Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/liboauth2-1.3.0/include/oauth2/apache.h
Examining data/liboauth2-1.3.0/include/oauth2/cache.h
Examining data/liboauth2-1.3.0/include/oauth2/cfg.h
Examining data/liboauth2-1.3.0/include/oauth2/http.h
Examining data/liboauth2-1.3.0/include/oauth2/ipc.h
Examining data/liboauth2-1.3.0/include/oauth2/jose.h
Examining data/liboauth2-1.3.0/include/oauth2/log.h
Examining data/liboauth2-1.3.0/include/oauth2/mem.h
Examining data/liboauth2-1.3.0/include/oauth2/nginx.h
Examining data/liboauth2-1.3.0/include/oauth2/oauth2.h
Examining data/liboauth2-1.3.0/include/oauth2/openidc.h
Examining data/liboauth2-1.3.0/include/oauth2/proto.h
Examining data/liboauth2-1.3.0/include/oauth2/session.h
Examining data/liboauth2-1.3.0/include/oauth2/util.h
Examining data/liboauth2-1.3.0/src/cache.c
Examining data/liboauth2-1.3.0/src/cache/file.c
Examining data/liboauth2-1.3.0/src/cache/memcache.c
Examining data/liboauth2-1.3.0/src/cache/redis.c
Examining data/liboauth2-1.3.0/src/cache/shm.c
Examining data/liboauth2-1.3.0/src/cache_int.h
Examining data/liboauth2-1.3.0/src/cfg/auth.c
Examining data/liboauth2-1.3.0/src/cfg/cache_cfg.c
Examining data/liboauth2-1.3.0/src/cfg/cfg.c
Examining data/liboauth2-1.3.0/src/cfg/openidc_cfg.c
Examining data/liboauth2-1.3.0/src/cfg/proto_cfg.c
Examining data/liboauth2-1.3.0/src/cfg/session_cfg.c
Examining data/liboauth2-1.3.0/src/cfg/source.c
Examining data/liboauth2-1.3.0/src/cfg/target.c
Examining data/liboauth2-1.3.0/src/cfg/verify.c
Examining data/liboauth2-1.3.0/src/cfg_int.h
Examining data/liboauth2-1.3.0/src/http.c
Examining data/liboauth2-1.3.0/src/ipc.c
Examining data/liboauth2-1.3.0/src/jose.c
Examining data/liboauth2-1.3.0/src/jose_int.h
Examining data/liboauth2-1.3.0/src/log.c
Examining data/liboauth2-1.3.0/src/mem.c
Examining data/liboauth2-1.3.0/src/oauth2.c
Examining data/liboauth2-1.3.0/src/oauth2_int.h
Examining data/liboauth2-1.3.0/src/openidc/openidc.c
Examining data/liboauth2-1.3.0/src/openidc/provider.c
Examining data/liboauth2-1.3.0/src/openidc/resolver.c
Examining data/liboauth2-1.3.0/src/openidc/state.c
Examining data/liboauth2-1.3.0/src/openidc_int.h
Examining data/liboauth2-1.3.0/src/proto.c
Examining data/liboauth2-1.3.0/src/server/apache.c
Examining data/liboauth2-1.3.0/src/server/nginx.c
Examining data/liboauth2-1.3.0/src/session.c
Examining data/liboauth2-1.3.0/src/util_int.h
Examining data/liboauth2-1.3.0/src/version.c
Examining data/liboauth2-1.3.0/src/util.c
Examining data/liboauth2-1.3.0/test/check_apache.c
Examining data/liboauth2-1.3.0/test/check_http.c
Examining data/liboauth2-1.3.0/test/check_ipc.c
Examining data/liboauth2-1.3.0/test/check_jose.c
Examining data/liboauth2-1.3.0/test/check_liboauth2.h
Examining data/liboauth2-1.3.0/test/check_log.c
Examining data/liboauth2-1.3.0/test/check_mem.c
Examining data/liboauth2-1.3.0/test/check_oauth2.c
Examining data/liboauth2-1.3.0/test/check_openidc.c
Examining data/liboauth2-1.3.0/test/check_proto.c
Examining data/liboauth2-1.3.0/test/check_util.c
Examining data/liboauth2-1.3.0/test/check_version.c
Examining data/liboauth2-1.3.0/test/server_stubs.c
Examining data/liboauth2-1.3.0/test/check_liboauth2.c
Examining data/liboauth2-1.3.0/test/check_cache.c
FINAL RESULTS:
data/liboauth2-1.3.0/src/util.c:701:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf(dst, len, fmt, ap);
data/liboauth2-1.3.0/test/check_liboauth2.c:72:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "HTTP/1.1 %s\nContent-Length: 0\nConnection: close\n\n",
data/liboauth2-1.3.0/test/check_liboauth2.c:215:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(buffer,
data/liboauth2-1.3.0/include/oauth2/nginx.h:69:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
? oauth2_strndup((const char *)value[1].data, \
data/liboauth2-1.3.0/include/oauth2/nginx.h:79:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
? oauth2_strndup((const char *)value[1].data, \
data/liboauth2-1.3.0/include/oauth2/nginx.h:83:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
? oauth2_strndup((const char *)value[2].data, \
data/liboauth2-1.3.0/src/cache/file.c:261:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(path, "rb");
data/liboauth2-1.3.0/src/cache/file.c:383:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(path, "wb");
data/liboauth2-1.3.0/src/cache/file.c:421:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fpath, "rb");
data/liboauth2-1.3.0/src/cache/file.c:504:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(path, "wb");
data/liboauth2-1.3.0/src/cache/redis.c:342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_timeout[OAUTH2_UINT_MAX_STR];
data/liboauth2-1.3.0/src/http.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[OAUTH2_HTTP_HDR_CONTENT_LENGTH_MAX];
data/liboauth2-1.3.0/src/http.c:854:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newptr, mem->memory, mem->size);
data/liboauth2-1.3.0/src/http.c:855:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newptr[mem->size]), contents, realsize);
data/liboauth2-1.3.0/src/http.c:900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[CURL_ERROR_SIZE];
data/liboauth2-1.3.0/src/jose.c:114:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md_value[EVP_MAX_MD_SIZE];
data/liboauth2-1.3.0/src/jose.c:158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*dst, md_value, *dst_len);
data/liboauth2-1.3.0/src/server/apache.c:804:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (json_integer_value(val) == atoi(spec_c))
data/liboauth2-1.3.0/src/server/apache.c:842:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (json_integer_value(elem) == atoi(spec_c))
data/liboauth2-1.3.0/src/server/nginx.c:170:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
oauth2_strndup((const char *)h[i].key.data, h[i].key.len);
data/liboauth2-1.3.0/src/server/nginx.c:171:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
value = oauth2_strndup((const char *)h[i].value.data,
data/liboauth2-1.3.0/src/util.c:348:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char escape_chars[6] = {'&', '\'', '\"', '>', '<', '\0'};
data/liboauth2-1.3.0/src/util.c:535:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, len);
data/liboauth2-1.3.0/src/util.c:1397:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "rb");
data/liboauth2-1.3.0/test/check_jose.c:126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char src_hash[32] = {
data/liboauth2-1.3.0/test/check_liboauth2.c:58:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[HTTP_SERVER_BUFSIZE + 1];
data/liboauth2-1.3.0/test/check_liboauth2.c:119:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[HTTP_SERVER_BUFSIZE + 1];
data/liboauth2-1.3.0/test/check_liboauth2.c:120:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char outbuf[HTTP_SERVER_BUFSIZE + 1];
data/liboauth2-1.3.0/test/check_liboauth2.c:158:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy(buffer, "GET /index.html");
data/liboauth2-1.3.0/test/check_liboauth2.c:196:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outbuf,
data/liboauth2-1.3.0/test/check_liboauth2.c:208:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file_fd = open(&buffer[5], O_RDONLY)) == -1) {
data/liboauth2-1.3.0/test/check_oauth2.c:500:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char metadata[512];
data/liboauth2-1.3.0/src/cache.c:154:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(passphrase), &cache->enc_key,
data/liboauth2-1.3.0/src/cache.c:429:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*value ? (unsigned long)strlen(*value) : 0);
data/liboauth2-1.3.0/src/cache.c:448:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key, value ? (unsigned long)strlen(value) : 0, ttl_s,
data/liboauth2-1.3.0/src/cache.c:591:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(plaintext);
data/liboauth2-1.3.0/src/cache/file.c:516:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info.len = strlen(value) + 1;
data/liboauth2-1.3.0/src/cache/memcache.c:57:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
impl->memc = memcached(config_string, strlen(config_string));
data/liboauth2-1.3.0/src/cache/memcache.c:165:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcached_get(impl->memc, key, strlen(key), &len, &flags, &mrc);
data/liboauth2-1.3.0/src/cache/memcache.c:197:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mrc = memcached_set(impl->memc, key, strlen(key), value,
data/liboauth2-1.3.0/src/cache/memcache.c:198:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value ? strlen(value) : 0, (time_t)ttl_s, flags);
data/liboauth2-1.3.0/src/cache/redis.c:306:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (reply->len != strlen(reply->str)) {
data/liboauth2-1.3.0/src/cache/shm.c:229:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) >= impl->max_key_size) {
data/liboauth2-1.3.0/src/cache/shm.c:233:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long)strlen(key), impl->max_key_size,
data/liboauth2-1.3.0/src/cache/shm.c:319:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((value != NULL) && (strlen(value) > impl->max_val_size)) {
data/liboauth2-1.3.0/src/cache/shm.c:323:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long)strlen(value),
data/liboauth2-1.3.0/src/cfg/auth.c:262:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *)client_secret, strlen(client_secret), &err);
data/liboauth2-1.3.0/src/cfg/auth.c:317:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auth->private_key_jwt.jwk = cjose_jwk_import(jwk, strlen(jwk), &err);
data/liboauth2-1.3.0/src/http.c:1037:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*response, buf.memory, buf.size);
data/liboauth2-1.3.0/src/http.c:1416:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = (strncasecmp(val, needle, strlen(needle)) == 0);
data/liboauth2-1.3.0/src/jose.c:193:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
secret ? strlen(secret) : 0, &key, &key_len);
data/liboauth2-1.3.0/src/jose.c:199:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(secret);
data/liboauth2-1.3.0/src/jose.c:267:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_sig_payload ? strlen(s_sig_payload) : 0, &err);
data/liboauth2-1.3.0/src/jose.c:310:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(s_enc_payload), &err);
data/liboauth2-1.3.0/src/jose.c:379:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jwe = cjose_jwe_import(cser, cser ? strlen(cser) : 0, &err);
data/liboauth2-1.3.0/src/jose.c:415:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(payload, (const char *)s_payload, payload_len);
data/liboauth2-1.3.0/src/jose.c:455:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(src), &hash_bytes,
data/liboauth2-1.3.0/src/jose.c:821:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(compact_encoded_jwt) - strlen(p));
data/liboauth2-1.3.0/src/jose.c:821:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(compact_encoded_jwt) - strlen(p));
data/liboauth2-1.3.0/src/jose.c:824:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(compact_encoded_jwt), strlen(p),
data/liboauth2-1.3.0/src/jose.c:824:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(compact_encoded_jwt), strlen(p),
data/liboauth2-1.3.0/src/jose.c:825:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(compact_encoded_jwt) - strlen(p));
data/liboauth2-1.3.0/src/jose.c:825:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(compact_encoded_jwt) - strlen(p));
data/liboauth2-1.3.0/src/jose.c:1111:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jws = cjose_jws_import(token, strlen(token), &err);
data/liboauth2-1.3.0/src/jose.c:1239:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cjose_jwk_set_kid(jwk, kid, strlen(kid), &err) == false) {
data/liboauth2-1.3.0/src/jose.c:1301:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(value);
data/liboauth2-1.3.0/src/jose.c:1386:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(value) / 2;
data/liboauth2-1.3.0/src/jose.c:1573:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jwk = cjose_jwk_import(value, strlen(value), &err);
data/liboauth2-1.3.0/src/oauth2.c:100:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(payload), &err);
data/liboauth2-1.3.0/src/server/apache.c:456:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = prefix ? strlen(prefix) : 0;
data/liboauth2-1.3.0/src/util.c:143:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src_len = src ? strlen(src) : 0;
data/liboauth2-1.3.0/src/util.c:275:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = curl_easy_escape(curl, src, strlen(src));
data/liboauth2-1.3.0/src/util.c:323:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = curl_easy_unescape(curl, replaced, strlen(replaced), NULL);
data/liboauth2-1.3.0/src/util.c:352:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
escape_chars_len = strlen(escape_chars);
data/liboauth2-1.3.0/src/util.c:353:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t m = 0, src_len = src ? strlen(src) : 0;
data/liboauth2-1.3.0/src/util.c:364:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m = strlen(replace_chars[n]);
data/liboauth2-1.3.0/src/util.c:403:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = &start[strlen(start)];
data/liboauth2-1.3.0/src/util.c:545:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return oauth2_strndup(src, src ? strlen(src) : 0);
data/liboauth2-1.3.0/src/util.c:568:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src) + strlen(add1) + strlen(add2) + strlen(add3) +
data/liboauth2-1.3.0/src/util.c:568:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src) + strlen(add1) + strlen(add2) + strlen(add3) +
data/liboauth2-1.3.0/src/util.c:568:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src) + strlen(add1) + strlen(add2) + strlen(add3) +
data/liboauth2-1.3.0/src/util.c:568:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src) + strlen(add1) + strlen(add2) + strlen(add3) +
data/liboauth2-1.3.0/src/util.c:569:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(add4) + 1;
data/liboauth2-1.3.0/src/util.c:1381:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(ns); i++) {
data/liboauth2-1.3.0/test/check_http.c:590:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request, get_json_path, strlen(get_json_path)) == 0) {
data/liboauth2-1.3.0/test/check_http.c:602:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(post_form_json_path)) == 0) {
data/liboauth2-1.3.0/test/check_jose.c:138:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *)src, strlen(src),
data/liboauth2-1.3.0/test/check_jose.c:151:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *)src, strlen(src),
data/liboauth2-1.3.0/test/check_jose.c:165:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *)src, strlen(src),
data/liboauth2-1.3.0/test/check_jose.c:225:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert(strncmp(cser, serialized_hdr, strlen(serialized_hdr)) == 0);
data/liboauth2-1.3.0/test/check_jose.c:232:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert(strncmp(cser, serialized_hdr, strlen(serialized_hdr)) == 0);
data/liboauth2-1.3.0/test/check_jose.c:342:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request, jwks_uri_path, strlen(jwks_uri_path)) == 0) {
data/liboauth2-1.3.0/test/check_liboauth2.c:75:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(socket_fd, buf, strlen(buf));
data/liboauth2-1.3.0/test/check_liboauth2.c:125:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(fd, buffer, HTTP_SERVER_BUFSIZE);
data/liboauth2-1.3.0/test/check_liboauth2.c:160:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = strlen(buffer);
data/liboauth2-1.3.0/test/check_liboauth2.c:163:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(extensions[i].ext);
data/liboauth2-1.3.0/test/check_liboauth2.c:177:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ptr->path);
data/liboauth2-1.3.0/test/check_liboauth2.c:199:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(response));
data/liboauth2-1.3.0/test/check_liboauth2.c:200:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, outbuf, strlen(outbuf));
data/liboauth2-1.3.0/test/check_liboauth2.c:201:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, response, strlen(response));
data/liboauth2-1.3.0/test/check_liboauth2.c:221:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(fd, buffer, strlen(buffer));
data/liboauth2-1.3.0/test/check_liboauth2.c:224:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ret = read(file_fd, buffer, HTTP_SERVER_BUFSIZE)) > 0) {
data/liboauth2-1.3.0/test/check_oauth2.c:239:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.")) == 0);
data/liboauth2-1.3.0/test/check_oauth2.c:330:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("eyJhbGciOiAiUlMyNTYiLCAidHlwIjogIkpXVCJ9.")) == 0);
data/liboauth2-1.3.0/test/check_oauth2.c:518:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request, get_jwks_uri_path, strlen(get_jwks_uri_path)) ==
data/liboauth2-1.3.0/test/check_oauth2.c:523:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request, get_eckey_url_path, strlen(get_eckey_url_path)) ==
data/liboauth2-1.3.0/test/check_oauth2.c:528:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request, metadata_path, strlen(metadata_path)) == 0) {
data/liboauth2-1.3.0/test/check_oauth2.c:549:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(post_introspection_path)) == 0) {
data/liboauth2-1.3.0/test/check_oauth2.c:550:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
request += strlen(post_introspection_path) + 5;
data/liboauth2-1.3.0/test/check_oauth2.c:554:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data += strlen(sep);
data/liboauth2-1.3.0/test/check_openidc.c:104:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cjose_jwk_import(jwk_rsa_str, strlen(jwk_rsa_str), &err);
data/liboauth2-1.3.0/test/check_openidc.c:120:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request, jwks_uri_path, strlen(jwks_uri_path)) == 0) {
data/liboauth2-1.3.0/test/check_openidc.c:126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(userinfo_endpoint_path)) == 0) {
data/liboauth2-1.3.0/test/check_openidc.c:180:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(payload), &err);
data/liboauth2-1.3.0/test/check_openidc.c:221:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(token_endpoint_path)) == 0) {
data/liboauth2-1.3.0/test/check_openidc.c:222:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
request += strlen(token_endpoint_path) + 5;
data/liboauth2-1.3.0/test/check_openidc.c:226:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data += strlen(sep);
data/liboauth2-1.3.0/test/check_openidc.c:633:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
state += strlen("state=");
data/liboauth2-1.3.0/test/check_proto.c:237:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(token_endpoint_path)) == 0) {
data/liboauth2-1.3.0/test/check_proto.c:238:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
request += strlen(token_endpoint_path) + 5;
data/liboauth2-1.3.0/test/check_proto.c:242:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data += strlen(sep);
data/liboauth2-1.3.0/test/check_util.c:227:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(plain), &dst);
data/liboauth2-1.3.0/test/check_util.c:229:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert_int_eq(dst_len, strlen(encoded));
data/liboauth2-1.3.0/test/check_util.c:259:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert_int_eq(dst_len, strlen(plain));
data/liboauth2-1.3.0/test/check_util.c:370:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert_int_eq(strlen(rv), 8);
data/liboauth2-1.3.0/test/check_util.c:376:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert_int_eq(strlen(rv), 16);
data/liboauth2-1.3.0/test/check_util.c:382:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ck_assert_int_eq(strlen(rv), 7);
ANALYSIS SUMMARY:
Hits = 127
Lines analyzed = 22761 in approximately 0.55 seconds (41223 lines/second)
Physical Source Lines of Code (SLOC) = 16176
Hits@level = [0] 5 [1] 95 [2] 29 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 132 [1+] 127 [2+] 32 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 8.16024 [1+] 7.85114 [2+] 1.97824 [3+] 0.18546 [4+] 0.18546 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.