvercmp.c:60:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char abuf[strlen(a)+1], bbuf[strlen(b)+1];
data/cfengine3-3.15.2/ext/rpmvercmp.c:60:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char abuf[strlen(a)+1], bbuf[strlen(b)+1];
data/cfengine3-3.15.2/ext/rpmvercmp.c:133:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
onelen = strlen(one);
data/cfengine3-3.15.2/ext/rpmvercmp.c:134:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
twolen = strlen(two);
data/cfengine3-3.15.2/libcfnet/addr_lib.c:101:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s2) > strlen(s1))
data/cfengine3-3.15.2/libcfnet/addr_lib.c:101:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s2) > strlen(s1))
data/cfengine3-3.15.2/libcfnet/addr_lib.c:103:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*(s2 + strlen(s1)) != '.')
data/cfengine3-3.15.2/libcfnet/addr_lib.c:109:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strncmp(s1, s2, strlen(s1)); /* do partial string match */
data/cfengine3-3.15.2/libcfnet/addr_lib.c:166:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer1) == 0)
data/cfengine3-3.15.2/libcfnet/addr_lib.c:171:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp1 += strlen(buffer1) + 1;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:176:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp2 += strlen(buffer2) + 1;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:268:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp1 += strlen(buffer1) + 1;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:273:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp2 += strlen(buffer2) + 1;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:334:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp = refbase + strlen(refbase) - 1;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:350:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(refbase) == 0)
data/cfengine3-3.15.2/libcfnet/addr_lib.c:450:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 4 + 3 * 4 + 1 + 2) /* xxx.yyy.zzz.mmm/cc */
data/cfengine3-3.15.2/libcfnet/addr_lib.c:484:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp1 += strlen(buffer1) + 1;
data/cfengine3-3.15.2/libcfnet/addr_lib.c:511:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) < 20)
data/cfengine3-3.15.2/libcfnet/addr_lib.c:517:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 42)
data/cfengine3-3.15.2/libcfnet/addr_lib.c:573:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(s) >= CF_MAX_IP_LEN)
data/cfengine3-3.15.2/libcfnet/client_code.c:339:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dirname) > CF_BUFSIZE - 20)
data/cfengine3-3.15.2/libcfnet/client_code.c:358:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cipherlen = EncryptString(out, sizeof(out), in, strlen(in) + 1, conn->encryption_type, conn->session_key);
data/cfengine3-3.15.2/libcfnet/client_code.c:374:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tosend = strlen(sendbuffer);
data/cfengine3-3.15.2/libcfnet/client_code.c:419:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Log(LOG_LEVEL_INFO, "%s", recvbuffer + strlen("BAD: "));
data/cfengine3-3.15.2/libcfnet/client_code.c:424:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (char *sp = recvbuffer; *sp != '\0'; sp += strlen(sp) + 1)
data/cfengine3-3.15.2/libcfnet/client_code.c:484:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp = in + strlen(in) + CF_SMALL_OFFSET;
data/cfengine3-3.15.2/libcfnet/client_code.c:493:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(in) + CF_SMALL_OFFSET + CF_DEFAULT_DIGEST_LEN,
data/cfengine3-3.15.2/libcfnet/client_code.c:510:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp = sendbuffer + strlen(sendbuffer) + CF_SMALL_OFFSET;
data/cfengine3-3.15.2/libcfnet/client_code.c:517:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tosend = strlen(sendbuffer) + CF_SMALL_OFFSET + CF_DEFAULT_DIGEST_LEN;
data/cfengine3-3.15.2/libcfnet/client_code.c:560:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(dest) > CF_BUFSIZE - 20))
data/cfengine3-3.15.2/libcfnet/client_code.c:588:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cipherlen = EncryptString(out, sizeof(out), in, strlen(in) + 1, conn->encryption_type, conn->session_key);
data/cfengine3-3.15.2/libcfnet/client_code.c:639:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(buf + CF_INBAND_OFFSET, CF_FAILEDSTR, strlen(CF_FAILEDSTR)) == 0)
data/cfengine3-3.15.2/libcfnet/client_code.c:648:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf + CF_INBAND_OFFSET, cfchangedstr, strlen(cfchangedstr)) == 0)
data/cfengine3-3.15.2/libcfnet/client_code.c:744:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(dest) > CF_BUFSIZE - 20))
data/cfengine3-3.15.2/libcfnet/client_code.c:833:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strncmp(buf, CF_FAILEDSTR, strlen(CF_FAILEDSTR)) == 0)
data/cfengine3-3.15.2/libcfnet/client_code.c:842:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, cfchangedstr, strlen(cfchangedstr)) == 0)
data/cfengine3-3.15.2/libcfnet/client_protocol.c:124:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(VDOMAIN) > 0) &&
data/cfengine3-3.15.2/libcfnet/client_protocol.c:128:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dnsname, ".");
data/cfengine3-3.15.2/libcfnet/client_protocol.c:134:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(dnsname, localip, strlen(localip)) == 0
data/cfengine3-3.15.2/libcfnet/client_protocol.c:135:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& dnsname[strlen(localip)] != '\0')
data/cfengine3-3.15.2/libcfnet/client_protocol.c:137:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dnsname[strlen(localip)] = '\0';
data/cfengine3-3.15.2/libcfnet/client_protocol.c:149:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(VFQNAME) > 0 ? VFQNAME : "skipident");
data/cfengine3-3.15.2/libcfnet/client_protocol.c:150:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(VFQNAME) > 0)
data/cfengine3-3.15.2/libcfnet/client_protocol.c:557:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strncmp(buf, CF_FAILEDSTR, strlen(CF_FAILEDSTR)) == 0);
data/cfengine3-3.15.2/libcfnet/communication.c:76:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *buffer = BufferNewFrom(name, strlen(name));
data/cfengine3-3.15.2/libcfnet/communication.c:108:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *buffer = BufferNewFrom(name, strlen(name));
data/cfengine3-3.15.2/libcfnet/net.c:71:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/cfengine3-3.15.2/libcfnet/policy_server.c:109:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(host_or_ip) < CF_MAX_IP_LEN);
data/cfengine3-3.15.2/libcfnet/policy_server.c:115:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(port) < CF_MAX_PORT_LEN)
data/cfengine3-3.15.2/libcfnet/protocol.c:76:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (int i = 0; i < len && buf[i] != '\0'; i += strlen(buf + i) + 1)
data/cfengine3-3.15.2/libcfnet/stat_cache.c:121:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(file) > CF_BUFSIZE - 30)
data/cfengine3-3.15.2/libcfnet/stat_cache.c:163:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int cipherlen = EncryptString(out, sizeof(out), in, strlen(in) + 1,
data/cfengine3-3.15.2/libcfnet/stat_cache.c:181:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tosend = strlen(sendbuffer);
data/cfengine3-3.15.2/libcfnet/stat_cache.c:202:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
recvbuffer + strlen("BAD: "));
data/cfengine3-3.15.2/libcfnet/stat_cache.c:209:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
recvbuffer + strlen("BAD: "));
data/cfengine3-3.15.2/libcfnet/tls_client.c:247:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line);
data/cfengine3-3.15.2/libcfnet/tls_generic.c:1001:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t max_len = strlen(cipher_list) + 1; /* NUL byte */
data/cfengine3-3.15.2/libenv/sysinfo.c:304:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strncmp(nodename, fqname, strlen(nodename)) == 0) && (fqname[strlen(nodename)] == '.'))
data/cfengine3-3.15.2/libenv/sysinfo.c:304:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strncmp(nodename, fqname, strlen(nodename)) == 0) && (fqname[strlen(nodename)] == '.'))
data/cfengine3-3.15.2/libenv/sysinfo.c:307:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(domain, fqname + strlen(nodename) + 1, domain_size);
data/cfengine3-3.15.2/libenv/sysinfo.c:763:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(workbuf) > CF_MAXVARSIZE - 2)
data/cfengine3-3.15.2/libenv/sysinfo.c:1205:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(resolved_path) < sizeof(init_path))
data/cfengine3-3.15.2/libenv/sysinfo.c:1217:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next_p = strstr(next_p ? next_p+strlen(term) : init_path, term);
data/cfengine3-3.15.2/libenv/sysinfo.c:1222:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen("/systemd")] == '\0')
data/cfengine3-3.15.2/libenv/sysinfo.c:1581:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(relstring, ORACLE_VM_SERVER_ID, strlen(ORACLE_VM_SERVER_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1593:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
revcomps = sscanf(r + strlen("release "), "%d.%d.%d", &major, &minor, &patch);
data/cfengine3-3.15.2/libenv/sysinfo.c:1639:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(relstring, ORACLE_ID, strlen(ORACLE_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1651:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sscanf(r + strlen("release "), "%d.%d", &major, &minor) == 2)
data/cfengine3-3.15.2/libenv/sysinfo.c:1695:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, FEDORA_ID, strlen(FEDORA_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1719:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
release += strlen(RELEASE_FLAG);
data/cfengine3-3.15.2/libenv/sysinfo.c:1734:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:1799:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, REDHAT_ES_ID, strlen(REDHAT_ES_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1804:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_WS_ID, strlen(REDHAT_WS_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1809:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_WS_ID, strlen(REDHAT_WS_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1814:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_AS_ID, strlen(REDHAT_AS_ID)) ||
data/cfengine3-3.15.2/libenv/sysinfo.c:1815:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!strncmp(relstring, REDHAT_AS21_ID, strlen(REDHAT_AS21_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1820:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_S_ID, strlen(REDHAT_S_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1825:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_C_ID, strlen(REDHAT_C_ID))
data/cfengine3-3.15.2/libenv/sysinfo.c:1826:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| !strncmp(relstring, REDHAT_W_ID, strlen(REDHAT_W_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1831:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_CN_ID, strlen(REDHAT_CN_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1836:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_ID, strlen(REDHAT_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1840:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, REDHAT_ENT_ID, strlen(REDHAT_ENT_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1844:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, MANDRAKE_ID, strlen(MANDRAKE_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1848:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, MANDRAKE_10_1_ID, strlen(MANDRAKE_10_1_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1852:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, WHITEBOX_ID, strlen(WHITEBOX_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1856:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, SCIENTIFIC_SL_ID, strlen(SCIENTIFIC_SL_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1861:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, SCIENTIFIC_CERN_ID, strlen(SCIENTIFIC_CERN_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1866:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, SCIENTIFIC_SL6_ID, strlen(SCIENTIFIC_SL6_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1871:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, CENTOS_ID, strlen(CENTOS_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1875:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, ORACLE_4_5_ID, strlen(ORACLE_4_5_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:1896:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (int i = 0; i < strlen(relstring); i++)
data/cfengine3-3.15.2/libenv/sysinfo.c:1913:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
release += strlen(RELEASE_FLAG);
data/cfengine3-3.15.2/libenv/sysinfo.c:1935:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:1941:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:1949:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:1961:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:1969:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2016:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(vbuf, "VERSION", strlen("version")) == 0)
data/cfengine3-3.15.2/libenv/sysinfo.c:2022:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(vbuf, "PATCH", strlen("PATCH")) == 0)
data/cfengine3-3.15.2/libenv/sysinfo.c:2047:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (int i = 0; i < strlen(relstring); i++)
data/cfengine3-3.15.2/libenv/sysinfo.c:2054:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, SUSE_SLES8_ID, strlen(SUSE_SLES8_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2083:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, vbuf, strlen(vbuf)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2093:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, vbuf, strlen(vbuf)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2136:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2139:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2148:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2151:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2168:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2171:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2312:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sscanf(sp + strlen("DISTRIB_RELEASE="), "%[^\n]", version);
data/cfengine3-3.15.2/libenv/sysinfo.c:2377:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(version) > 0)
data/cfengine3-3.15.2/libenv/sysinfo.c:2394:5: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(buffer, "%250s", os);
data/cfengine3-3.15.2/libenv/sysinfo.c:2457:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, MANDRAKE_ID, strlen(MANDRAKE_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2461:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, MANDRAKE_REV_ID, strlen(MANDRAKE_REV_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2466:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(relstring, MANDRAKE_10_1_ID, strlen(MANDRAKE_10_1_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2502:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(relstring, MANDRIVA_ID, strlen(MANDRIVA_ID)))
data/cfengine3-3.15.2/libenv/sysinfo.c:2532:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
release += strlen(RELEASE_FLAG);
data/cfengine3-3.15.2/libenv/sysinfo.c:2550:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2555:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(classbuf, "_");
data/cfengine3-3.15.2/libenv/sysinfo.c:2581:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buffer, "%*s %*s %*s %*s %127s", version) == 1)
data/cfengine3-3.15.2/libenv/sysinfo.c:2611:13: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(buffer, "%127s", version) == 1)
data/cfengine3-3.15.2/libenv/unix_iface.c:342:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) > 1)
data/cfengine3-3.15.2/libenv/unix_iface.c:418:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ifp->ifr_name) == 0)
data/cfengine3-3.15.2/libenv/unix_iface.c:493:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
data/cfengine3-3.15.2/libenv/unix_iface.c:505:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
data/cfengine3-3.15.2/libenv/unix_iface.c:539:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
data/cfengine3-3.15.2/libenv/unix_iface.c:563:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = ip + strlen(ip) - 1; (sp > ip); sp--)
data/cfengine3-3.15.2/libenv/unix_iface.c:831:25: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int scanCount = fscanf(fin,"%255s",regex);
data/cfengine3-3.15.2/libenv/unix_iface.c:913:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *buffer = BufferNewFrom(data, strlen(data));
data/cfengine3-3.15.2/libenv/unix_iface.c:1138:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colon_ptr+2 < header_line + strlen(header_line))
data/cfengine3-3.15.2/libenv/unix_iface.c:1148:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > type_length+2)
data/cfengine3-3.15.2/libenv/zones.c:73:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (sp = s + strlen(s) - 1; isspace(*sp); sp--)
data/cfengine3-3.15.2/libntech/libcompat/getline.c:88:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(stream)) != EOF)
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:590:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
count = read (fd, ldavgbuf, 40);
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:870:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (nl[1].n_name, "");
data/cfengine3-3.15.2/libntech/libcompat/getloadavg.c:943:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
|| read (channel, (char *) load_ave, sizeof (load_ave))
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:450:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nameend - nextchar == strlen (p->name))
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:474:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:504:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:517:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cfengine3-3.15.2/libntech/libcompat/getopt.c:521:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nextchar += strlen (nextchar);
data/cfengine3-3.15.2/libntech/libcompat/inet_ntop.c:167:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp += strlen(tp);
data/cfengine3-3.15.2/libntech/libcompat/strcasestr.c:38:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needlelen = strlen(needle);
data/cfengine3-3.15.2/libntech/libcompat/strchrnul.c:15:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (char *)(s + strlen(s));
data/cfengine3-3.15.2/libntech/libcompat/strdup.c:38:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const long len = strlen(str) + 1;
data/cfengine3-3.15.2/libntech/libcompat/strlcat.c:50:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(dlen + strlen(s));
data/cfengine3-3.15.2/libntech/libcompat/strrstr.c:50:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/cfengine3-3.15.2/libntech/libcompat/strrstr.c:51:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
patlen = strlen(pat);
data/cfengine3-3.15.2/libntech/libcompat/strstr.c:37:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needlelen = strlen(needle);
data/cfengine3-3.15.2/libntech/libcompat/unsetenv.c:54:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = malloc(strlen(name) + 2);
data/cfengine3-3.15.2/libntech/libcompat/unsetenv.c:95:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/cfengine3-3.15.2/libntech/libutils/buffer.c:244:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/cfengine3-3.15.2/libntech/libutils/csv_parser.c:84:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *snatched = xmalloc(strlen(str) + 1);
data/cfengine3-3.15.2/libntech/libutils/csv_parser.c:285:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(snatched);
data/cfengine3-3.15.2/libntech/libutils/csv_parser.c:339:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int current = fgetc(fp);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:219:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read_ = read(fd, buf, READ_BUFSIZE);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:285:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t bytes_read = read(fd, ptr, len);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:498:29: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
const mode_t old_mask = umask(new_mask);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:504:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(old_mask);
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:567:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t path_bufsize = strlen(pathname) + 1;
data/cfengine3-3.15.2/libntech/libutils/file_lib.c:571:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(res_len == strlen(pathname));
data/cfengine3-3.15.2/libntech/libutils/hash.c:199:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_count = read(descriptor, buffer, 1024);
data/cfengine3-3.15.2/libntech/libutils/hash.c:634:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dst_len = MIN(dst_size - 1, strlen(prefix));
data/cfengine3-3.15.2/libntech/libutils/hash.c:638:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(dst_size >= strlen(prefix) + digest_len*2 + 1);
data/cfengine3-3.15.2/libntech/libutils/hash.c:691:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(md5_prefix_length == strlen(md5_prefix));
data/cfengine3-3.15.2/libntech/libutils/hash.c:695:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HashString(src, strlen(src), digest, HASH_METHOD_MD5);
data/cfengine3-3.15.2/libntech/libutils/ip_address.c:87:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(source) == 8 &&
data/cfengine3-3.15.2/libntech/libutils/ip_address.c:99:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(source) == 8+1+4 &&
data/cfengine3-3.15.2/libntech/libutils/ip_address.c:380:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(source) == 32 &&
data/cfengine3-3.15.2/libntech/libutils/ip_address.c:394:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(source) == 32+1+4 &&
data/cfengine3-3.15.2/libntech/libutils/json-utils.c:126:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_length = strlen(line);
data/cfengine3-3.15.2/libntech/libutils/json-utils.c:204:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
byte_count += strlen(raw_line);
data/cfengine3-3.15.2/libntech/libutils/json-utils.c:270:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
byte_count += strlen(line);
data/cfengine3-3.15.2/libntech/libutils/json-yaml.c:346:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
yaml_parser_set_input_string(&parser, *data, strlen(*data));
data/cfengine3-3.15.2/libntech/libutils/json.c:539:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(element->primitive.value);
data/cfengine3-3.15.2/libntech/libutils/logging.c:295:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(errbuf);
data/cfengine3-3.15.2/libntech/libutils/mustache.c:365:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RenderHTMLContent(out, json_key, strlen(json_key));
data/cfengine3-3.15.2/libntech/libutils/mustache.c:379:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RenderHTMLContent(out, JsonPrimitiveGetAsString(primitive), strlen(JsonPrimitiveGetAsString(primitive)));
data/cfengine3-3.15.2/libntech/libutils/mustache.c:518:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(delim_start, first.data, first.len);
data/cfengine3-3.15.2/libntech/libutils/mustache.c:529:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(delim_end, second.data, second.len);
data/cfengine3-3.15.2/libntech/libutils/mustache.c:598:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(loc_delim_start, delim_start, delim_start_len);
data/cfengine3-3.15.2/libntech/libutils/mustache.c:602:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(loc_delim_end, delim_end, delim_end_len);
data/cfengine3-3.15.2/libntech/libutils/mustache.c:889:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t delim_start_len = strlen(delim_start);
data/cfengine3-3.15.2/libntech/libutils/mustache.c:892:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t delim_end_len = strlen(delim_end);
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:127:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MSG_LEN_T size = text ? strlen(text) + 1 : 0;
data/cfengine3-3.15.2/libntech/libutils/passopenfile.c:350:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t msglen = text ? strlen(text) + 1 : sizeof(NULL_MSG);
data/cfengine3-3.15.2/libntech/libutils/path.c:44:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = strlen(path);
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:66:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t max = strlen(options);
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:101:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(replacement);
data/cfengine3-3.15.2/libntech/libutils/pcre_wrap.c:393:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newsize += strlen(job->substitute->text) - matches[current_match].submatch_length[0];
data/cfengine3-3.15.2/libntech/libutils/regex.c:61:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int result = pcre_exec(regex, NULL, str, strlen(str),
data/cfengine3-3.15.2/libntech/libutils/regex.c:127:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (start == 0) && (end == strlen(str));
data/cfengine3-3.15.2/libntech/libutils/regex.c:171:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int result = pcre_exec(pattern, NULL, str, strlen(str),
data/cfengine3-3.15.2/libntech/libutils/regex.c:281:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int rc = pcre_exec(rx, NULL, teststring, strlen(teststring), 0, 0, ovector, STRING_MATCH_OVECCOUNT);
data/cfengine3-3.15.2/libntech/libutils/set.c:133:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, element, strlen(element));
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:67:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(to, from, buf_size);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:73:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(to); // TODO - Replace the extra pass by using stpncpy:
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:96:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = (str != NULL) ? strlen(str) : 0;
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:202:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(str);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:341:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
source_ptr += found_ptr - source_ptr + strlen(search);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:354:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t total_length = first ? strlen(first) : 0;
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:363:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_length += strlen(arg);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:717:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (string && (strlen(string) == 0))
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:745:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(in);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:777:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t find_len = strlen(find);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:778:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t replace_len = strlen(replace);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:779:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buf_len = strlen(buf);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:957:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sp);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:997:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t in_size = strlen(str);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1111:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *end = s + strlen(s) - 1; // Last byte before '\0'
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1139:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(data);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1154:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(length == strlen(data));
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1172:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(data) > 0);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1173:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(data) < 4096);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1177:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(length == strlen(data));
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1188:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(0 <= start && start <= end && end <= strlen(s));
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1189:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert((end - start) <= strlen(s));
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1195:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(s + end) + 1);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1201:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t str_len = strlen(str);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1202:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t suffix_len = strlen(suffix);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1235:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int str_len = strlen(str);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1236:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int prefix_len = strlen(prefix);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1354:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = strlen(path);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1355:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t leaf_len = strlen(leaf);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1395:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dlen = (dst_len != NULL) ? *dst_len : strlen(dst);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1396:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = (src_len != 0) ? src_len : strlen(src);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1435:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dlen = (dst_len != NULL) ? *dst_len : strlen(dst);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1436:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(src);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1491:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(shortopt) == 2);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1492:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(longopt) >= 3);
data/cfengine3-3.15.2/libntech/libutils/string_lib.c:1496:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t length = strlen(supplied);
data/cfengine3-3.15.2/libntech/libutils/string_lib.h:49:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strncmp(str,start,strlen(start)) == 0)
data/cfengine3-3.15.2/libntech/libutils/string_sequence.c:153:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const unsigned long str_length = strlen(s);
data/cfengine3-3.15.2/libntech/libutils/unix_dir.c:203:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(filename);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:25:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int dataLength = strlen(data);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:50:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int element0size = strlen(element0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:124:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int element0size = strlen(element0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:146:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int element0size = strlen(element0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:148:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int element1size = strlen(element1);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:184:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int element0size = strlen(element0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:187:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int element1size = strlen(element1);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:280:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(strlen(buffer_m1), BufferSize(bm1));
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:290:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(strlen(buffer_0), BufferSize(be));
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:300:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(strlen(buffer_p1), BufferSize(bp1));
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:309:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int char0size = strlen(char0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:312:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int char1size = strlen(char1);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:318:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int int0charsize = strlen(int0char);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:321:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int double0charsize = strlen(double0char);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:323:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int char0int0char1double0size = strlen(char0int0char1double0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:462:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int char0size = strlen(char0);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:465:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int char1size = strlen(char1);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:471:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int int0charsize = strlen(int0char);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:474:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int double0charsize = strlen(double0char);
data/cfengine3-3.15.2/libntech/tests/unit/buffer_test.c:476:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int char0int0char1double0size = strlen(char0int0char1double0);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:826:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal)
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:830:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1731:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(xml_tmp);
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1886:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
timestamp[strlen(timestamp)-1] = '\0';
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1927:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(suitename, "");
data/cfengine3-3.15.2/libntech/tests/unit/cmockery.c:1928:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(suitename, filename, len);
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:10:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = malloc(strlen(inp)+1); \
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:104:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* backup = malloc(strlen(src)+1); \
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:106:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* buf = malloc(strlen(src)+1); \
data/cfengine3-3.15.2/libntech/tests/unit/env_file_test.c:117:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* buf = malloc(strlen(src)+1); \
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:126:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int result = write(fd, TEST_STRING, strlen(TEST_STRING));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:129:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = write(fd, TEST_SUBSTRING, strlen(TEST_SUBSTRING));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:132:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = write(fd, TEST_SUBSUBSTRING, strlen(TEST_SUBSUBSTRING));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:161:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char buf[strlen(str) + 1];
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:162:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert_int_equal(read(fd, buf, strlen(str)), strlen(str));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:162:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(read(fd, buf, strlen(str)), strlen(str));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:162:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(read(fd, buf, strlen(str)), strlen(str));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:163:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(str)] = '\0';
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:722:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssize_t w_ret = write(fd, TEST_STRING, strlen(TEST_STRING));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:723:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(w_ret, strlen(TEST_STRING));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:730:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
empty ? 0 : strlen(TEST_STRING));
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1622:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t length = strlen(TEST_STRING);
data/cfengine3-3.15.2/libntech/tests/unit/file_lib_test.c:1641:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t length = strlen(TEST_STRING);
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:34:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message_length = strlen(message);
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:251:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_true(strlen(too_long) != strlen(buf));
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:251:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_true(strlen(too_long) != strlen(buf));
data/cfengine3-3.15.2/libntech/tests/unit/hash_test.c:252:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(strlen(buf), 39);
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:284:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(buffer, "127.0.0.1", strlen("127.0.0.1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:294:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(buffer, "127.0.0.1:8080", strlen("127.0.0.1:8080"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:304:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(buffer, "0:1:2:3:4:5:6:7", strlen("0:1:2:3:4:5:6:7"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:314:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(buffer, "[0:1:2:3:4:5:6:7]:9090", strlen("[0:1:2:3:4:5:6:7]:9090"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:347:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1.1.1.1", strlen("1.1.1.1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:353:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1.1.1.1", strlen("1.1.1.1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:359:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1.2.3.4", strlen("1.2.3.4"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:366:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1.2.1.1", strlen("1.2.1.1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:373:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1.2.3.1", strlen("1.2.3.1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:380:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "2.2.3.4", strlen("2.2.3.4"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:385:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1.2.3.4", strlen("1.2.3.4"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:392:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1.2.3.4", strlen("1.2.3.4"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:402:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1:2:3:4:5:6:7:8", strlen("1:2:3:4:5:6:7:8"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:448:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1:1:1:1:1:1:1:1", strlen("1:1:1:1:1:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:454:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:1:1:1:1:1:1:1", strlen("1:1:1:1:1:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:461:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1:2:3:4:5:6:7:8", strlen("1:1:1:1:1:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:469:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:2:1:1:1:1:1:1", strlen("1:2:1:1:1:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:477:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:2:3:1:1:1:1:1", strlen("1:2:3:1:1:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:485:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:2:3:4:1:1:1:1", strlen("1:2:3:4:1:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:493:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:2:3:4:5:1:1:1", strlen("1:2:3:4:5:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:501:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:2:3:4:5:6:1:1", strlen("1:2:3:4:5:6:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:509:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:2:3:4:5:6:7:1", strlen("1:2:3:4:5:6:7:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:517:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "2:2:3:4:5:6:7:8", strlen("2:2:3:4:5:6:7:8"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:525:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1:0:0:0:0:0:0:1", strlen("1:0:0:0:0:0:0:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:531:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1::1", strlen("1::1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:539:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1:1:0:0:0:0:0:1", strlen("1:1:0:0:0:0:0:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:547:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:1::1", strlen("1:1::1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:555:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferA, "1::1:1", strlen("1::1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:561:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1:0:0:0:0:0:1:1", strlen("1:0:0:0:0:0:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:571:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferB, "1.2.3.4", strlen("1.2.3.4"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:607:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "1.2.3.4", strlen("1.2.3.4"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:615:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "1.2..3", strlen("1.2..3"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:621:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "1.a.2.3", strlen("1.a.2.3"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:627:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "256.255.255.255", strlen("256.255.255.255"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:633:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "255.255.255.255", strlen("255.255.255.255"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:641:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "1:0:0:0:0:0:0:1", strlen("1:0:0:0:0:0:0:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:649:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "1:1:1:1:0:1:1:1", strlen("1:1:1:1:0:1:1:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:657:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "a:b:c:d:e:f:0:1", strlen("a:b:c:d:e:f:0:1"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:665:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "a:b:c:d:e:f:g:h", strlen("a:b:c:d:e:f:g:h"));
data/cfengine3-3.15.2/libntech/tests/unit/ipaddress_test.c:670:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferSet(bufferAddress, "ffff:ffff:fffff:0:0:0:0:1", strlen("ffff:ffff:fffff:0:0:0:0:1"));
data/cfengine3-3.15.2/libntech/tests/unit/json_test.c:1485:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_json5_data_eq(strlen(unescaped), unescaped, escaped); \
data/cfengine3-3.15.2/libntech/tests/unit/json_test.c:1506:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_json5_data_eq(strlen(hello) + 1, hello, "Hello\\0");
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:23:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem("EMPTY", 0, needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:32:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), "EMPTY", 0);
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:38:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:38:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:44:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:44:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:50:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:50:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:56:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:56:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:62:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:62:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:68:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:68:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:74:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:74:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:80:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:80:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:86:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:86:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:92:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:92:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:98:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/libcompat_test.c:98:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = memmem(haystack, strlen(haystack), needle, strlen(needle));
data/cfengine3-3.15.2/libntech/tests/unit/logging_timestamp_test.c:39:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_true(pcre_exec(regex, NULL, buf, strlen(buf), 0, 0, NULL, 0) >= 0);
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:444:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int key_len = strlen(item->key);
data/cfengine3-3.15.2/libntech/tests/unit/map_test.c:445:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int value_len = strlen(item->value);
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:745:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
ret = sscanf(one_to_nine, "%3s%3s%2s%1s", a, b, c, d);
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:754:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
ret = sscanf(with_spaces, "%3s %3s %2s", a, b, c);
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:762:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
ret = sscanf(enforce_spaces, "%3s"FMT_SPACE"%3s"FMT_SPACE"%2s", a, b, c);
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:771:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
ret = sscanf(partial_match, "%3s,%3s,%2s", a, b, c);
data/cfengine3-3.15.2/libntech/tests/unit/sequence_test.c:814:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(str);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:17:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:42:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:55:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:246:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t actual_size = strlen(string);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:258:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t actual_size = strlen(string);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:281:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t actual_size = strlen(string);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:291:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t actual_size = strlen(string);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:795:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(new_length, strlen(data));
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:802:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(new_length, strlen(data));
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:840:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(new_length, strlen(data));
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:847:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(new_length, strlen(data));
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:854:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(new_length, strlen(data));
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:867:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(test_string);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:972:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(lo_alphabet);
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:997:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sp,"");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1001:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sp,"\n");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1034:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dst, "/");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1046:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dst, "/");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1058:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dst, "/");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1070:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dst, "/");
data/cfengine3-3.15.2/libntech/tests/unit/string_lib_test.c:1082:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dst, "/");
data/cfengine3-3.15.2/libpromises/bootstrap.c:402:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t data_length = strlen(data);
data/cfengine3-3.15.2/libpromises/cf3.defs.h:1114:12: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mode_t umask;
data/cfengine3-3.15.2/libpromises/cf3lex.c:963:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/cfengine3-3.15.2/libpromises/cf3lex.c:1234:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* target = yytext + strlen("@if before_version(");
data/cfengine3-3.15.2/libpromises/cf3lex.c:1271:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* target = yytext + strlen("@if at_version(");
data/cfengine3-3.15.2/libpromises/cf3lex.c:1308:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* target = yytext + strlen("@if after_version(");
data/cfengine3-3.15.2/libpromises/cf3lex.c:1345:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* from = yytext + strlen("@if between_versions(");
data/cfengine3-3.15.2/libpromises/cf3lex.c:1382:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
feature_text[strlen(feature_text)-1] = 0;
data/cfengine3-3.15.2/libpromises/cf3lex.c:1540:27: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.currentid, yytext, CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3lex.c:1555:27: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.currentid, yytext, CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3lex.c:1664:27: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.currenttype, tmp, CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3lex.c:2533:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,(int) strlen(yystr) );
data/cfengine3-3.15.2/libpromises/cf3lex.c:2789:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(from);
data/cfengine3-3.15.2/libpromises/cf3parse.c:917:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/cfengine3-3.15.2/libpromises/cf3parse.c:1426:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(P.blockid,"");
data/cfengine3-3.15.2/libpromises/cf3parse.c:1482:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(P.blockid,"");
data/cfengine3-3.15.2/libpromises/cf3parse.c:1536:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.blocktype,P.currentid,CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3parse.c:1547:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.blockid,P.currentid,CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3parse.c:1856:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(P.currentid,"");
data/cfengine3-3.15.2/libpromises/cf3parse.c:1902:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(item) > 3 &&
data/cfengine3-3.15.2/libpromises/cf3parse.c:1907:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = xstrndup(P.rval.item+2, strlen(P.rval.item)-3 );
data/cfengine3-3.15.2/libpromises/cf3parse.c:1921:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *copy = BufferNewFrom(P.rval.item, strlen(P.rval.item));
data/cfengine3-3.15.2/libpromises/cf3parse.c:1924:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(P.rval.item) > 3 && strncmp("---", P.rval.item, 3) == 0)
data/cfengine3-3.15.2/libpromises/cf3parse.c:2045:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.lval,P.currentid,CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3parse.c:2095:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(P.currentid,"");
data/cfengine3-3.15.2/libpromises/cf3parse.c:2222:32: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.lval,P.currentid,CF_MAXVARSIZE);
data/cfengine3-3.15.2/libpromises/cf3parse.c:2280:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
P.offsets.last_class_id = P.offsets.current - strlen(P.currentclasses ? P.currentclasses : P.currentvarclasses) - 2;
data/cfengine3-3.15.2/libpromises/cf3parse.c:2489:28: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE); // Make a var look like an ID
data/cfengine3-3.15.2/libpromises/cf3parse.c:2523:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(P.currentid,"");
data/cfengine3-3.15.2/libpromises/cf3parse.c:3145:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ParseResult res = ParseExpression(class_literal, 0, strlen(class_literal));
data/cfengine3-3.15.2/libpromises/cf3parse.c:3149:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ParseErrorColumnOffset(res.position - strlen(class_literal), "Syntax error in context string");
data/cfengine3-3.15.2/libpromises/class.c:169:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char fullname[ strlen(ns) + 1 + strlen(name) + 1 ];
data/cfengine3-3.15.2/libpromises/class.c:169:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char fullname[ strlen(ns) + 1 + strlen(name) + 1 ];
data/cfengine3-3.15.2/libpromises/class.c:221:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char fullname[ strlen(ns) + 1 + strlen(name) + 1 ];
data/cfengine3-3.15.2/libpromises/class.c:221:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char fullname[ strlen(ns) + 1 + strlen(name) + 1 ];
data/cfengine3-3.15.2/libpromises/conversion.c:118:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(string);
data/cfengine3-3.15.2/libpromises/conversion.c:692:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(string);
data/cfengine3-3.15.2/libpromises/conversion.c:813:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(MONTH_TEXT[i], string, strlen(string)) == 0)
data/cfengine3-3.15.2/libpromises/conversion.c:834:5: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(tmp, "%*s %5s %3s %*s %5s", month, day, year);
data/cfengine3-3.15.2/libpromises/conversion.c:935:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(comm, sp, 15);
data/cfengine3-3.15.2/libpromises/crypto.c:119:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t fqdn_len = strlen(VFQNAME) > 0 ? strlen(VFQNAME) : 1;
data/cfengine3-3.15.2/libpromises/crypto.c:119:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t fqdn_len = strlen(VFQNAME) > 0 ? strlen(VFQNAME) : 1;
data/cfengine3-3.15.2/libpromises/crypto.c:371:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(digest) > 0)
data/cfengine3-3.15.2/libpromises/dbm_api.c:558:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return DBPrivRead(handle->priv, key, strlen(key) + 1, dest, destSz);
data/cfengine3-3.15.2/libpromises/dbm_api.c:563:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return DBPrivWrite(handle->priv, key, strlen(key) + 1, src, srcSz);
data/cfengine3-3.15.2/libpromises/dbm_api.c:578:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return DBPrivDelete(handle->priv, key, strlen(key) + 1);
data/cfengine3-3.15.2/libpromises/dbm_lmdb.c:249:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t n_read = read(fd_tstamp, &repaired_tstamp, sizeof(time_t));
data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c:106:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!WriteDB(db, hostkey_key, old_data_address, strlen(old_data_address) + 1))
data/cfengine3-3.15.2/libpromises/dbm_migration_lastseen.c:116:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!WriteDB(db, address_key, hostkey, strlen(hostkey) + 1))
data/cfengine3-3.15.2/libpromises/dbm_tokyocab.c:453:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(hbuf, MAGIC, strlen(MAGIC)) != 0)
data/cfengine3-3.15.2/libpromises/eval_context.c:421:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(copy) == 0)
data/cfengine3-3.15.2/libpromises/eval_context.c:555:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *condensed = BufferNewFrom(context, strlen(context));
data/cfengine3-3.15.2/libpromises/eval_context.c:588:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ParseResult res = ParseExpression(expr, 0, strlen(expr));
data/cfengine3-3.15.2/libpromises/eval_context.c:657:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t tags_length = strlen(tags) + 1;
data/cfengine3-3.15.2/libpromises/eval_context.c:668:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int existing_info_size = ValueSizeDB(dbp, key, strlen(key));
data/cfengine3-3.15.2/libpromises/eval_context.c:1604:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= sizeof(canonified_context))
data/cfengine3-3.15.2/libpromises/eval_context.c:1628:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(context_copy) == 0)
data/cfengine3-3.15.2/libpromises/eval_context.c:1834:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int tail = strlen(last_line);
data/cfengine3-3.15.2/libpromises/eval_context.c:2175:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref->lval) > CF_MAXVARSIZE)
data/cfengine3-3.15.2/libpromises/evalfunction.c:179:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(varname) < CF_MAXVARSIZE)
data/cfengine3-3.15.2/libpromises/evalfunction.c:430:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*data += strlen(BufferData(varname))-1;
data/cfengine3-3.15.2/libpromises/evalfunction.c:774:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HashString(inp, strlen(inp), digest, HASH_METHOD_SHA256);
data/cfengine3-3.15.2/libpromises/evalfunction.c:923:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(RlistScalarValue(finalargs)));
data/cfengine3-3.15.2/libpromises/evalfunction.c:1006:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *var = BufferNewFrom(filename, strlen(filename));
data/cfengine3-3.15.2/libpromises/evalfunction.c:1138:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HashString(string_or_filename, strlen(string_or_filename), digest, type);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1539:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RlistAppendScalar(&tags, element+strlen(key));
data/cfengine3-3.15.2/libpromises/evalfunction.c:1582:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t base_len = strlen(base);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1583:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t suffix_len = strlen(suffix);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1681:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t line_length = strlen(line);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1771:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pm_name_size = strlen(pm_name);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1784:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int data_size = ValueSizeDB(db_cached, key, strlen(key) + 1);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1820:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t new_line_size = strlen(line) + pm_name_size + 2; // we need coma and terminator
data/cfengine3-3.15.2/libpromises/evalfunction.c:1823:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(new_line, ",");
data/cfengine3-3.15.2/libpromises/evalfunction.c:1910:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HashString(string, strlen(string), digest, type);
data/cfengine3-3.15.2/libpromises/evalfunction.c:1928:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(string);
data/cfengine3-3.15.2/libpromises/evalfunction.c:2548:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sendstring) > 0)
data/cfengine3-3.15.2/libpromises/evalfunction.c:2552:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(sendstring);
data/cfengine3-3.15.2/libpromises/evalfunction.c:3059:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(regex) == 0 || StringMatchFull(regex, dirp->d_name))
data/cfengine3-3.15.2/libpromises/evalfunction.c:3115:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PipeWrite(&io, container_str) != strlen(container_str))
data/cfengine3-3.15.2/libpromises/evalfunction.c:3511:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t template_size = strlen(template) + 1;
data/cfengine3-3.15.2/libpromises/evalfunction.c:3870:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sendstring) > 0)
data/cfengine3-3.15.2/libpromises/evalfunction.c:3872:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SendSocketStream(sd, sendstring, strlen(sendstring)) != -1)
data/cfengine3-3.15.2/libpromises/evalfunction.c:3883:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(regex) == 0 || StringMatchFull(regex, recvbuf))
data/cfengine3-3.15.2/libpromises/evalfunction.c:4104:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(current) + 1;
data/cfengine3-3.15.2/libpromises/evalfunction.c:5177:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t length = strlen(bad_modifiers);
data/cfengine3-3.15.2/libpromises/evalfunction.c:5196:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, piece, strlen(piece));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5210:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, piece, strlen(piece));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5216:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, piece, strlen(piece));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5248:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, piece, strlen(piece));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5273:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, piece, strlen(piece));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5288:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, error, strlen(error));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5326:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, format, strlen(format));
data/cfengine3-3.15.2/libpromises/evalfunction.c:5914:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *rewrite = BufferNewFrom(data, strlen(data));
data/cfengine3-3.15.2/libpromises/evalfunction.c:6498:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return FnReturnContext(strlen(failure) == 0 &&
data/cfengine3-3.15.2/libpromises/evalfunction.c:6503:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(failure) > 0)
data/cfengine3-3.15.2/libpromises/evalfunction.c:6855:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(SeqAt(list, 0)) == 0)
data/cfengine3-3.15.2/libpromises/evalfunction.c:7043:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(StringWriterData(w));
data/cfengine3-3.15.2/libpromises/evalfunction.c:7796:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t original_length = strlen(file_buffer);
data/cfengine3-3.15.2/libpromises/evalfunction.c:7837:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line);
data/cfengine3-3.15.2/libpromises/evalfunction.c:7897:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line);
data/cfengine3-3.15.2/libpromises/evalfunction.c:8125:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(line);
data/cfengine3-3.15.2/libpromises/evalfunction.c:8318:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *holder = BufferNewFrom(line+strlen(name)+1+1,
data/cfengine3-3.15.2/libpromises/evalfunction.c:8319:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length - strlen(name) - 1 - 1);
data/cfengine3-3.15.2/libpromises/evalfunction.c:8383:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t entry_size = strlen(RlistScalarValue(rp));
data/cfengine3-3.15.2/libpromises/exec_tools.c:96:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen(line) + 1;
data/cfengine3-3.15.2/libpromises/exec_tools.c:294:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(arg);
data/cfengine3-3.15.2/libpromises/expand.c:460:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ExtractScalarPrefix(current_item, sp, strlen(sp));
data/cfengine3-3.15.2/libpromises/expand.c:471:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ExtractScalarReference(current_item, sp, strlen(sp), true);
data/cfengine3-3.15.2/libpromises/expand.c:1124:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/cfengine3-3.15.2/libpromises/expand.c:1179:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/cfengine3-3.15.2/libpromises/expand.c:1208:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(var) < 4)
data/cfengine3-3.15.2/libpromises/extensions.c:107:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(dirs_to_try[i]) + strlen(lib) + strlen(name) + 2];
data/cfengine3-3.15.2/libpromises/extensions.c:107:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(dirs_to_try[i]) + strlen(lib) + strlen(name) + 2];
data/cfengine3-3.15.2/libpromises/extensions.c:107:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char path[strlen(dirs_to_try[i]) + strlen(lib) + strlen(name) + 2];
data/cfengine3-3.15.2/libpromises/files_copy.c:223:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(current) + 1;
data/cfengine3-3.15.2/libpromises/files_lib.c:74:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int bytes_to_write = strlen(contents);
data/cfengine3-3.15.2/libpromises/files_lib.c:264:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(currentpath, parentandchild, rootlen);
data/cfengine3-3.15.2/libpromises/files_lib.c:291:24: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
mask = umask(0);
data/cfengine3-3.15.2/libpromises/files_lib.c:298:21: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/cfengine3-3.15.2/libpromises/files_lib.c:301:17: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask);
data/cfengine3-3.15.2/libpromises/files_lib.c:394:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (edits.joinlines && *(line + strlen(line) - 1) == '\\')
data/cfengine3-3.15.2/libpromises/files_lib.c:396:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(line + strlen(line) - 1) = '\0';
data/cfengine3-3.15.2/libpromises/files_names.c:154:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(leaf);
data/cfengine3-3.15.2/libpromises/files_names.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) + len + 1 > path_size)
data/cfengine3-3.15.2/libpromises/files_names.c:185:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(leaf_path);
data/cfengine3-3.15.2/libpromises/files_names.c:240:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) == 0)
data/cfengine3-3.15.2/libpromises/files_names.c:273:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!IsFileSep(str[strlen(str) - 1]))
data/cfengine3-3.15.2/libpromises/files_names.c:287:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(path) > 0);
data/cfengine3-3.15.2/libpromises/files_names.c:322:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(str);
data/cfengine3-3.15.2/libpromises/files_names.c:378:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(str) > 0);
data/cfengine3-3.15.2/libpromises/files_names.c:406:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp = str + strlen(str) - 1;
data/cfengine3-3.15.2/libpromises/files_names.c:593:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(node, sp, nodelen);
data/cfengine3-3.15.2/libpromises/generic_agent.c:205:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t length = strlen(class_str);
data/cfengine3-3.15.2/libpromises/generic_agent.c:216:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(tmp_class_str) == length);
data/cfengine3-3.15.2/libpromises/generic_agent.c:520:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(VPREFIX, "");
data/cfengine3-3.15.2/libpromises/generic_agent.c:573:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char canonified_ipaddr[strlen(bootstrap_ip) + 1];
data/cfengine3-3.15.2/libpromises/generic_agent.c:1223:23: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int scanned = fscanf(git_file, "ref: %127s", git_head);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1241:23: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
scanned = fscanf(git_file, "%40s", release_id_out);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1261:23: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
scanned = fscanf(git_file, "%40s", release_id_out);
data/cfengine3-3.15.2/libpromises/generic_agent.c:1824:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(warning_options) == 0)
data/cfengine3-3.15.2/libpromises/generic_agent.c:1840:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
options_start = warning_options + strlen("error=");
data/cfengine3-3.15.2/libpromises/generic_agent.c:2047:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inputdir) + strlen(input_file) > sizeof(failsafe_path) - 2)
data/cfengine3-3.15.2/libpromises/generic_agent.c:2047:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inputdir) + strlen(input_file) > sizeof(failsafe_path) - 2)
data/cfengine3-3.15.2/libpromises/item_lib.c:153:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ip->name);
data/cfengine3-3.15.2/libpromises/item_lib.c:550:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t string_len = strlen(string);
data/cfengine3-3.15.2/libpromises/item_lib.c:622:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
format[strlen(format)] = sep;
data/cfengine3-3.15.2/libpromises/item_lib.c:623:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(format) + 1 == sizeof(format) || sep == '\0');
data/cfengine3-3.15.2/libpromises/item_lib.c:630:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(node) - 1;
data/cfengine3-3.15.2/libpromises/item_lib.c:664:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, ",");
data/cfengine3-3.15.2/libpromises/item_lib.c:668:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(s) + 1 == s_size);
data/cfengine3-3.15.2/libpromises/item_lib.c:690:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(ip->name);
data/cfengine3-3.15.2/libpromises/item_lib.c:901:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match = (strncmp(ip->name, string, strlen(string)) == 0);
data/cfengine3-3.15.2/libpromises/item_lib.c:1090:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(adr, ip->name, strlen(adr)) == 0)
data/cfengine3-3.15.2/libpromises/iteration.c:293:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_length = strlen(s);
data/cfengine3-3.15.2/libpromises/iteration.c:522:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t s_max = strlen(s);
data/cfengine3-3.15.2/libpromises/iteration.c:548:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t s_end_len = strlen(s_end);
data/cfengine3-3.15.2/libpromises/iteration.c:558:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t s_next_len = strlen(s_next);
data/cfengine3-3.15.2/libpromises/iteration.c:638:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t s_len = strlen(s);
data/cfengine3-3.15.2/libpromises/keyring.c:84:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (c && c[strlen(suffix)] == '\0') /* dirp->d_name ends with suffix */
data/cfengine3-3.15.2/libpromises/lastseen.c:94:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ipaddress) == 0)
data/cfengine3-3.15.2/libpromises/lastseen.c:143:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(db, hostkey_key, address, strlen(address) + 1);
data/cfengine3-3.15.2/libpromises/lastseen.c:150:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(db, address_key, hostkey, strlen(hostkey) + 1);
data/cfengine3-3.15.2/libpromises/lastseen.c:463:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bufhost, "a");
data/cfengine3-3.15.2/libpromises/lastseen.c:469:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bufkey, "k");
data/cfengine3-3.15.2/libpromises/lastseen.c:471:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (HasKeyDB(db, bufkey, strlen(bufkey) + 1) == false)
data/cfengine3-3.15.2/libpromises/lastseen.c:530:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bufkey, "k");
data/cfengine3-3.15.2/libpromises/lastseen.c:536:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bufhost, "a");
data/cfengine3-3.15.2/libpromises/lastseen.c:538:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (HasKeyDB(db, bufhost, strlen(bufhost) + 1) == false)
data/cfengine3-3.15.2/libpromises/loading.c:292:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(bundle->name, "main", 4+1);
data/cfengine3-3.15.2/libpromises/locks.c:187:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen("CF_CRITICAL_SECTION") < LMDB_MAX_KEY_SIZE);
data/cfengine3-3.15.2/libpromises/locks.c:188:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen("lock.track_license_bundle.track_license") < LMDB_MAX_KEY_SIZE);
data/cfengine3-3.15.2/libpromises/locks.c:289:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) < sizeof("Fri Oct 1 15:15:23 EST 2010") - 1)
data/cfengine3-3.15.2/libpromises/locks.c:442:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sp_len = strlen(sp);
data/cfengine3-3.15.2/libpromises/locks.c:450:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst, ".");
data/cfengine3-3.15.2/libpromises/locks.c:477:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t con_len = strlen(con);
data/cfengine3-3.15.2/libpromises/locks.c:481:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dst, ".");
data/cfengine3-3.15.2/libpromises/locks.c:556:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(RlistScalarValue(rp)));
data/cfengine3-3.15.2/libpromises/locks.c:562:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(RlistFnCallValue(rp)->name));
data/cfengine3-3.15.2/libpromises/locks.c:606:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(context, pp->promiser, strlen(pp->promiser));
data/cfengine3-3.15.2/libpromises/locks.c:611:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(context, pp->comment, strlen(pp->comment));
data/cfengine3-3.15.2/libpromises/locks.c:620:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pp->parent_promise_type->parent_bundle->ns));
data/cfengine3-3.15.2/libpromises/locks.c:627:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pp->parent_promise_type->parent_bundle->name));
data/cfengine3-3.15.2/libpromises/locks.c:635:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(context, salt, strlen(salt));
data/cfengine3-3.15.2/libpromises/locks.c:644:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(context, cp->lval, strlen(cp->lval));
data/cfengine3-3.15.2/libpromises/locks.c:666:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(context, cp->rval.item, strlen(cp->rval.item));
data/cfengine3-3.15.2/libpromises/locks.c:682:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EVP_DigestUpdate(context, fp->name, strlen(fp->name));
data/cfengine3-3.15.2/libpromises/locks.c:984:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(lockname, RlistScalarValue(rp), max_sample);
data/cfengine3-3.15.2/libpromises/locks.c:988:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(lockname, RlistFnCallValue(rp)->name, max_sample);
data/cfengine3-3.15.2/libpromises/match_scope.c:39:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((rc = pcre_exec(rx, NULL, teststring, strlen(teststring), 0, 0, ovector, OVECCOUNT)) >= 0)
data/cfengine3-3.15.2/libpromises/match_scope.c:79:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (match_start == 0) && (match_len == strlen(teststring));
data/cfengine3-3.15.2/libpromises/matching.c:48:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((rc = pcre_exec(rx, NULL, teststring, strlen(teststring), 0, 0, ovector, OVECCOUNT)) >= 0)
data/cfengine3-3.15.2/libpromises/matching.c:57:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backreference, backref_start, backref_len);
data/cfengine3-3.15.2/libpromises/matching.c:88:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(backreference) == 0)
data/cfengine3-3.15.2/libpromises/matching.c:282:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(sp, noEscSeq, strlen(noEscSeq)) == 0)
data/cfengine3-3.15.2/libpromises/matching.c:284:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strEscSz <= strEscPos + strlen(noEscSeq))
data/cfengine3-3.15.2/libpromises/matching.c:293:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strEscPos += strlen(noEscSeq);
data/cfengine3-3.15.2/libpromises/matching.c:294:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sp += strlen(noEscSeq);
data/cfengine3-3.15.2/libpromises/math_eval.c:80:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, ctx->input, max_size); \
data/cfengine3-3.15.2/libpromises/math_eval.c:81:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(ctx->input)+1; \
data/cfengine3-3.15.2/libpromises/math_eval.c:84:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = strlen(buf); \
data/cfengine3-3.15.2/libpromises/monitoring_read.c:167:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = fgetc(f);
data/cfengine3-3.15.2/libpromises/ornaments.c:97:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int tail = strlen(last_line);
data/cfengine3-3.15.2/libpromises/ornaments.c:138:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(handle, "");
data/cfengine3-3.15.2/libpromises/ornaments.c:143:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(handle) > 0)
data/cfengine3-3.15.2/libpromises/pipes.c:88:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t res = read(fd, buff, sizeof(buff) - 1);
data/cfengine3-3.15.2/libpromises/pipes.c:138:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (data == NULL || strlen(data) == 0)
data/cfengine3-3.15.2/libpromises/pipes.c:148:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssize_t wrt = write(io->write_fd, data, strlen(data));
data/cfengine3-3.15.2/libpromises/pipes.c:179:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PipeWrite(&io, data) != strlen(data))
data/cfengine3-3.15.2/libpromises/pipes.c:220:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (PipeWrite(&io, request) != strlen(request))
data/cfengine3-3.15.2/libpromises/pipes_unix.c:489:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chrootv && (strlen(chrootv) != 0))
data/cfengine3-3.15.2/libpromises/pipes_unix.c:498:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chdirv && (strlen(chdirv) != 0))
data/cfengine3-3.15.2/libpromises/pipes_unix.c:695:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chrootv && (strlen(chrootv) != 0))
data/cfengine3-3.15.2/libpromises/pipes_unix.c:704:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chdirv && (strlen(chdirv) != 0))
data/cfengine3-3.15.2/libpromises/policy.c:1415:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (classes && strlen(classes) > 0)
data/cfengine3-3.15.2/libpromises/policy.c:1661:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *buffer = BufferNewWithCapacity(strlen(rval.item));
data/cfengine3-3.15.2/libpromises/processes_select.c:680:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t linelen = strlen(line);
data/cfengine3-3.15.2/libpromises/processes_select.c:1034:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrintStringIndexLine(18, strlen(proc));
data/cfengine3-3.15.2/libpromises/processes_select.c:1085:17: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(sp, "%15s", title) == 1)
data/cfengine3-3.15.2/libpromises/promises.c:310:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char body_name[strlen(cp->lval) + 6];
data/cfengine3-3.15.2/libpromises/promises.c:552:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int this_len = strlen("$(this.promiser)");
data/cfengine3-3.15.2/libpromises/rlist.c:412:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int repl_len = strlen(repl);
data/cfengine3-3.15.2/libpromises/rlist.c:1046:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t consume = (end == NULL) ? strlen(from) : (end - from);
data/cfengine3-3.15.2/libpromises/rlist.c:1081:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(sp - string <= strlen(string));
data/cfengine3-3.15.2/libpromises/rlist.c:1125:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(sp - string <= strlen(string));
data/cfengine3-3.15.2/libpromises/rlist.c:1183:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t remaining = strlen(sp);
data/cfengine3-3.15.2/libpromises/sort.c:232:24: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
matched_left = sscanf(lhs, "%lf%4095s", &left, remainder) > 0;
data/cfengine3-3.15.2/libpromises/sort.c:237:25: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
matched_right = sscanf(rhs, "%lf%4095s", &right, remainder) > 0;
data/cfengine3-3.15.2/libpromises/sort.c:283:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *left_buffer = BufferNewFrom(left_item, strlen(left_item));
data/cfengine3-3.15.2/libpromises/sort.c:284:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer *right_buffer = BufferNewFrom(right_item, strlen(right_item));
data/cfengine3-3.15.2/libpromises/sort.c:329:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(input) > 12)
data/cfengine3-3.15.2/libpromises/syntax.c:442:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string);
data/cfengine3-3.15.2/libpromises/syntax.c:469:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (BufferSize(inner_value) == strlen(string))
data/cfengine3-3.15.2/libpromises/syntax.c:498:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) == 0)
data/cfengine3-3.15.2/libpromises/syntax.c:550:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) == 0)
data/cfengine3-3.15.2/libpromises/syslog_client.c:51:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(host) < sizeof(SYSLOG_HOST))
data/cfengine3-3.15.2/libpromises/syslog_client.c:125:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err = sendto(sd, message, strlen(message),
data/cfengine3-3.15.2/libpromises/var_expressions.c:58:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ref->scope);
data/cfengine3-3.15.2/libpromises/var_expressions.c:445:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, ns, strlen(ns));
data/cfengine3-3.15.2/libpromises/var_expressions.c:447:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, ref->scope, strlen(ref->scope));
data/cfengine3-3.15.2/libpromises/var_expressions.c:451:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, ref->lval, strlen(ref->lval));
data/cfengine3-3.15.2/libpromises/var_expressions.c:456:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
BufferAppend(buf, ref->indices[i], strlen(ref->indices[i]));
data/cfengine3-3.15.2/libpromises/var_expressions.c:515:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(ref->scope);
data/cfengine3-3.15.2/libpromises/var_expressions.c:516:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ref->scope, StringSubstring(ref->scope, len, 0, len - strlen("_meta")), len - strlen("_meta"));
data/cfengine3-3.15.2/libpromises/var_expressions.c:516:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ref->scope, StringSubstring(ref->scope, len, 0, len - strlen("_meta")), len - strlen("_meta"));
data/cfengine3-3.15.2/libpromises/vars.c:81:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int vlen = strlen(v);
data/cfengine3-3.15.2/libpromises/verify_classes.c:44:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ParseResult res = ParseExpression(str, 0, strlen(str));
data/cfengine3-3.15.2/libpromises/verify_classes.c:51:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return res.result && res.position == strlen(str);
data/cfengine3-3.15.2/libpromises/verify_reports.c:66:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(a.report.result) > 0)
data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/027.c:29:32: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
boxes[minblocks] = strncpy((char *) malloc(2), s, 2);
data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/027.c:46:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(key);
data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/staging/028.c:34:30: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
boxes[box] = strncpy((char *) malloc(3), s, 3);
data/cfengine3-3.15.2/tests/acceptance/02_classes/01_basic/staging/028.c:52:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(key);
data/cfengine3-3.15.2/tests/acceptance/25_cf-execd/cf-execd-rpl-functions.c:38:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define COND_SEND(X) if (send(socket, X, strlen(X), 0) == -1) \
data/cfengine3-3.15.2/tests/acceptance/25_cf-execd/cf-execd-rpl-functions.c:45:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(X, strlen(X), 1, stdout); \
data/cfengine3-3.15.2/tests/load/lastseen_threaded_load.c:365:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ret = read(CHILDREN_OUTPUTS[j],
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:125:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
ParseHostPort(strcpy(test_string, ""), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/addr_lib_test.c:140:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
ParseHostPort(strcpy(test_string, ":"), &hostname, &port);
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:74:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ksize = CHANGES_HASH_FILE_NAME_OFFSET + strlen(checksum_key[c] + CHANGES_HASH_FILE_NAME_OFFSET) + 1;
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:75:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int vsize = strlen(CHECKSUM_VALUE[c]) + 1;
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:145:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(checksum_key[c] + 2 + CHANGES_HASH_FILE_NAME_OFFSET) + 1;
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:147:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(vsize, strlen(CHECKSUM_VALUE[c]) + 1);
data/cfengine3-3.15.2/tests/unit/changes_migration_test.c:154:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int vsize = ValueSizeDB(db, filestat_key[c], strlen(filestat_key[c]) + 1);
data/cfengine3-3.15.2/tests/unit/cmockery.c:826:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (!equal)
data/cfengine3-3.15.2/tests/unit/cmockery.c:830:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/cfengine3-3.15.2/tests/unit/cmockery.c:1731:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(xml_tmp);
data/cfengine3-3.15.2/tests/unit/cmockery.c:1886:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
timestamp[strlen(timestamp)-1] = '\0';
data/cfengine3-3.15.2/tests/unit/cmockery.c:1927:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(suitename, "");
data/cfengine3-3.15.2/tests/unit/cmockery.c:1928:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(suitename, filename, len);
data/cfengine3-3.15.2/tests/unit/crypto_symmetric_test.c:43:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plaintext_len = strlen(PLAINTEXT) + 1;
data/cfengine3-3.15.2/tests/unit/crypto_symmetric_test.c:64:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(plaintext_len, strlen(PLAINTEXT) + 1);
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:77:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(db, key, val, strlen(val) + 1);
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:85:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WriteDB(db, key, val, strlen(val) + 1);
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:97:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, key, strlen(key)+1), false);
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:99:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, key, strlen(key)+1), true);
data/cfengine3-3.15.2/tests/unit/db_concurrent_test.c:101:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, key, strlen(key)+1), true);
data/cfengine3-3.15.2/tests/unit/db_test.c:51:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int vsize = strlen(value) + 1;
data/cfengine3-3.15.2/tests/unit/db_test.c:58:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(value, "");
data/cfengine3-3.15.2/tests/unit/db_test.c:66:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(value, "");
data/cfengine3-3.15.2/tests/unit/db_test.c:193:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_true(WriteDB(db, "key", "first_value", strlen("first_value") + 1));
data/cfengine3-3.15.2/tests/unit/db_test.c:208:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_true(WriteDB(db, "key", "second_value", strlen("second_value") + 1));
data/cfengine3-3.15.2/tests/unit/expand_test.c:33:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(scalar);
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:64:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert_true(read > 0);
data/cfengine3-3.15.2/tests/unit/files_interfaces_test.c:85:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert_true(read > 0);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:122:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SPAWN_PROCESS = malloc(strlen(argv[c]) + strlen(argv[c+1]) + 2);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:122:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SPAWN_PROCESS = malloc(strlen(argv[c]) + strlen(argv[c+1]) + 2);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:135:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SPAWN_PROCESS_ON_SIGNAL = malloc(strlen(argv[c]) + strlen(argv[c+1]) + 2);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:135:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SPAWN_PROCESS_ON_SIGNAL = malloc(strlen(argv[c]) + strlen(argv[c+1]) + 2);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:164:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PIDFILE = malloc(strlen(piddir) + strlen(file) + 6);
data/cfengine3-3.15.2/tests/unit/init_script_test_helper.c:164:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PIDFILE = malloc(strlen(piddir) + strlen(file) + 6);
data/cfengine3-3.15.2/tests/unit/iteration_test.c:168:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MangleVarRefString(s, strlen(s));
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:107:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(ksize, strlen("version") + 1);
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:171:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(expected_old_key) + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_migration_test.c:174:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "version", strlen("version") + 1), true);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:24:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define DBHasStr(dbh, s) HasKeyDB(dbh, s, strlen(s)+1)
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:25:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define DBPutStr(dbh, k, s) WriteDB(dbh, k, s, strlen(s)+1)
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:132:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(WriteDB(db, "a127.0.0.64", "SHA-98765", strlen("SHA-98765") + 1), true);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:186:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "qiSHA-12345", strlen("qiSHA-12345") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:187:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "qoSHA-12345", strlen("qoSHA-12345") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:188:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "kSHA-12345", strlen("kSHA-12345") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:189:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "a127.0.0.64", strlen("a127.0.0.64") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:207:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "qiSHA-12345", strlen("qiSHA-12345") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:208:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "qoSHA-12345", strlen("qoSHA-12345") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:209:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "kSHA-12345", strlen("kSHA-12345") + 1), false);
data/cfengine3-3.15.2/tests/unit/lastseen_test.c:210:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(HasKeyDB(db, "a127.0.0.64", strlen("a127.0.0.64") + 1), false);
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:48:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read(int fd, void *buffer, ARG_UNUSED size_t buf_size)
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:52:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (filepos[0] < strlen(filecontents[0]))
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:54:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(buffer, filecontents[0], strlen(filecontents[0]));
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:55:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filepos[0] = strlen(filecontents[0]);
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:56:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(filecontents[0]);
data/cfengine3-3.15.2/tests/unit/linux_process_test.c:79:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (filepos[1] < strlen(filecontents[1]))
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:224:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(DIALUP) < sizeof(address.sun_path));
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:309:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(DIALUP) < sizeof(address.sun_path));
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:387:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t msglen = message ? strlen(message) : sizeof(FALLBACK);
data/cfengine3-3.15.2/tests/unit/passopenfile_test.c:459:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t msglen = message ? strlen(message) : sizeof(FALLBACK);
data/cfengine3-3.15.2/tests/unit/process_test.c:95:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/cfengine3-3.15.2/tests/unit/process_test.c:113:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/cfengine3-3.15.2/tests/unit/process_test.c:131:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/cfengine3-3.15.2/tests/unit/redirection_test.c:60:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(strlen(message), read(fd, message_back, strlen(message)));
data/cfengine3-3.15.2/tests/unit/redirection_test.c:60:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert_int_equal(strlen(message), read(fd, message_back, strlen(message)));
data/cfengine3-3.15.2/tests/unit/redirection_test.c:60:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert_int_equal(strlen(message), read(fd, message_back, strlen(message)));
data/cfengine3-3.15.2/tests/unit/redirection_test_stub.c:16:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = write(output, text, strlen(text));
data/cfengine3-3.15.2/tests/unit/solaris_process_test.c:44:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read(int fd, void *buf, size_t bufsize)
data/cfengine3-3.15.2/tests/unit/sort_test.c:91:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(lhs) < strlen(rhs);
data/cfengine3-3.15.2/tests/unit/sort_test.c:91:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(lhs) < strlen(rhs);
data/cfengine3-3.15.2/tests/unit/string_expressions_test.c:44:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
StringParseResult res = ParseStringExpression(string_expression, 0, strlen(string_expression));
ANALYSIS SUMMARY:
Hits = 3090
Lines analyzed = 212927 in approximately 5.61 seconds (37939 lines/second)
Physical Source Lines of Code (SLOC) = 151332
Hits@level = [0] 1115 [1] 1036 [2] 1530 [3] 94 [4] 381 [5] 49
Hits@level+ = [0+] 4205 [1+] 3090 [2+] 2054 [3+] 524 [4+] 430 [5+] 49
Hits/KSLOC@level+ = [0+] 27.7866 [1+] 20.4187 [2+] 13.5728 [3+] 3.46259 [4+] 2.84143 [5+] 0.323791
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.