Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libnss-nisplus-1.3/src/libc-lock.h Examining data/libnss-nisplus-1.3/src/netgroup.h Examining data/libnss-nisplus-1.3/src/nisplus-alias.c Examining data/libnss-nisplus-1.3/src/nisplus-ethers.c Examining data/libnss-nisplus-1.3/src/nisplus-grp.c Examining data/libnss-nisplus-1.3/src/nisplus-initgroups.c Examining data/libnss-nisplus-1.3/src/nisplus-netgrp.c Examining data/libnss-nisplus-1.3/src/nisplus-network.c Examining data/libnss-nisplus-1.3/src/nisplus-parser.c Examining data/libnss-nisplus-1.3/src/nisplus-parser.h Examining data/libnss-nisplus-1.3/src/nisplus-proto.c Examining data/libnss-nisplus-1.3/src/nisplus-publickey.c Examining data/libnss-nisplus-1.3/src/nisplus-pwd.c Examining data/libnss-nisplus-1.3/src/nisplus-rpc.c Examining data/libnss-nisplus-1.3/src/nisplus-service.c Examining data/libnss-nisplus-1.3/src/nisplus-spwd.c Examining data/libnss-nisplus-1.3/src/nss-nisplus.c Examining data/libnss-nisplus-1.3/src/nss-nisplus.h Examining data/libnss-nisplus-1.3/src/nss_loader-test.c Examining data/libnss-nisplus-1.3/src/nisplus-hosts.c FINAL RESULTS: data/libnss-nisplus-1.3/src/nisplus-network.c:433:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf2, inet_ntoa (in)); data/libnss-nisplus-1.3/src/nisplus-publickey.c:209:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (skey, buf); data/libnss-nisplus-1.3/src/nisplus-alias.c:58:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-alias.c:297:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 9 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-ethers.c:112:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-ethers.c:259:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 9 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-ethers.c:321:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[26 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-grp.c:61:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-grp.c:299:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 9 + grp_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-grp.c:353:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8 + 3 * sizeof (unsigned long int) + grp_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-hosts.c:191:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-hosts.c:378:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-hosts.c:497:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[24 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-hosts.c:576:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((*pat)->addr, host.h_addr_list[0], host.h_length); data/libnss-nisplus-1.3/src/nisplus-initgroups.c:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (user) + 12 + grp_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-initgroups.c:100:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numstrbuf[len + 1]; data/libnss-nisplus-1.3/src/nisplus-initgroups.c:101:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (numstrbuf, numstr, len); data/libnss-nisplus-1.3/src/nisplus-netgrp.c:152:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (group) + 25]; data/libnss-nisplus-1.3/src/nisplus-network.c:158:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-network.c:332:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-network.c:428:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[27 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-network.c:429:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[18]; data/libnss-nisplus-1.3/src/nisplus-parser.c:325:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_lstchg = atol (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:333:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_min = atol (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:341:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_max = atol (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:349:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_warn = atol (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:357:17: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_inact = atol (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:365:18: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_expire = atol (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:371:16: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sp->sp_flag = atol (line); data/libnss-nisplus-1.3/src/nisplus-proto.c:77:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). proto->p_proto = atoi (NISENTRYVAL (0, 2, result)); data/libnss-nisplus-1.3/src/nisplus-proto.c:153:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-proto.c:306:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-proto.c:396:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[12 + 3 * sizeof (number) + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-publickey.c:43:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NIS_MAXNAMELEN + 2]; data/libnss-nisplus-1.3/src/nisplus-publickey.c:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pkey, ENTRY_VAL (NIS_RES_OBJECT (res),3), len); data/libnss-nisplus-1.3/src/nisplus-publickey.c:130:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NIS_MAXNAMELEN + 2]; data/libnss-nisplus-1.3/src/nisplus-publickey.c:195:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf, ENTRY_VAL (NIS_RES_OBJECT (res), 4), len); data/libnss-nisplus-1.3/src/nisplus-publickey.c:253:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. _nss_nisplus_netname2user (char netname[MAXNETNAMELEN + 1], uid_t *uidp, data/libnss-nisplus-1.3/src/nisplus-publickey.c:258:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sname[NIS_MAXNAMELEN + 2]; /* search criteria + table name */ data/libnss-nisplus-1.3/src/nisplus-publickey.c:260:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char principal[NIS_MAXNAMELEN + 1]; data/libnss-nisplus-1.3/src/nisplus-pwd.c:60:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-pwd.c:300:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 9 + pwd_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-pwd.c:358:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[8 + 3 * sizeof (unsigned long int) + pwd_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-rpc.c:83:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rpc->r_number = atoi (NISENTRYVAL (0, 2, result)); data/libnss-nisplus-1.3/src/nisplus-rpc.c:161:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-rpc.c:315:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-rpc.c:405:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[12 + 3 * sizeof (number) + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-service.c:83:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). serv->s_port = htons (atoi (NISENTRYVAL (0, 3, result))); data/libnss-nisplus-1.3/src/nisplus-service.c:161:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (__stpcpy (p, prefix), local_dir, local_dir_len + 1); data/libnss-nisplus-1.3/src/nisplus-service.c:314:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + protocol_len + 17 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-service.c:415:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[17 + 3 * sizeof (int) + strlen (protocol) + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-spwd.c:179:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[strlen (name) + 9 + pwd_tablename_len]; data/libnss-nisplus-1.3/src/nss-nisplus.h:68:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[0]; data/libnss-nisplus-1.3/src/nss_loader-test.c:38:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pwdbuffer[2048]; data/libnss-nisplus-1.3/src/nisplus-alias.c:48:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-alias.c:114:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (alias->alias_name) + 1; data/libnss-nisplus-1.3/src/nisplus-alias.c:297:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 9 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-ethers.c:102:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-ethers.c:259:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 9 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-grp.c:51:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-grp.c:69:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). grp_tablename_len = strlen (grp_tablename_val); data/libnss-nisplus-1.3/src/nisplus-grp.c:299:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 9 + grp_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-hosts.c:181:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-hosts.c:378:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-hosts.c:402:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t buflen = strlen (name) + 10 + tablename_len; data/libnss-nisplus-1.3/src/nisplus-initgroups.c:55:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (user) + 12 + grp_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-netgrp.c:60:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (buffer, NISENTRYVAL (result->position, 1, data/libnss-nisplus-1.3/src/nisplus-netgrp.c:152:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (group) + 25]; data/libnss-nisplus-1.3/src/nisplus-network.c:70:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 0, result), data/libnss-nisplus-1.3/src/nisplus-network.c:74:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (first_unused) + 1; data/libnss-nisplus-1.3/src/nisplus-network.c:148:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-network.c:332:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-network.c:359:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t buflen = strlen (entryval) + 10 + tablename_len; data/libnss-nisplus-1.3/src/nisplus-network.c:434:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t b2len = strlen (buf2); data/libnss-nisplus-1.3/src/nisplus-parser.c:64:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (0, obj), NISOBJLEN (0, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:66:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:76:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (1, obj), NISOBJLEN (1, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:79:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:90:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, numstr, len); data/libnss-nisplus-1.3/src/nisplus-parser.c:106:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, numstr, len); data/libnss-nisplus-1.3/src/nisplus-parser.c:118:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (4, obj), NISOBJLEN (4, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:121:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:128:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (5, obj), NISOBJLEN (5, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:131:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:138:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (6, obj), NISOBJLEN (6, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:141:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:174:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (0, obj), NISOBJLEN (0, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:176:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:186:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (1, obj), NISOBJLEN (1, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:189:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:200:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, numstr, len); data/libnss-nisplus-1.3/src/nisplus-parser.c:212:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISOBJVAL (3, obj), NISOBJLEN (3, obj)); data/libnss-nisplus-1.3/src/nisplus-parser.c:215:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (line); data/libnss-nisplus-1.3/src/nisplus-parser.c:292:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 0, result), data/libnss-nisplus-1.3/src/nisplus-parser.c:295:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-parser.c:305:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 1, result), data/libnss-nisplus-1.3/src/nisplus-parser.c:309:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused); data/libnss-nisplus-1.3/src/nisplus-proto.c:68:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 0, result), data/libnss-nisplus-1.3/src/nisplus-proto.c:72:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (first_unused) + 1; data/libnss-nisplus-1.3/src/nisplus-proto.c:143:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-proto.c:306:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-proto.c:332:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t buflen = strlen (entryval) + 10 + tablename_len; data/libnss-nisplus-1.3/src/nisplus-publickey.c:332:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (principal, ENTRY_VAL (NIS_RES_OBJECT (res), 0), len); data/libnss-nisplus-1.3/src/nisplus-publickey.c:344:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (principal) + strlen (domain) + 45 > (size_t) NIS_MAXNAMELEN) data/libnss-nisplus-1.3/src/nisplus-publickey.c:344:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (principal) + strlen (domain) + 45 > (size_t) NIS_MAXNAMELEN) data/libnss-nisplus-1.3/src/nisplus-pwd.c:50:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-pwd.c:68:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pwd_tablename_len = strlen (pwd_tablename_val); data/libnss-nisplus-1.3/src/nisplus-pwd.c:300:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 9 + pwd_tablename_len]; data/libnss-nisplus-1.3/src/nisplus-rpc.c:75:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 0, result), data/libnss-nisplus-1.3/src/nisplus-rpc.c:79:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (first_unused) + 1; data/libnss-nisplus-1.3/src/nisplus-rpc.c:151:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-rpc.c:315:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 10 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-rpc.c:342:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t buflen = strlen (entryval) + 10 + tablename_len; data/libnss-nisplus-1.3/src/nisplus-service.c:65:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 0, result), data/libnss-nisplus-1.3/src/nisplus-service.c:69:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (first_unused) + 1; data/libnss-nisplus-1.3/src/nisplus-service.c:75:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (first_unused, NISENTRYVAL (0, 2, result), data/libnss-nisplus-1.3/src/nisplus-service.c:79:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (first_unused) + 1; data/libnss-nisplus-1.3/src/nisplus-service.c:151:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t local_dir_len = strlen (local_dir); data/libnss-nisplus-1.3/src/nisplus-service.c:313:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t protocol_len = strlen (protocol); data/libnss-nisplus-1.3/src/nisplus-service.c:314:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + protocol_len + 17 + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-service.c:343:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t buflen = (strlen (entryval) + protocol_len + 17 data/libnss-nisplus-1.3/src/nisplus-service.c:415:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[17 + 3 * sizeof (int) + strlen (protocol) + tablename_len]; data/libnss-nisplus-1.3/src/nisplus-spwd.c:179:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char buf[strlen (name) + 9 + pwd_tablename_len]; ANALYSIS SUMMARY: Hits = 123 Lines analyzed = 5658 in approximately 0.14 seconds (39801 lines/second) Physical Source Lines of Code (SLOC) = 4110 Hits@level = [0] 47 [1] 69 [2] 52 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 170 [1+] 123 [2+] 54 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 41.3625 [1+] 29.927 [2+] 13.1387 [3+] 0.486618 [4+] 0.486618 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.