Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libiksemel-1.4/tools/perf.c
Examining data/libiksemel-1.4/tools/iksperf.c
Examining data/libiksemel-1.4/tools/hash.c
Examining data/libiksemel-1.4/tools/iksroster.c
Examining data/libiksemel-1.4/tools/ikslint.c
Examining data/libiksemel-1.4/tools/perf.h
Examining data/libiksemel-1.4/include/finetune.h
Examining data/libiksemel-1.4/include/iksemel.h
Examining data/libiksemel-1.4/include/common.h
Examining data/libiksemel-1.4/test/tst-iks.c
Examining data/libiksemel-1.4/test/tst-ikstack.c
Examining data/libiksemel-1.4/test/tst-md5.c
Examining data/libiksemel-1.4/test/tst-sax.c
Examining data/libiksemel-1.4/test/tst-jid.c
Examining data/libiksemel-1.4/test/tst-sha.c
Examining data/libiksemel-1.4/test/tst-filter.c
Examining data/libiksemel-1.4/test/tst-dom.c
Examining data/libiksemel-1.4/src/jabber.c
Examining data/libiksemel-1.4/src/sax.c
Examining data/libiksemel-1.4/src/filter.c
Examining data/libiksemel-1.4/src/md5.c
Examining data/libiksemel-1.4/src/ikstack.c
Examining data/libiksemel-1.4/src/iks.c
Examining data/libiksemel-1.4/src/sha.c
Examining data/libiksemel-1.4/src/io-posix.c
Examining data/libiksemel-1.4/src/base64.c
Examining data/libiksemel-1.4/src/dom.c
Examining data/libiksemel-1.4/src/utility.c
Examining data/libiksemel-1.4/src/stream.c
FINAL RESULTS:
data/libiksemel-1.4/src/stream.c:211:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (response, "username=\"%s\",realm=\"%s\",nonce=\"%s\""
data/libiksemel-1.4/src/stream.c:516:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg, "<?xml version='1.0'?>"
data/libiksemel-1.4/src/stream.c:613:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (s, "%c%s%c%s", 0, username, 0, pass);
data/libiksemel-1.4/tools/hash.c:130:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (title_fmt, pos);
data/libiksemel-1.4/tools/hash.c:132:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (line_fmt, tags[i]->name, tags[i]->count);
data/libiksemel-1.4/tools/iksroster.c:243:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tmp, "%s@%s/%s", sess.acc->user, sess.acc->server, "iksroster");
data/libiksemel-1.4/tools/ikslint.c:255:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long (argc, argv, shortopts, longopts, &i)) != -1) {
data/libiksemel-1.4/tools/ikslint.c:257:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, shortopts)) != -1) {
data/libiksemel-1.4/tools/iksperf.c:271:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long (argc, argv, shortopts, longopts, &i)) != -1) {
data/libiksemel-1.4/tools/iksperf.c:273:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, shortopts)) != -1) {
data/libiksemel-1.4/tools/iksroster.c:287:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long (argc, argv, shortopts, longopts, &i)) != -1) {
data/libiksemel-1.4/tools/iksroster.c:289:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, shortopts)) != -1) {
data/libiksemel-1.4/src/dom.c:128:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (fname, "r");
data/libiksemel-1.4/src/dom.c:172:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (fname, "w");
data/libiksemel-1.4/src/iks.c:551:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, src, len);
data/libiksemel-1.4/src/iks.c:595:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret, IKS_CDATA_CDATA (x), IKS_CDATA_LEN (x));
data/libiksemel-1.4/src/ikstack.c:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[4];
data/libiksemel-1.4/src/ikstack.c:112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, src, len);
data/libiksemel-1.4/src/ikstack.c:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret, old, old_len);
data/libiksemel-1.4/src/ikstack.c:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret + old_len, src, src_len);
data/libiksemel-1.4/src/ikstack.c:146:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret + old_len, src, src_len);
data/libiksemel-1.4/src/ikstack.c:155:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret, old, old_len);
data/libiksemel-1.4/src/ikstack.c:157:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (c->data + c->used, src, src_len);
data/libiksemel-1.4/src/io-posix.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_str[6];
data/libiksemel-1.4/src/io-posix.c:50:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (port_str, "%i", port);
data/libiksemel-1.4/src/io-posix.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&sin.sin_addr, host->h_addr, host->h_length);
data/libiksemel-1.4/src/jabber.c:173:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[41];
data/libiksemel-1.4/src/md5.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64];
data/libiksemel-1.4/src/md5.c:92:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md5->buffer + md5->blen, data, j);
data/libiksemel-1.4/src/md5.c:102:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md5->buffer, data, j);
data/libiksemel-1.4/src/md5.c:141:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/libiksemel-1.4/src/md5.c:145:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%02x", digest[i]);
data/libiksemel-1.4/src/sax.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity[8];
data/libiksemel-1.4/src/sax.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, prs->stack, prs->stack_max);
data/libiksemel-1.4/src/sax.c:186:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prs->stack + prs->stack_pos, sbuf, slen); \
data/libiksemel-1.4/src/sax.c:376:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, prs->atts, sizeof(char *) * prs->attcur);
data/libiksemel-1.4/src/sax.c:469:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hede[2];
data/libiksemel-1.4/src/sha.c:45:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad[8];
data/libiksemel-1.4/src/sha.c:77:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hash, "%08x", sha->hash[i]);
data/libiksemel-1.4/src/stream.c:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cnonce[CNONCE_LEN*8 + 1];
data/libiksemel-1.4/src/stream.c:147:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char a1_h[16], a1[33], a2[33], response_value[33];
data/libiksemel-1.4/src/stream.c:168:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cnonce + i*8, "%08x", rand());
data/libiksemel-1.4/src/utility.c:57:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, src, len);
data/libiksemel-1.4/src/utility.c:125:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case '&': memcpy (&ret[j], "&", 5); j += 5; break;
data/libiksemel-1.4/src/utility.c:126:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case '\'': memcpy (&ret[j], "'", 6); j += 6; break;
data/libiksemel-1.4/src/utility.c:127:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case '"': memcpy (&ret[j], """, 6); j += 6; break;
data/libiksemel-1.4/src/utility.c:128:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case '<': memcpy (&ret[j], "<", 4); j += 4; break;
data/libiksemel-1.4/src/utility.c:129:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case '>': memcpy (&ret[j], ">", 4); j += 4; break;
data/libiksemel-1.4/test/tst-md5.c:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[33];
data/libiksemel-1.4/test/tst-sax.c:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atts[10];
data/libiksemel-1.4/test/tst-sax.c:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vals[10];
data/libiksemel-1.4/test/tst-sha.c:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[42];
data/libiksemel-1.4/tools/ikslint.c:77:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (tmp, tag_list, sizeof (char *) * tag_size);
data/libiksemel-1.4/tools/ikslint.c:165:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (fname, "r");
data/libiksemel-1.4/tools/iksperf.c:72:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (fname, "rb");
data/libiksemel-1.4/tools/iksperf.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[41];
data/libiksemel-1.4/tools/iksperf.c:292:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
block_size = atoi (optarg);
data/libiksemel-1.4/tools/iksroster.c:282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from_pw[128], to_pw[128];
data/libiksemel-1.4/tools/iksroster.c:310:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opt_timeout = atoi (optarg);
data/libiksemel-1.4/src/dom.c:100:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == len) len = strlen (xml_str);
data/libiksemel-1.4/src/iks.c:113:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(len == 0) len = strlen (data);
data/libiksemel-1.4/src/iks.c:236:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == 0) len = strlen (data);
data/libiksemel-1.4/src/iks.c:264:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == 0) len = strlen (data);
data/libiksemel-1.4/src/iks.c:550:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == len) len = strlen (src);
data/libiksemel-1.4/src/iks.c:608:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen (IKS_TAG_NAME (y));
data/libiksemel-1.4/src/iks.c:610:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += 4 + strlen (IKS_ATTRIB_NAME (z))
data/libiksemel-1.4/src/iks.c:611:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ escape_size (IKS_ATTRIB_VALUE (z), strlen (IKS_ATTRIB_VALUE (z)));
data/libiksemel-1.4/src/iks.c:628:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (IKS_TAG_CHILDREN (y)) size += 3 + strlen (IKS_TAG_NAME (y));
data/libiksemel-1.4/src/iks.c:636:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (level >= 0) size += 3 + strlen (IKS_TAG_NAME (y));
data/libiksemel-1.4/src/iks.c:661:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = escape (t, IKS_ATTRIB_VALUE (y), strlen (IKS_ATTRIB_VALUE (y)));
data/libiksemel-1.4/src/ikstack.c:105:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == len) len = strlen (src);
data/libiksemel-1.4/src/ikstack.c:126:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == old_len) old_len = strlen (old);
data/libiksemel-1.4/src/ikstack.c:127:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == src_len) src_len = strlen (src);
data/libiksemel-1.4/src/jabber.c:176:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iks_sha_hash (sha, (const unsigned char*)sid, strlen (sid), 0);
data/libiksemel-1.4/src/jabber.c:177:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iks_sha_hash (sha, (const unsigned char*)pass, strlen (pass), 1);
data/libiksemel-1.4/src/md5.c:154:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iks_md5_hash(md5, (const unsigned char*)data, strlen(data), 1);
data/libiksemel-1.4/src/sax.c:631:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == 0) len = strlen (data);
data/libiksemel-1.4/src/sha.c:94:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iks_sha_hash (sha, (const unsigned char*)data, strlen (data), 1);
data/libiksemel-1.4/src/stream.c:126:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(key);
data/libiksemel-1.4/src/stream.c:513:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 91 + strlen (data->name_space) + 6 + strlen (to) + 16 + 1;
data/libiksemel-1.4/src/stream.c:513:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = 91 + strlen (data->name_space) + 6 + strlen (to) + 16 + 1;
data/libiksemel-1.4/src/stream.c:540:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (gnutls_record_send (data->sess, xmlstr, strlen (xmlstr)) < 0) return IKS_NET_RWERR;
data/libiksemel-1.4/src/stream.c:544:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = data->trans->send (data->sock, xmlstr, strlen (xmlstr));
data/libiksemel-1.4/src/stream.c:547:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (data->logHook) data->logHook (data->user_data, xmlstr, strlen (xmlstr), 0);
data/libiksemel-1.4/src/utility.c:56:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (src);
data/libiksemel-1.4/src/utility.c:94:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen (src);
data/libiksemel-1.4/src/utility.c:106:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == -1) len = strlen (src);
data/libiksemel-1.4/src/utility.c:146:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == -1) len = strlen (src);
data/libiksemel-1.4/test/tst-filter.c:76:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iks_parse (prs, tester.xml, strlen (tester.xml), 1);
data/libiksemel-1.4/test/tst-ikstack.c:28:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen (buf); i++) {
data/libiksemel-1.4/test/tst-sax.c:50:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tester.len = strlen (xml);
data/libiksemel-1.4/test/tst-sax.c:87:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
el->len = strlen (tmp);
data/libiksemel-1.4/tools/iksroster.c:242:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = iks_malloc (strlen (sess.acc->user) + strlen (sess.acc->server) + 9 + 3);
data/libiksemel-1.4/tools/iksroster.c:242:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = iks_malloc (strlen (sess.acc->user) + strlen (sess.acc->server) + 9 + 3);
ANALYSIS SUMMARY:
Hits = 94
Lines analyzed = 6530 in approximately 0.36 seconds (17904 lines/second)
Physical Source Lines of Code (SLOC) = 5486
Hits@level = [0] 88 [1] 35 [2] 47 [3] 6 [4] 6 [5] 0
Hits@level+ = [0+] 182 [1+] 94 [2+] 59 [3+] 12 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 33.1754 [1+] 17.1345 [2+] 10.7546 [3+] 2.18739 [4+] 1.09369 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.