Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/hcxdumptool-6.0.5/include/byteops.c Examining data/hcxdumptool-6.0.5/include/hashops.c Examining data/hcxdumptool-6.0.5/include/hashops.h Examining data/hcxdumptool-6.0.5/include/hcxdumptool.h Examining data/hcxdumptool-6.0.5/include/ieee80211.c Examining data/hcxdumptool-6.0.5/include/ieee80211.h Examining data/hcxdumptool-6.0.5/include/pcap.c Examining data/hcxdumptool-6.0.5/include/pcap.h Examining data/hcxdumptool-6.0.5/include/rpigpio.h Examining data/hcxdumptool-6.0.5/include/strings.c Examining data/hcxdumptool-6.0.5/include/wireless-lite.h Examining data/hcxdumptool-6.0.5/hcxpioff.c Examining data/hcxdumptool-6.0.5/hcxdumptool.c FINAL RESULTS: data/hcxdumptool-6.0.5/hcxdumptool.c:368:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("poweroff") != 0) data/hcxdumptool-6.0.5/hcxdumptool.c:376:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("reboot") != 0) data/hcxdumptool-6.0.5/hcxdumptool.c:4637:6: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen(unwantedname,"r"); data/hcxdumptool-6.0.5/hcxdumptool.c:5125:1: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(linein, "%"SCNu16, &bpf.len); data/hcxdumptool-6.0.5/hcxdumptool.c:5142:2: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. sscanf(linein, "%" SCNu16 "%" SCNu8 "%" SCNu8 "%" SCNu32, &zeiger->code, &zeiger->jt, &zeiger->jf, &zeiger->k); data/hcxdumptool-6.0.5/hcxpioff.c:45:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("poweroff") != 0) data/hcxdumptool-6.0.5/hcxpioff.c:53:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if(system("reboot") != 0) data/hcxdumptool-6.0.5/include/pcap.c:244:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(sysinfo, "%s %s", unameData.sysname, unameData.release); data/hcxdumptool-6.0.5/include/pcap.c:246:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(sysinfo, "hcxdumptool %s", VERSION_TAG); data/hcxdumptool-6.0.5/include/pcap.c:274:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newpcapngoutname, pcapngdumpname); data/hcxdumptool-6.0.5/hcxdumptool.c:5458:1: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/hcxdumptool-6.0.5/hcxdumptool.c:5899:18: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((auswahl = getopt_long(argc, argv, short_options, long_options, &index)) != -1) data/hcxdumptool-6.0.5/hcxpioff.c:335:18: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while((auswahl = getopt_long(argc, argv, short_options, long_options, &index)) != -1) data/hcxdumptool-6.0.5/hcxdumptool.c:225:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char drivername[34]; data/hcxdumptool-6.0.5/hcxdumptool.c:226:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char driverversion[34]; data/hcxdumptool-6.0.5/hcxdumptool.c:227:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char driverfwversion[ETHTOOL_FWVERS_LEN +2]; data/hcxdumptool-6.0.5/hcxdumptool.c:240:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char weakcandidate[64]; data/hcxdumptool-6.0.5/hcxdumptool.c:259:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char nmeatempsentence[NMEA_MAX]; data/hcxdumptool-6.0.5/hcxdumptool.c:260:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char nmeasentence[NMEA_MAX]; data/hcxdumptool-6.0.5/hcxdumptool.c:262:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char servermsg[SERVERMSG_MAX]; data/hcxdumptool-6.0.5/hcxdumptool.c:396:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:408:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:420:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:421:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char essidstring[ESSID_LEN_MAX *2 +1]; data/hcxdumptool-6.0.5/hcxdumptool.c:458:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char gpwpl[NMEA_MAX]; data/hcxdumptool-6.0.5/hcxdumptool.c:493:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbhdr->pen, &hcxmagic, 4); data/hcxdumptool-6.0.5/hcxdumptool.c:494:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbhdr->hcxm, &hcxmagic, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:636:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, essid, essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:675:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:676:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, client, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:845:92: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if(((zeiger->akm &TAK_PSK) == TAK_PSK) || ((zeiger->akm &TAK_PSKSHA256) == TAK_PSKSHA256)) memcpy(zeiger->pmkid, ieptr, 16); data/hcxdumptool-6.0.5/hcxdumptool.c:869:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, &tagptr->data[0], tagptr->len); data/hcxdumptool-6.0.5/hcxdumptool.c:898:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:902:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macsta, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:903:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:904:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:925:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:929:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, client, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:930:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:931:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:973:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:977:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:978:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, zeiger->client, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:979:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:986:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stacapa->addr, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:988:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESREQSTA_SIZE +IETAG_SIZE], zeiger->essid, zeiger->essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:989:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESREQSTA_SIZE +zeiger->essidlen +IETAG_SIZE], &reassociationrequestwpa1data, REASSOCIATIONREQUESTWPA1_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1031:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1035:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1036:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, zeiger->client, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1037:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1044:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stacapa->addr, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1046:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESREQSTA_SIZE +IETAG_SIZE], zeiger->essid, zeiger->essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:1047:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESREQSTA_SIZE +zeiger->essidlen +IETAG_SIZE], &reassociationrequestwpa2data, REASSOCIATIONREQUESTWPA2_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1069:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1073:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1105:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1109:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1110:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1111:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1115:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &reassociationresponsedata, REASSOCIATIONRESPONSE_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1148:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1152:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, &lastauthclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1153:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &lastauthap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1154:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, &lastauthap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1159:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &llcdata, LLC_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1160:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +LLC_SIZE], &wpa2data, WPA2_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1163:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +LLC_SIZE +0x11], &myanonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:1205:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1209:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, &lastauthclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1210:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &lastauthap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1211:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, &lastauthap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1216:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &llcdata, LLC_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1217:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +LLC_SIZE], &wpa1data, WPA1_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1220:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +LLC_SIZE +0x11], &myanonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:1279:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1283:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1284:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1285:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1289:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &associationrequestcapa, ASSOCIATIONREQUESTCAPA_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1291:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +ASSOCIATIONREQUESTCAPA_SIZE +IETAG_SIZE], zeiger->essid, zeiger->essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:1292:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +ASSOCIATIONREQUESTCAPA_SIZE +zeiger->essidlen +IETAG_SIZE], &associationrequestwpa2data, ASSOCIATIONREQUESTWPA2_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1343:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1347:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1348:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1349:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, zeiger->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1353:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &associationrequestcapa, ASSOCIATIONREQUESTCAPA_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1355:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +ASSOCIATIONREQUESTCAPA_SIZE +IETAG_SIZE], zeiger->essid, zeiger->essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:1356:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +ASSOCIATIONREQUESTCAPA_SIZE +zeiger->essidlen +IETAG_SIZE], &associationrequestwpa1data, ASSOCIATIONREQUESTWPA1_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1390:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1394:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1395:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1396:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1400:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &associationresponsedata, ASSOCIATIONRESPONSE_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1452:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1456:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1457:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1458:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1462:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &authenticationresponsedata, AUTHENTICATIONRESPONSE_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1485:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1489:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1490:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1491:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1495:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &authenticationrequestdata, MYAUTHENTICATIONREQUEST_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1532:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1536:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1537:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myapopen, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1538:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, &mac_myapopen, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1546:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE], &proberesponsedata, PROBERESPONSE_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1594:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1598:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, client, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1599:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, zeigerap->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1600:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, zeigerap->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1609:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +IETAG_SIZE], zeigerap->essid, zeigerap->essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:1610:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +IETAG_SIZE +zeigerap->essidlen], &proberesponsedata, PROBERESPONSE_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1635:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1639:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1640:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myprclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1641:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1646:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +IETAG_SIZE], essid, essid_len); data/hcxdumptool-6.0.5/hcxdumptool.c:1647:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +IETAG_SIZE +essid_len], &directedproberequestdata, DIRECTEDPROBEREQUEST_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1672:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1676:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, &mac_broadcast, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1677:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myprclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1678:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, &mac_broadcast, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1681:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM], &undirectedproberequestdata, UNDIRECTEDPROBEREQUEST_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1730:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1734:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, &mac_broadcast, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1735:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, rgbeaconptr->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1736:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, rgbeaconptr->ap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1745:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +IETAG_SIZE], rgbeaconptr->essid, rgbeaconptr->essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:1746:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE +IETAG_SIZE +rgbeaconptr->essidlen], &reactivebeacondata, REACTIVEBEACON_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1802:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1806:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, &mac_broadcast, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1807:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myaphidden, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1808:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, &mac_myaphidden, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1816:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE], &bcbeacondata, BCBEACON_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1857:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packetoutptr, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1861:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, &mac_broadcast, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1862:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, &mac_myapopen, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1863:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, &mac_myapopen, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1871:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetoutptr[HDRRT_SIZE +MAC_SIZE_NORM +CAPABILITIESAP_SIZE], &bcbeacondata, BCBEACON_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1914:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetout, &hdradiotap, HDRRT_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1918:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr1, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1919:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr2, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1920:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(macftx->addr3, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:1924:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&packetout[HDRRT_SIZE +MAC_SIZE_QOS], &requestidentitydata, REQUESTIDENTITY_SIZE); data/hcxdumptool-6.0.5/hcxdumptool.c:1940:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:1941:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char essidstring[ESSID_LEN_MAX *2 +1]; data/hcxdumptool-6.0.5/hcxdumptool.c:2046:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2047:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2087:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2088:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2136:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2137:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2177:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2178:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2270:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&keymic, wpak->keymic, 16); data/hcxdumptool-6.0.5/hcxdumptool.c:2277:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr, "Pairwise key expansion", 23); data/hcxdumptool-6.0.5/hcxdumptool.c:2280:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +23, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2281:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +29, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2285:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +23, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2286:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +29, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2291:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +35, anonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2292:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +67, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2296:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +35, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2297:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +67, anonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2314:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr, "Pairwise key expansion", 22); data/hcxdumptool-6.0.5/hcxdumptool.c:2317:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +22, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2318:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +28, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2322:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +22, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2323:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pkeptr +28, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2327:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +34, anonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2328:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +66, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2332:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +34, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2333:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkeptr +66, anonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2349:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:2350:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char essidstring[ESSID_LEN_MAX *2 +1]; data/hcxdumptool-6.0.5/hcxdumptool.c:2490:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2491:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2526:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastanonce, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2532:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2533:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastclient, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2582:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastsnonce, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2589:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2590:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2606:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&salt, pmkname, 8); data/hcxdumptool-6.0.5/hcxdumptool.c:2607:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&salt[8], macap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2608:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&salt[14], macclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2620:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:2621:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char essidstring[ESSID_LEN_MAX *2 +1]; data/hcxdumptool-6.0.5/hcxdumptool.c:2719:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastclient, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2720:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2750:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastclient, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2751:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2755:47: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if((statusout &STATUS_EAPOL) == STATUS_EAPOL) memcpy(&lastanonce, wpak->nonce, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:2850:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2860:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2877:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2887:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2904:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2914:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2933:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2972:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:2996:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3018:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3039:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3072:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3109:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3120:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3121:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3129:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3153:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3154:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3156:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3173:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3174:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3182:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3183:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3225:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3262:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3273:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3274:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3282:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1,6); data/hcxdumptool-6.0.5/hcxdumptool.c:3283:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2,6); data/hcxdumptool-6.0.5/hcxdumptool.c:3295:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3308:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3309:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3311:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3328:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3329:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3337:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3338:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lastauthclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3387:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3440:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3441:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->client, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3489:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr1, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3491:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3493:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mac_myprclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3522:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, &mac_myap, 3); data/hcxdumptool-6.0.5/hcxdumptool.c:3528:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3530:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mac_myprclient, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3561:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3568:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3586:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3593:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3615:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:3623:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->id, pagidptr, 64); data/hcxdumptool-6.0.5/hcxdumptool.c:3697:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3704:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3763:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:3770:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, tags.essidlen); data/hcxdumptool-6.0.5/hcxdumptool.c:3807:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:3854:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nmeasentence, nmeaptr, nmealen +1); data/hcxdumptool-6.0.5/hcxdumptool.c:4176:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestring[16]; data/hcxdumptool-6.0.5/hcxdumptool.c:4212:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, ESSID_LEN_MAX); data/hcxdumptool-6.0.5/hcxdumptool.c:4220:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:4223:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, ESSID_LEN_MAX); data/hcxdumptool-6.0.5/hcxdumptool.c:4254:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, macfrx->addr2, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:4257:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, tags.essid, ESSID_LEN_MAX); data/hcxdumptool-6.0.5/hcxdumptool.c:4558:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char serverstatus[SERVERSTATUS_MAX]; data/hcxdumptool-6.0.5/hcxdumptool.c:4633:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char pidline[1024]; data/hcxdumptool-6.0.5/hcxdumptool.c:4739:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nmeasentence, nogps, 3); data/hcxdumptool-6.0.5/hcxdumptool.c:4743:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fd_gps = open(gpsname, O_RDONLY)) < 0) data/hcxdumptool-6.0.5/hcxdumptool.c:4974:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mac_orig, epmaddr->data, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:4986:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&drivername, drvinfo.driver, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:4987:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&driverversion, drvinfo.version, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:4988:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&driverfwversion, drvinfo.fw_version, ETHTOOL_FWVERS_LEN); data/hcxdumptool-6.0.5/hcxdumptool.c:5030:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char linein[ESSID_LEN_MAX]; data/hcxdumptool-6.0.5/hcxdumptool.c:5032:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fh_extbeacon = fopen(listname, "r")) == NULL) data/hcxdumptool-6.0.5/hcxdumptool.c:5048:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->ap, &mac_myap, 3); data/hcxdumptool-6.0.5/hcxdumptool.c:5054:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zeiger->essid, linein, len); data/hcxdumptool-6.0.5/hcxdumptool.c:5070:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char linein[FILTERLIST_LINE_LEN]; data/hcxdumptool-6.0.5/hcxdumptool.c:5072:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fh_filter = fopen(listname, "r")) == NULL) data/hcxdumptool-6.0.5/hcxdumptool.c:5112:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char linein[128]; data/hcxdumptool-6.0.5/hcxdumptool.c:5114:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fh_filter = fopen(bpfname, "r")) == NULL) data/hcxdumptool-6.0.5/hcxdumptool.c:5155:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_mem = open("/dev/mem", O_RDWR|O_SYNC); data/hcxdumptool-6.0.5/hcxdumptool.c:5183:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char linein[128]; data/hcxdumptool-6.0.5/hcxdumptool.c:5185:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh_rpi = fopen("/proc/cpuinfo", "r"); data/hcxdumptool-6.0.5/hcxdumptool.c:5276:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). channelscanlist[cpa] = atoi(ptr); data/hcxdumptool-6.0.5/hcxdumptool.c:5398:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(permaddr, epmaddr->data, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:5410:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(drivername, drvinfo.driver, 32); data/hcxdumptool-6.0.5/hcxdumptool.c:5422:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char drivername[32]; data/hcxdumptool-6.0.5/hcxdumptool.c:5536:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rglist->ap, &mac_myap, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:5538:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rglist->essid, &myessid, 4); data/hcxdumptool-6.0.5/hcxdumptool.c:5547:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mac_myprclient, &mac_myclient, 6); data/hcxdumptool-6.0.5/hcxdumptool.c:5567:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&nmeasentence, ¬available, 3); data/hcxdumptool-6.0.5/hcxdumptool.c:5570:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&weakcandidate, weakcandidatedefault, 8); data/hcxdumptool-6.0.5/hcxdumptool.c:6202:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&weakcandidate, weakcandidateuser, weakcandidatelenuser); data/hcxdumptool-6.0.5/hcxdumptool.c:6285:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fh_nmea = fopen(nmeaoutname, "a")) == NULL) data/hcxdumptool-6.0.5/hcxpioff.c:99:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd_mem = open("/dev/mem", O_RDWR|O_SYNC); data/hcxdumptool-6.0.5/hcxpioff.c:127:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char linein[128]; data/hcxdumptool-6.0.5/hcxpioff.c:129:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh_rpi = fopen("/proc/cpuinfo", "r"); data/hcxdumptool-6.0.5/include/hcxdumptool.h:260:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[64]; data/hcxdumptool-6.0.5/include/ieee80211.h:146:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devname[WLAN_DEVNAMELEN_MAX]; data/hcxdumptool-6.0.5/include/pcap.c:26:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(optionhdr->option_data, option, optionlen); data/hcxdumptool-6.0.5/include/pcap.c:38:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pospt +colen, &hcxmagic, 4); data/hcxdumptool-6.0.5/include/pcap.c:40:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pospt +colen, &hcxmagic, 32); data/hcxdumptool-6.0.5/include/pcap.c:54:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pospt +colen, &hcxmagic, 4); data/hcxdumptool-6.0.5/include/pcap.c:56:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pospt +colen, &hcxmagic, 32); data/hcxdumptool-6.0.5/include/pcap.c:88:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbhdr->pen, &hcxmagic, 4); data/hcxdumptool-6.0.5/include/pcap.c:89:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cbhdr->hcxm, &hcxmagic, 32); data/hcxdumptool-6.0.5/include/pcap.c:184:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vendor[6]; data/hcxdumptool-6.0.5/include/pcap.c:185:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tr[1]; data/hcxdumptool-6.0.5/include/pcap.c:197:1: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&vendor, macorig, 3); data/hcxdumptool-6.0.5/include/pcap.c:225:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sysinfo[256]; data/hcxdumptool-6.0.5/include/pcap.c:271:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newpcapngoutname[PATH_MAX +2]; data/hcxdumptool-6.0.5/include/pcap.c:282:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(newpcapngoutname, O_WRONLY | O_CREAT, 0644); data/hcxdumptool-6.0.5/include/pcap.h:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char option_data[1]; data/hcxdumptool-6.0.5/include/wireless-lite.h:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[IFNAMSIZ]; data/hcxdumptool-6.0.5/include/wireless-lite.h:87:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifrn_name[IFNAMSIZ]; data/hcxdumptool-6.0.5/hcxdumptool.c:324:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( ifr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:401:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:412:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:429:112: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:448:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:2014:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:2445:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:2701:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:3629:112: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:3810:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pwrq.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:3819:112: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:3830:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pwrq.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4073:111: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(((statusout &STATUS_SERVER) == STATUS_SERVER) && (fd_socket_mcsrv > 0)) sendto(fd_socket_mcsrv, servermsg, strlen(servermsg), 0, (struct sockaddr*)&mcsrvaddress, sizeof(mcsrvaddress)); data/hcxdumptool-6.0.5/hcxdumptool.c:4267:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). packetlen = read(fd_socket, epb +EPB_SIZE, PCAPNG_MAXSNAPLEN); data/hcxdumptool-6.0.5/hcxdumptool.c:4443:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pwrq.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4592:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). msglen = read(fd_socket_mccli, serverstatus, SERVERSTATUS_MAX); data/hcxdumptool-6.0.5/hcxdumptool.c:4847:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr_old.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4854:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(iwr_old.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4863:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( ifr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4876:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( iwr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4889:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( iwr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4907:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( ifr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4922:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( iwr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4927:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( ifr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4960:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:4977:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:5020:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffptr); data/hcxdumptool-6.0.5/hcxdumptool.c:5301:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pwrq.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:5309:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pwrq.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:5324:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( pwrq.ifr_name, interfacename, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:5363:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(iwr.ifr_name, ifname, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:5381:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, ifname, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:5400:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifr.ifr_name, ifname, IFNAMSIZ -1); data/hcxdumptool-6.0.5/hcxdumptool.c:6015:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). weakcandidatelenuser = strlen(weakcandidateuser); data/hcxdumptool-6.0.5/hcxpioff.c:90:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buffptr); data/hcxdumptool-6.0.5/include/pcap.c:195:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). idblen += addoption(idb +idblen, IF_NAME, strlen(interfacestr), interfacestr); data/hcxdumptool-6.0.5/include/pcap.c:243:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). shblen += addoption(shb +shblen, SHB_HARDWARE, strlen(unameData.machine), unameData.machine); data/hcxdumptool-6.0.5/include/pcap.c:245:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). shblen += addoption(shb +shblen, SHB_OS, strlen(sysinfo), sysinfo); data/hcxdumptool-6.0.5/include/pcap.c:247:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). shblen += addoption(shb +shblen, SHB_USER_APPL, strlen(sysinfo), sysinfo); data/hcxdumptool-6.0.5/include/pcap.c:281:1: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(0); data/hcxdumptool-6.0.5/include/strings.c:46:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(pos = 0; ((pos < (blen*2)) && (pos < strlen(str))); pos += 2) data/hcxdumptool-6.0.5/include/strings.c:59:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(string); ANALYSIS SUMMARY: Hits = 354 Lines analyzed = 8745 in approximately 0.33 seconds (26440 lines/second) Physical Source Lines of Code (SLOC) = 7980 Hits@level = [0] 133 [1] 42 [2] 299 [3] 3 [4] 10 [5] 0 Hits@level+ = [0+] 487 [1+] 354 [2+] 312 [3+] 13 [4+] 10 [5+] 0 Hits/KSLOC@level+ = [0+] 61.0276 [1+] 44.3609 [2+] 39.0977 [3+] 1.62907 [4+] 1.25313 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.