Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/jabber-muc-0.8/include/jabberd.h Examining data/jabber-muc-0.8/include/jcomp-compat.h Examining data/jabber-muc-0.8/include/ns.h Examining data/jabber-muc-0.8/include/hash.h Examining data/jabber-muc-0.8/include/fields.h Examining data/jabber-muc-0.8/include/lib.h Examining data/jabber-muc-0.8/include/conference.h Examining data/jabber-muc-0.8/include/jcomp.h Examining data/jabber-muc-0.8/src/jcomp/jcr_log.c Examining data/jabber-muc-0.8/src/jcomp/jcr_base_connect.c Examining data/jabber-muc-0.8/src/jcomp/jcr_main_stream_error.c Examining data/jabber-muc-0.8/src/jcomp/jcr_compatibility.c Examining data/jabber-muc-0.8/src/jcomp/jcr_deliver.c Examining data/jabber-muc-0.8/src/jcomp/jcr_shutdown.c Examining data/jabber-muc-0.8/src/jcomp/jcr_elements.c Examining data/jabber-muc-0.8/src/jcomp/jcr_xdb.c Examining data/jabber-muc-0.8/src/jabberd/expat.c Examining data/jabber-muc-0.8/src/jabberd/jpacket.c Examining data/jabber-muc-0.8/src/jabberd/snprintf.c Examining data/jabber-muc-0.8/src/jabberd/jid.c Examining data/jabber-muc-0.8/src/jabberd/xmlnode.c Examining data/jabber-muc-0.8/src/jabberd/jutil.c Examining data/jabber-muc-0.8/src/jabberd/str.c Examining data/jabber-muc-0.8/src/jabberd/pool.c Examining data/jabber-muc-0.8/src/jabberd/sha.c Examining data/jabber-muc-0.8/src/utils.c Examining data/jabber-muc-0.8/src/xdata.c Examining data/jabber-muc-0.8/src/conference_room.c Examining data/jabber-muc-0.8/src/hash.c Examining data/jabber-muc-0.8/src/main.c Examining data/jabber-muc-0.8/src/roles.c Examining data/jabber-muc-0.8/src/conference_user.c Examining data/jabber-muc-0.8/src/mysql.c Examining data/jabber-muc-0.8/src/conference.c Examining data/jabber-muc-0.8/src/admin.c Examining data/jabber-muc-0.8/src/iq.c Examining data/jabber-muc-0.8/src/xdb.c FINAL RESULTS: data/jabber-muc-0.8/include/lib.h:63:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf ap_snprintf data/jabber-muc-0.8/include/lib.h:68:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf ap_vsnprintf data/jabber-muc-0.8/src/conference.c:113:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer,"%s%i%i",jid_node,(int)current_time,rand()); data/jabber-muc-0.8/src/conference.c:115:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(ret,"%s",buffer); data/jabber-muc-0.8/src/conference_room.c:487:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nick, "%s", user->realid->user); data/jabber-muc-0.8/src/conference_room.c:489:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nick, "%s%d", user->realid->user,count++); data/jabber-muc-0.8/src/jabberd/jid.c:195:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(in_out_buffer, preped->preped); data/jabber-muc-0.8/src/jabberd/jid.c:338:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(biggerbuffer, id->server); data/jabber-muc-0.8/src/jabberd/jid.c:374:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(biggerbuffer, id->user); data/jabber-muc-0.8/src/jabberd/jid.c:414:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(biggerbuffer, id->resource); data/jabber-muc-0.8/src/jabberd/jutil.c:313:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(keydb[last],shahash(strint)); data/jabber-muc-0.8/src/jabberd/jutil.c:316:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(seeddb[last],shahash(seed)); data/jabber-muc-0.8/src/jabberd/snprintf.c:429:23: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). *len = strlen(strcpy(buf, p)); data/jabber-muc-0.8/src/jcomp/jcr_deliver.c:121:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(t.msg,err); data/jabber-muc-0.8/src/jcomp/jcr_log.c:81:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(logmsg, 512, fmt, ap); data/jabber-muc-0.8/src/jcomp/jcr_log.c:94:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(logmsg, 512, fmt, ap); data/jabber-muc-0.8/src/jcomp/jcr_log.c:107:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(logmsg, 512, fmt, ap); data/jabber-muc-0.8/src/jcomp/jcr_log.c:120:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(logmsg, 512, fmt, ap); data/jabber-muc-0.8/src/jcomp/jcr_log.c:133:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(logmsg, 512, fmt, ap); data/jabber-muc-0.8/src/jabberd/jutil.c:305:9: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/jabber-muc-0.8/src/main.c:57:15: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "Bshd:c:")) != EOF) data/jabber-muc-0.8/include/conference.h:208:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64]; data/jabber-muc-0.8/include/conference.h:214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64]; data/jabber-muc-0.8/include/lib.h:124:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shahash_r(const char* str, char hashbuf[40]); /* USE ME */ data/jabber-muc-0.8/include/lib.h:311:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shaFinal(j_SHA_CTX *ctx, unsigned char hashout[20]); data/jabber-muc-0.8/include/lib.h:312:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]); data/jabber-muc-0.8/include/lib.h:312:56: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]); data/jabber-muc-0.8/include/lib.h:402:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64]; data/jabber-muc-0.8/include/lib.h:403:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[10]; data/jabber-muc-0.8/include/lib.h:404:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char condition[30]; data/jabber-muc-0.8/src/conference.c:27:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char users[10]; data/jabber-muc-0.8/src/conference.c:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char maxu[10]; data/jabber-muc-0.8/src/conference.c:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char users[10]; data/jabber-muc-0.8/src/conference.c:72:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char maxu[10]; data/jabber-muc-0.8/src/conference.c:105:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[150]; data/jabber-muc-0.8/src/conference.c:106:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jid_node[21];//not the full jid, just a part of the node data/jabber-muc-0.8/src/conference.c:128:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nstr[10]; data/jabber-muc-0.8/src/conference.c:319:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nstr,"%d",start); data/jabber-muc-0.8/src/conference_room.c:44:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp[j], "<br />", 6); data/jabber-muc-0.8/src/conference_room.c:62:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[80]; data/jabber-muc-0.8/src/conference_room.c:155:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datePart[5]; data/jabber-muc-0.8/src/conference_room.c:240:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). room->logfile = fopen(filename, "a"); data/jabber-muc-0.8/src/conference_room.c:254:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). room->logfile = fopen(filename, "a"); data/jabber-muc-0.8/src/conference_room.c:566:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/jabber-muc-0.8/src/conference_room.c:774:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nstr[10]; data/jabber-muc-0.8/src/conference_room.c:780:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nstr,"%d",start); data/jabber-muc-0.8/src/conference_user.c:453:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[10]; data/jabber-muc-0.8/src/conference_user.c:493:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str,"%d",t); data/jabber-muc-0.8/src/jabberd/expat.c:117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/jabber-muc-0.8/src/jabberd/expat.c:123:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file,O_RDONLY); data/jabber-muc-0.8/src/jabberd/expat.c:156:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[BUFSIZ]; data/jabber-muc-0.8/src/jabberd/expat.c:157:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char err[1024]; data/jabber-muc-0.8/src/jabberd/expat.c:163:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(file,O_RDONLY); data/jabber-muc-0.8/src/jabberd/expat.c:191:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(ftmp, O_CREAT | O_WRONLY | O_TRUNC, 0600); data/jabber-muc-0.8/src/jabberd/jutil.c:164:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). p = atoi(str); data/jabber-muc-0.8/src/jabberd/jutil.c:201:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestamp[21]; data/jabber-muc-0.8/src/jabberd/jutil.c:225:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char timestamp[18]; data/jabber-muc-0.8/src/jabberd/jutil.c:247:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char code[4]; data/jabber-muc-0.8/src/jabberd/jutil.c:293:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char keydb[KEYBUF][41]; data/jabber-muc-0.8/src/jabberd/jutil.c:294:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char seeddb[KEYBUF][41]; data/jabber-muc-0.8/src/jabberd/jutil.c:296:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *str, strint[32]; data/jabber-muc-0.8/src/jabberd/jutil.c:312:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(strint,"%d",rand()); data/jabber-muc-0.8/src/jabberd/pool.c:41:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, strlen(src)); data/jabber-muc-0.8/src/jabberd/sha.c:64:40: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shaFinal(j_SHA_CTX *ctx, unsigned char hashout[20]) { data/jabber-muc-0.8/src/jabberd/sha.c:67:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char padlen[8]; data/jabber-muc-0.8/src/jabberd/sha.c:99:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]) { data/jabber-muc-0.8/src/jabberd/sha.c:99:56: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shaBlock(unsigned char *dataIn, int len, unsigned char hashout[20]) { data/jabber-muc-0.8/src/jabberd/sha.c:155:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char final[41]; data/jabber-muc-0.8/src/jabberd/sha.c:157:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hashval[20]; data/jabber-muc-0.8/src/jabberd/sha.c:174:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void shahash_r(const char* str, char hashbuf[41]) data/jabber-muc-0.8/src/jabberd/sha.c:178:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hashval[20]; data/jabber-muc-0.8/src/jabberd/snprintf.c:97:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[NDIG]; data/jabber-muc-0.8/src/jabberd/snprintf.c:464:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[EXPONENT_LENGTH]; /* for exponent conversion */ data/jabber-muc-0.8/src/jabberd/snprintf.c:551:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num_buf[NUM_BUF_SIZE]; data/jabber-muc-0.8/src/jabberd/snprintf.c:552:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_buf[2]; /* for printing %% and %<unknown> */ data/jabber-muc-0.8/src/jabberd/str.c:104:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(a); data/jabber-muc-0.8/src/jabberd/str.c:258:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp[j],"&",5); data/jabber-muc-0.8/src/jabberd/str.c:262:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp[j],"'",6); data/jabber-muc-0.8/src/jabberd/str.c:266:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp[j],""",6); data/jabber-muc-0.8/src/jabberd/str.c:270:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp[j],"<",4); data/jabber-muc-0.8/src/jabberd/str.c:274:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&temp[j],">",4); data/jabber-muc-0.8/src/jabberd/str.c:287:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buff[64]; data/jabber-muc-0.8/src/jabberd/xmlnode.c:139:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(scur,cur->data,cur->data_sz); data/jabber-muc-0.8/src/jabberd/xmlnode.c:322:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result->data, CDATA, size); data/jabber-muc-0.8/src/jcomp/jcr_base_connect.c:48:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&from.sin_addr, hp->h_addr, hp->h_length); data/jabber-muc-0.8/src/jcomp/jcr_base_connect.c:50:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t) &from.sin_addr, hp->h_addr, hp->h_length); data/jabber-muc-0.8/src/jcomp/jcr_base_connect.c:73:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/jabber-muc-0.8/src/jcomp/jcr_compatibility.c:56:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buff[128]; data/jabber-muc-0.8/src/jcomp/jcr_deliver.c:122:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t.condition, "service-unavailable"); data/jabber-muc-0.8/src/jcomp/jcr_deliver.c:123:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t.type, "wait"); data/jabber-muc-0.8/src/jcomp/jcr_elements.c:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hashbuf[41]; data/jabber-muc-0.8/src/jcomp/jcr_log.c:31:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char log_str[512]; data/jabber-muc-0.8/src/jcomp/jcr_log.c:51:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). jcr->log_stream = fopen(log_str, "a+"); data/jabber-muc-0.8/src/jcomp/jcr_log.c:77:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logmsg[512] = ""; data/jabber-muc-0.8/src/jcomp/jcr_log.c:89:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logmsg[512] = ""; data/jabber-muc-0.8/src/jcomp/jcr_log.c:102:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logmsg[512] = ""; data/jabber-muc-0.8/src/jcomp/jcr_log.c:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logmsg[512] = ""; data/jabber-muc-0.8/src/jcomp/jcr_log.c:128:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logmsg[512] = ""; data/jabber-muc-0.8/src/jcomp/jcr_xdb.c:31:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/jabber-muc-0.8/src/jcomp/jcr_xdb.c:80:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/jabber-muc-0.8/src/main.c:157:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("/dev/null",O_RDWR); data/jabber-muc-0.8/src/main.c:173:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pid_stream = fopen(config_file, "w"); data/jabber-muc-0.8/src/mysql.c:32:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char escaped[BUFFER_SIZE] = ""; data/jabber-muc-0.8/src/mysql.c:155:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char users[10]=""; data/jabber-muc-0.8/src/mysql.c:156:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(users,"%d",room->count); data/jabber-muc-0.8/src/mysql.c:163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[10]=""; data/jabber-muc-0.8/src/mysql.c:214:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[10]=""; data/jabber-muc-0.8/src/mysql.c:255:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char eroom[1025] = ""; data/jabber-muc-0.8/src/mysql.c:294:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char euser[1025] = ""; data/jabber-muc-0.8/src/mysql.c:295:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char eroom[1025] = ""; data/jabber-muc-0.8/src/mysql.c:357:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char euser[1025] = ""; data/jabber-muc-0.8/src/mysql.c:358:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char eroom[1025] = ""; data/jabber-muc-0.8/src/roles.c:76:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/roles.c:124:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/roles.c:161:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/roles.c:206:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:113:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var[100]; data/jabber-muc-0.8/src/utils.c:142:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:162:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cjid[2048]; data/jabber-muc-0.8/src/utils.c:198:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:274:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:318:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:458:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char body[256]; data/jabber-muc-0.8/src/utils.c:459:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reason[128]; data/jabber-muc-0.8/src/utils.c:485:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(reason, "None given"); data/jabber-muc-0.8/src/utils.c:591:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result, "%d", number); data/jabber-muc-0.8/src/utils.c:598:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buff[128]; data/jabber-muc-0.8/src/utils.c:611:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[50]; data/jabber-muc-0.8/src/utils.c:630:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[50]; data/jabber-muc-0.8/src/utils.c:647:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[50]; data/jabber-muc-0.8/src/utils.c:699:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:747:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:795:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ujid[2048]; data/jabber-muc-0.8/src/utils.c:814:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char in[2]; data/jabber-muc-0.8/src/xdata.c:27:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[4]; data/jabber-muc-0.8/src/xdata.c:76:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namespace[100]; data/jabber-muc-0.8/src/xdata.c:77:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var[100]; data/jabber-muc-0.8/src/xdata.c:78:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var_secret[100]; data/jabber-muc-0.8/src/xdata.c:79:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var_protected[100]; data/jabber-muc-0.8/src/xdata.c:345:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[4]; data/jabber-muc-0.8/src/xdb.c:27:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[10]; data/jabber-muc-0.8/src/conference.c:108:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(jid_node,jid->user,21); data/jabber-muc-0.8/src/conference.c:114:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ret=malloc((strlen(buffer)+1)*sizeof(char)); data/jabber-muc-0.8/src/conference.c:347:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata(jp->iq,str,strlen(str)); data/jabber-muc-0.8/src/conference_room.c:30:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oldlen = newlen=strlen(result); data/jabber-muc-0.8/src/iq.c:60:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str[strlen(str) - 1] = '\0'; /* cut off newline */ data/jabber-muc-0.8/src/jabberd/expat.c:135:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(fd, buf, BUFSIZ); data/jabber-muc-0.8/src/jabberd/expat.c:170:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = read(fd, buf, BUFSIZ); data/jabber-muc-0.8/src/jabberd/expat.c:196:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = write(fd,doc,strlen(doc)); data/jabber-muc-0.8/src/jabberd/jid.c:233:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). preped->size = strlen(in_out_buffer)+1; data/jabber-muc-0.8/src/jabberd/jid.c:331:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = _jid_cached_stringprep(id->server, strlen(id->server)+1, _jid_prep_cache_domain); data/jabber-muc-0.8/src/jabberd/jid.c:367:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = _jid_cached_stringprep(id->user, strlen(id->user)+1, _jid_prep_cache_node); data/jabber-muc-0.8/src/jabberd/jid.c:407:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = _jid_cached_stringprep(id->resource, strlen(id->resource)+1, _jid_prep_cache_resource); data/jabber-muc-0.8/src/jabberd/jid.c:415:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = _jid_cached_stringprep(id->resource, strlen(id->resource)+1, _jid_prep_cache_resource); data/jabber-muc-0.8/src/jabberd/jid.c:450:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(id->server) > 1023) data/jabber-muc-0.8/src/jabberd/jid.c:544:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). resource = str + strlen(str); /* point to end */ data/jabber-muc-0.8/src/jabberd/jutil.c:77:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata(xmlnode_insert_tag(pres,"status"),status,strlen(status)); data/jabber-muc-0.8/src/jabberd/jutil.c:119:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata (xmlnode_insert_tag (msg, "subject"), subj, strlen (subj)); data/jabber-muc-0.8/src/jabberd/jutil.c:124:69: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata (xmlnode_insert_tag (msg, "body"), body, strlen (body)); data/jabber-muc-0.8/src/jabberd/jutil.c:262:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata(text,E.msg,strlen(E.msg)); data/jabber-muc-0.8/src/jabberd/jutil.c:278:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata(delay,reason,strlen(reason)); data/jabber-muc-0.8/src/jabberd/jutil.c:286:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). xmlnode_insert_cdata(delay,reason,strlen(reason)); data/jabber-muc-0.8/src/jabberd/pool.c:40:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest = pmalloc(p, (strlen(src) + 1)); data/jabber-muc-0.8/src/jabberd/pool.c:41:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(dest, src, strlen(src)); data/jabber-muc-0.8/src/jabberd/sha.c:163:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). shaBlock((unsigned char *)str, strlen(str), hashval); data/jabber-muc-0.8/src/jabberd/sha.c:183:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). shaBlock((unsigned char *)str, strlen(str), hashval); data/jabber-muc-0.8/src/jabberd/snprintf.c:429:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *len = strlen(strcpy(buf, p)); data/jabber-muc-0.8/src/jabberd/snprintf.c:736:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s_len = strlen(s); data/jabber-muc-0.8/src/jabberd/snprintf.c:781:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). s_len = strlen(s); data/jabber-muc-0.8/src/jabberd/str.c:96:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(a); data/jabber-muc-0.8/src/jabberd/str.c:127:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/jabber-muc-0.8/src/jabberd/str.c:224:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oldlen = newlen = strlen(buf); data/jabber-muc-0.8/src/jabberd/xmlnode.c:316:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(CDATA); data/jabber-muc-0.8/src/jabberd/xmlnode.c:482:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). attrib->data_sz = strlen(value); data/jabber-muc-0.8/src/jcomp/jcr_base_connect.c:83:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc = g_io_channel_write_chars(jcr->gio, buf, strlen(buf), &bytes, &error); data/jabber-muc-0.8/src/jcomp/jcr_deliver.c:36:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). log_debug(JDBG, "queued %d bytes : >>> %s <<<", strlen(xmlnode2str(d->x)), xmlnode2str(d->x)); data/jabber-muc-0.8/src/jcomp/jcr_elements.c:123:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!to || strncasecmp(jcr->jcr_i->id, to->server, strlen(jcr->jcr_i->id)) == 0) { data/jabber-muc-0.8/src/jcomp/jcr_log.c:40:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = strlen(pos); data/jabber-muc-0.8/src/mysql.c:119:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); ANALYSIS SUMMARY: Hits = 180 Lines analyzed = 13147 in approximately 0.37 seconds (35896 lines/second) Physical Source Lines of Code (SLOC) = 9171 Hits@level = [0] 103 [1] 38 [2] 121 [3] 2 [4] 19 [5] 0 Hits@level+ = [0+] 283 [1+] 180 [2+] 142 [3+] 21 [4+] 19 [5+] 0 Hits/KSLOC@level+ = [0+] 30.8581 [1+] 19.6271 [2+] 15.4836 [3+] 2.28983 [4+] 2.07175 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.