Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libnss-nis-3.1/src/libc-symbols.h
Examining data/libnss-nis-3.1/src/netgroup.h
Examining data/libnss-nis-3.1/src/nss-nis.h
Examining data/libnss-nis-3.1/src/mapv4v6addr.h
Examining data/libnss-nis-3.1/src/nis-alias.c
Examining data/libnss-nis-3.1/src/nis-ethers.c
Examining data/libnss-nis-3.1/src/nis-grp.c
Examining data/libnss-nis-3.1/src/nis-hosts.c
Examining data/libnss-nis-3.1/src/nis-initgroups.c
Examining data/libnss-nis-3.1/src/nis-netgrp.c
Examining data/libnss-nis-3.1/src/nis-network.c
Examining data/libnss-nis-3.1/src/nis-proto.c
Examining data/libnss-nis-3.1/src/nis-publickey.c
Examining data/libnss-nis-3.1/src/nis-pwd.c
Examining data/libnss-nis-3.1/src/nis-rpc.c
Examining data/libnss-nis-3.1/src/nis-service.c
Examining data/libnss-nis-3.1/src/nis-spwd.c
Examining data/libnss-nis-3.1/src/nss-nis.c
Examining data/libnss-nis-3.1/src/nss-default.c
Examining data/libnss-nis-3.1/src/nss_loader-test.c
Examining data/libnss-nis-3.1/src/files-parse.c
Examining data/libnss-nis-3.1/src/libc-lock.h
FINAL RESULTS:
data/libnss-nis-3.1/src/nis-alias.c:51:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (first_unused, key);
data/libnss-nis-3.1/src/nis-publickey.c:134:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (skey, buf);
data/libnss-nis-3.1/src/nis-service.c:298:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cp, protocol);
data/libnss-nis-3.1/src/files-parse.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[0];
data/libnss-nis-3.1/src/mapv4v6addr.h:62:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dst + 12, src, INADDRSZ);
data/libnss-nis-3.1/src/nis-ethers.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[0];
data/libnss-nis-3.1/src/nis-ethers.c:278:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[33];
data/libnss-nis-3.1/src/nis-grp.c:341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libnss-nis-3.1/src/nis-grp.c:342:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int nlen = sprintf (buf, "%lu", (unsigned long int) gid);
data/libnss-nis-3.1/src/nis-hosts.c:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char host_addr[16]; /* IPv4 or IPv6 address. */
data/libnss-nis-3.1/src/nis-hosts.c:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *h_addr_ptrs[2]; /* Points to that and null terminator. */
data/libnss-nis-3.1/src/nis-hosts.c:266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[namlen + 1];
data/libnss-nis-3.1/src/nis-hosts.c:451:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[namlen + 1];
data/libnss-nis-3.1/src/nis-hosts.c:524:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((*pat)->addr, host.h_addr_list[0], host.h_length);
data/libnss-nis-3.1/src/nis-hosts.c:535:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(*pat)->name = memcpy (buffer, host.h_name, h_name_len);
data/libnss-nis-3.1/src/nis-initgroups.c:103:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
p = memcpy (buffer, &bucket->mem[intern->offset], len);
data/libnss-nis-3.1/src/nis-initgroups.c:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[sizeof ("unix.@") + sizeof (uid_t) * 3 + strlen (domainname)];
data/libnss-nis-3.1/src/nis-netgrp.c:123:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer, host, cp - host);
data/libnss-nis-3.1/src/nis-network.c:237:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[namlen + 1];
data/libnss-nis-3.1/src/nis-proto.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[0];
data/libnss-nis-3.1/src/nis-proto.c:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libnss-nis-3.1/src/nis-publickey.c:125:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * (HEXKEYBYTES + 1)];
data/libnss-nis-3.1/src/nis-publickey.c:202:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
_nss_nis_netname2user (char netname[MAXNETNAMELEN + 1], uid_t *uidp,
data/libnss-nis-3.1/src/nis-pwd.c:519:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libnss-nis-3.1/src/nis-rpc.c:174:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
p = memcpy (buffer, &bucket->mem[intern->offset], len);
data/libnss-nis-3.1/src/nis-rpc.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libnss-nis-3.1/src/nis-service.c:238:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
p = memcpy (buffer, &bucket->mem[intern.offset], len);
data/libnss-nis-3.1/src/nis-service.c:291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[keylen + 1];
data/libnss-nis-3.1/src/nis-service.c:385:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[sizeof (int) * 3 + strlen (proto) + 2];
data/libnss-nis-3.1/src/nis-spwd.c:177:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (&buffer[len], "::");
data/libnss-nis-3.1/src/nis-spwd.c:268:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (&buffer[len], "::");
data/libnss-nis-3.1/src/nss-default.c:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[23];
data/libnss-nis-3.1/src/nss-default.c:59:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen (default_nss, "rce");
data/libnss-nis-3.1/src/nss-nis.h:62:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[0];
data/libnss-nis-3.1/src/nss-nis.h:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem[0];
data/libnss-nis-3.1/src/nss_loader-test.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwdbuffer[2048];
data/libnss-nis-3.1/src/nis-alias.c:42:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *first_unused = buffer + strlen (alias) + 1;
data/libnss-nis-3.1/src/nis-alias.c:44:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen - (buflen % __alignof__ (char *)) - strlen (alias) - 2;
data/libnss-nis-3.1/src/nis-alias.c:68:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
first_unused += strlen (result->alias_name) + 1;
data/libnss-nis-3.1/src/nis-alias.c:167:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-alias.c:221:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namlen = strlen (name);
data/libnss-nis-3.1/src/nis-alias.c:257:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-ethers.c:181:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
p = strncpy (buffer, next->val, buflen);
data/libnss-nis-3.1/src/nis-ethers.c:227:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "ethers.byname", name, strlen (name), &result,
data/libnss-nis-3.1/src/nis-ethers.c:246:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-ethers.c:307:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-grp.c:191:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (result);
data/libnss-nis-3.1/src/nis-grp.c:233:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-grp.c:296:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "group.byname", name, strlen (name), &result,
data/libnss-nis-3.1/src/nis-grp.c:315:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-grp.c:364:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-hosts.c:186:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (data->linebuffer, result, len);
data/libnss-nis-3.1/src/nis-hosts.c:258:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namlen = strlen (name);
data/libnss-nis-3.1/src/nis-hosts.c:300:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (data->linebuffer, result, len);
data/libnss-nis-3.1/src/nis-hosts.c:377:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "hosts.byaddr", buf, strlen (buf), &result,
data/libnss-nis-3.1/src/nis-hosts.c:404:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (data->linebuffer, result, len);
data/libnss-nis-3.1/src/nis-hosts.c:443:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namlen = strlen (name);
data/libnss-nis-3.1/src/nis-hosts.c:532:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t h_name_len = strlen (host.h_name) + 1;
data/libnss-nis-3.1/src/nis-initgroups.c:88:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (p) + 1;
data/libnss-nis-3.1/src/nis-initgroups.c:155:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (domainname) > UDPMSGSIZE)
data/libnss-nis-3.1/src/nis-initgroups.c:163:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char key[sizeof ("unix.@") + sizeof (uid_t) * 3 + strlen (domainname)];
data/libnss-nis-3.1/src/nis-netgrp.c:171:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status = yperr2nss (yp_match (domain, "netgroup", group, strlen (group),
data/libnss-nis-3.1/src/nis-network.c:74:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *newp = (char *) alloca (strlen (addr) + (4 - n) * 2 + 1);
data/libnss-nis-3.1/src/nis-network.c:165:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-network.c:229:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namlen = strlen (name);
data/libnss-nis-3.1/src/nis-network.c:269:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-network.c:300:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen (buf);
data/libnss-nis-3.1/src/nis-network.c:343:19: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-proto.c:160:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
p = strncpy (buffer, next->val, buflen);
data/libnss-nis-3.1/src/nis-proto.c:206:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "protocols.byname", name, strlen (name),
data/libnss-nis-3.1/src/nis-proto.c:225:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-proto.c:275:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-publickey.c:61:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "publickey.byname", netname, strlen (netname),
data/libnss-nis-3.1/src/nis-publickey.c:78:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (pkey, result, HEXKEYBYTES + 1);
data/libnss-nis-3.1/src/nis-publickey.c:108:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "publickey.byname", netname, strlen (netname),
data/libnss-nis-3.1/src/nis-publickey.c:128:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buf, p, 2 * (HEXKEYBYTES + 1));
data/libnss-nis-3.1/src/nis-publickey.c:216:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int yperr = yp_match (domain, "netid.byname", netname, strlen (netname),
data/libnss-nis-3.1/src/nis-pwd.c:263:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (result);
data/libnss-nis-3.1/src/nis-pwd.c:419:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen (name);
data/libnss-nis-3.1/src/nis-pwd.c:490:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-pwd.c:594:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-rpc.c:159:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (p) + 1;
data/libnss-nis-3.1/src/nis-rpc.c:280:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-service.c:81:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (req->buffer, inval, invallen);
data/libnss-nis-3.1/src/nis-service.c:223:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (p) + 1;
data/libnss-nis-3.1/src/nis-service.c:283:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t keylen = strlen (name) + (protocol ? 1 + strlen (protocol) : 0);
data/libnss-nis-3.1/src/nis-service.c:283:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t keylen = strlen (name) + (protocol ? 1 + strlen (protocol) : 0);
data/libnss-nis-3.1/src/nis-service.c:318:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-service.c:376:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (proto) > UDPMSGSIZE)
data/libnss-nis-3.1/src/nis-service.c:385:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char key[sizeof (int) * 3 + strlen (proto) + 2];
data/libnss-nis-3.1/src/nis-service.c:406:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-spwd.c:172:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
data/libnss-nis-3.1/src/nis-spwd.c:227:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t name_len = strlen (name);
data/libnss-nis-3.1/src/nis-spwd.c:263:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *p = strncpy (buffer, result, len);
ANALYSIS SUMMARY:
Hits = 94
Lines analyzed = 5510 in approximately 0.16 seconds (35347 lines/second)
Physical Source Lines of Code (SLOC) = 3918
Hits@level = [0] 13 [1] 58 [2] 33 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 107 [1+] 94 [2+] 36 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 27.3099 [1+] 23.9918 [2+] 9.18836 [3+] 0.765697 [4+] 0.765697 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.