Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libosmocore-1.4.0/include/osmocom/codec/codec.h
Examining data/libosmocore-1.4.0/include/osmocom/codec/ecu.h
Examining data/libosmocore-1.4.0/include/osmocom/codec/gsm610_bits.h
Examining data/libosmocore-1.4.0/include/osmocom/coding/gsm0503_amr_dtx.h
Examining data/libosmocore-1.4.0/include/osmocom/coding/gsm0503_coding.h
Examining data/libosmocore-1.4.0/include/osmocom/coding/gsm0503_interleaving.h
Examining data/libosmocore-1.4.0/include/osmocom/coding/gsm0503_mapping.h
Examining data/libosmocore-1.4.0/include/osmocom/coding/gsm0503_parity.h
Examining data/libosmocore-1.4.0/include/osmocom/coding/gsm0503_tables.h
Examining data/libosmocore-1.4.0/include/osmocom/core/application.h
Examining data/libosmocore-1.4.0/include/osmocom/core/backtrace.h
Examining data/libosmocore-1.4.0/include/osmocom/core/bitcomp.h
Examining data/libosmocore-1.4.0/include/osmocom/core/bits.h
Examining data/libosmocore-1.4.0/include/osmocom/core/bitvec.h
Examining data/libosmocore-1.4.0/include/osmocom/core/byteswap.h
Examining data/libosmocore-1.4.0/include/osmocom/core/conv.h
Examining data/libosmocore-1.4.0/include/osmocom/core/counter.h
Examining data/libosmocore-1.4.0/include/osmocom/core/crc16.h
Examining data/libosmocore-1.4.0/include/osmocom/core/crcgen.h
Examining data/libosmocore-1.4.0/include/osmocom/core/defs.h
Examining data/libosmocore-1.4.0/include/osmocom/core/endian.h
Examining data/libosmocore-1.4.0/include/osmocom/core/exec.h
Examining data/libosmocore-1.4.0/include/osmocom/core/fsm.h
Examining data/libosmocore-1.4.0/include/osmocom/core/gsmtap.h
Examining data/libosmocore-1.4.0/include/osmocom/core/gsmtap_util.h
Examining data/libosmocore-1.4.0/include/osmocom/core/isdnhdlc.h
Examining data/libosmocore-1.4.0/include/osmocom/core/linuxlist.h
Examining data/libosmocore-1.4.0/include/osmocom/core/linuxrbtree.h
Examining data/libosmocore-1.4.0/include/osmocom/core/logging.h
Examining data/libosmocore-1.4.0/include/osmocom/core/logging_internal.h
Examining data/libosmocore-1.4.0/include/osmocom/core/loggingrb.h
Examining data/libosmocore-1.4.0/include/osmocom/core/macaddr.h
Examining data/libosmocore-1.4.0/include/osmocom/core/msgb.h
Examining data/libosmocore-1.4.0/include/osmocom/core/msgfile.h
Examining data/libosmocore-1.4.0/include/osmocom/core/panic.h
Examining data/libosmocore-1.4.0/include/osmocom/core/plugin.h
Examining data/libosmocore-1.4.0/include/osmocom/core/prbs.h
Examining data/libosmocore-1.4.0/include/osmocom/core/prim.h
Examining data/libosmocore-1.4.0/include/osmocom/core/process.h
Examining data/libosmocore-1.4.0/include/osmocom/core/rate_ctr.h
Examining data/libosmocore-1.4.0/include/osmocom/core/select.h
Examining data/libosmocore-1.4.0/include/osmocom/core/sercomm.h
Examining data/libosmocore-1.4.0/include/osmocom/core/serial.h
Examining data/libosmocore-1.4.0/include/osmocom/core/signal.h
Examining data/libosmocore-1.4.0/include/osmocom/core/sockaddr_str.h
Examining data/libosmocore-1.4.0/include/osmocom/core/socket.h
Examining data/libosmocore-1.4.0/include/osmocom/core/stat_item.h
Examining data/libosmocore-1.4.0/include/osmocom/core/statistics.h
Examining data/libosmocore-1.4.0/include/osmocom/core/stats.h
Examining data/libosmocore-1.4.0/include/osmocom/core/strrb.h
Examining data/libosmocore-1.4.0/include/osmocom/core/talloc.h
Examining data/libosmocore-1.4.0/include/osmocom/core/tdef.h
Examining data/libosmocore-1.4.0/include/osmocom/core/timer.h
Examining data/libosmocore-1.4.0/include/osmocom/core/timer_compat.h
Examining data/libosmocore-1.4.0/include/osmocom/core/use_count.h
Examining data/libosmocore-1.4.0/include/osmocom/core/utils.h
Examining data/libosmocore-1.4.0/include/osmocom/core/write_queue.h
Examining data/libosmocore-1.4.0/include/osmocom/crypt/auth.h
Examining data/libosmocore-1.4.0/include/osmocom/crypt/gprs_cipher.h
Examining data/libosmocore-1.4.0/include/osmocom/ctrl/control_cmd.h
Examining data/libosmocore-1.4.0/include/osmocom/ctrl/control_if.h
Examining data/libosmocore-1.4.0/include/osmocom/ctrl/control_vty.h
Examining data/libosmocore-1.4.0/include/osmocom/ctrl/ports.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/gprs_bssgp.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/gprs_bssgp_bss.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/gprs_msgb.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/gprs_ns.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/gprs_ns_frgre.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/gprs_rlc.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/protocol/gsm_04_60.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/protocol/gsm_08_16.h
Examining data/libosmocore-1.4.0/include/osmocom/gprs/protocol/gsm_08_18.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/a5.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/abis_nm.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/apn.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/bitvec_gsm.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/bts_features.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/cbsp.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/comp128.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/comp128v23.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gan.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gea.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0341.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0411_smc.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0411_smr.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0411_utils.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0480.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0502.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0808.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm0808_utils.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm23003.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm23236.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm29118.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm29205.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm48.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm48_arfcn_range_encode.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm48_ie.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm48_rest_octets.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsm_utils.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsup.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/gsup_sms.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/i460_mux.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/ipa.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/kasumi.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/l1sap.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/lapd_core.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/lapdm.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/meas_rep.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/mncc.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/oap.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/oap_client.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/prim.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_03_40.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_03_41.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_04_08.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_04_08_gprs.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_04_11.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_04_12.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_04_14.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_04_80.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_08_08.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_08_58.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_09_02.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_12_21.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_23_003.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_23_041.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_29_118.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_44_318.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/gsm_48_049.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/protocol/smpp34_osmocom.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/rsl.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/rxlev_stat.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/sysinfo.h
Examining data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h
Examining data/libosmocore-1.4.0/include/osmocom/sim/class_tables.h
Examining data/libosmocore-1.4.0/include/osmocom/sim/sim.h
Examining data/libosmocore-1.4.0/include/osmocom/usb/libusb.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/buffer.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/command.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/cpu_sched_vty.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/logging.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/misc.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/ports.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/stats.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/tdef_vty.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/telnet_interface.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/vector.h
Examining data/libosmocore-1.4.0/include/osmocom/vty/vty.h
Examining data/libosmocore-1.4.0/src/application.c
Examining data/libosmocore-1.4.0/src/backtrace.c
Examining data/libosmocore-1.4.0/src/bitcomp.c
Examining data/libosmocore-1.4.0/src/bits.c
Examining data/libosmocore-1.4.0/src/bitvec.c
Examining data/libosmocore-1.4.0/src/codec/ecu.c
Examining data/libosmocore-1.4.0/src/codec/ecu_fr.c
Examining data/libosmocore-1.4.0/src/codec/gsm610.c
Examining data/libosmocore-1.4.0/src/codec/gsm620.c
Examining data/libosmocore-1.4.0/src/codec/gsm660.c
Examining data/libosmocore-1.4.0/src/codec/gsm690.c
Examining data/libosmocore-1.4.0/src/coding/gsm0503_amr_dtx.c
Examining data/libosmocore-1.4.0/src/coding/gsm0503_coding.c
Examining data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c
Examining data/libosmocore-1.4.0/src/coding/gsm0503_mapping.c
Examining data/libosmocore-1.4.0/src/coding/gsm0503_parity.c
Examining data/libosmocore-1.4.0/src/coding/gsm0503_tables.c
Examining data/libosmocore-1.4.0/src/context.c
Examining data/libosmocore-1.4.0/src/conv.c
Examining data/libosmocore-1.4.0/src/conv_acc.c
Examining data/libosmocore-1.4.0/src/conv_acc_generic.c
Examining data/libosmocore-1.4.0/src/conv_acc_neon.c
Examining data/libosmocore-1.4.0/src/conv_acc_neon_impl.h
Examining data/libosmocore-1.4.0/src/conv_acc_sse.c
Examining data/libosmocore-1.4.0/src/conv_acc_sse_avx.c
Examining data/libosmocore-1.4.0/src/conv_acc_sse_impl.h
Examining data/libosmocore-1.4.0/src/counter.c
Examining data/libosmocore-1.4.0/src/crc16.c
Examining data/libosmocore-1.4.0/src/ctrl/control_cmd.c
Examining data/libosmocore-1.4.0/src/ctrl/control_if.c
Examining data/libosmocore-1.4.0/src/ctrl/control_vty.c
Examining data/libosmocore-1.4.0/src/ctrl/fsm_ctrl_commands.c
Examining data/libosmocore-1.4.0/src/exec.c
Examining data/libosmocore-1.4.0/src/fsm.c
Examining data/libosmocore-1.4.0/src/gb/common_vty.c
Examining data/libosmocore-1.4.0/src/gb/common_vty.h
Examining data/libosmocore-1.4.0/src/gb/gb_internal.h
Examining data/libosmocore-1.4.0/src/gb/gprs_bssgp.c
Examining data/libosmocore-1.4.0/src/gb/gprs_bssgp_bss.c
Examining data/libosmocore-1.4.0/src/gb/gprs_bssgp_internal.h
Examining data/libosmocore-1.4.0/src/gb/gprs_bssgp_util.c
Examining data/libosmocore-1.4.0/src/gb/gprs_bssgp_vty.c
Examining data/libosmocore-1.4.0/src/gb/gprs_ns.c
Examining data/libosmocore-1.4.0/src/gb/gprs_ns_frgre.c
Examining data/libosmocore-1.4.0/src/gb/gprs_ns_sns.c
Examining data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c
Examining data/libosmocore-1.4.0/src/gsm/a5.c
Examining data/libosmocore-1.4.0/src/gsm/abis_nm.c
Examining data/libosmocore-1.4.0/src/gsm/apn.c
Examining data/libosmocore-1.4.0/src/gsm/auth_comp128v1.c
Examining data/libosmocore-1.4.0/src/gsm/auth_comp128v23.c
Examining data/libosmocore-1.4.0/src/gsm/auth_core.c
Examining data/libosmocore-1.4.0/src/gsm/auth_milenage.c
Examining data/libosmocore-1.4.0/src/gsm/auth_xor.c
Examining data/libosmocore-1.4.0/src/gsm/bts_features.c
Examining data/libosmocore-1.4.0/src/gsm/cbsp.c
Examining data/libosmocore-1.4.0/src/gsm/comp128.c
Examining data/libosmocore-1.4.0/src/gsm/comp128v23.c
Examining data/libosmocore-1.4.0/src/gsm/gan.c
Examining data/libosmocore-1.4.0/src/gsm/gea.c
Examining data/libosmocore-1.4.0/src/gsm/gprs_cipher_core.c
Examining data/libosmocore-1.4.0/src/gsm/gprs_gea.c
Examining data/libosmocore-1.4.0/src/gsm/gprs_rlc.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0341.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0411_smc.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0411_smr.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0411_utils.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0414.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0480.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0502.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0808.c
Examining data/libosmocore-1.4.0/src/gsm/gsm23003.c
Examining data/libosmocore-1.4.0/src/gsm/gsm23236.c
Examining data/libosmocore-1.4.0/src/gsm/gsm29118.c
Examining data/libosmocore-1.4.0/src/gsm/gsm29205.c
Examining data/libosmocore-1.4.0/src/gsm/gsm48.c
Examining data/libosmocore-1.4.0/src/gsm/gsm48049.c
Examining data/libosmocore-1.4.0/src/gsm/gsm48_arfcn_range_encode.c
Examining data/libosmocore-1.4.0/src/gsm/gsm48_ie.c
Examining data/libosmocore-1.4.0/src/gsm/gsm48_rest_octets.c
Examining data/libosmocore-1.4.0/src/gsm/gsm_04_08_gprs.c
Examining data/libosmocore-1.4.0/src/gsm/gsm_utils.c
Examining data/libosmocore-1.4.0/src/gsm/gsup.c
Examining data/libosmocore-1.4.0/src/gsm/gsup_sms.c
Examining data/libosmocore-1.4.0/src/gsm/i460_mux.c
Examining data/libosmocore-1.4.0/src/gsm/ipa.c
Examining data/libosmocore-1.4.0/src/gsm/kasumi.c
Examining data/libosmocore-1.4.0/src/gsm/lapd_core.c
Examining data/libosmocore-1.4.0/src/gsm/lapdm.c
Examining data/libosmocore-1.4.0/src/gsm/milenage/aes-encblock.c
Examining data/libosmocore-1.4.0/src/gsm/milenage/aes-internal-enc.c
Examining data/libosmocore-1.4.0/src/gsm/milenage/aes-internal.c
Examining data/libosmocore-1.4.0/src/gsm/milenage/aes.h
Examining data/libosmocore-1.4.0/src/gsm/milenage/aes_i.h
Examining data/libosmocore-1.4.0/src/gsm/milenage/aes_wrap.h
Examining data/libosmocore-1.4.0/src/gsm/milenage/common.h
Examining data/libosmocore-1.4.0/src/gsm/milenage/crypto.h
Examining data/libosmocore-1.4.0/src/gsm/milenage/includes.h
Examining data/libosmocore-1.4.0/src/gsm/milenage/milenage.c
Examining data/libosmocore-1.4.0/src/gsm/milenage/milenage.h
Examining data/libosmocore-1.4.0/src/gsm/mncc.c
Examining data/libosmocore-1.4.0/src/gsm/oap.c
Examining data/libosmocore-1.4.0/src/gsm/oap_client.c
Examining data/libosmocore-1.4.0/src/gsm/rsl.c
Examining data/libosmocore-1.4.0/src/gsm/rxlev_stat.c
Examining data/libosmocore-1.4.0/src/gsm/sysinfo.c
Examining data/libosmocore-1.4.0/src/gsm/tlv_parser.c
Examining data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c
Examining data/libosmocore-1.4.0/src/gsmtap_util.c
Examining data/libosmocore-1.4.0/src/isdnhdlc.c
Examining data/libosmocore-1.4.0/src/logging.c
Examining data/libosmocore-1.4.0/src/logging_gsmtap.c
Examining data/libosmocore-1.4.0/src/logging_syslog.c
Examining data/libosmocore-1.4.0/src/loggingrb.c
Examining data/libosmocore-1.4.0/src/macaddr.c
Examining data/libosmocore-1.4.0/src/msgb.c
Examining data/libosmocore-1.4.0/src/msgfile.c
Examining data/libosmocore-1.4.0/src/panic.c
Examining data/libosmocore-1.4.0/src/prbs.c
Examining data/libosmocore-1.4.0/src/prim.c
Examining data/libosmocore-1.4.0/src/pseudotalloc/pseudotalloc.c
Examining data/libosmocore-1.4.0/src/pseudotalloc/talloc.h
Examining data/libosmocore-1.4.0/src/rate_ctr.c
Examining data/libosmocore-1.4.0/src/rbtree.c
Examining data/libosmocore-1.4.0/src/select.c
Examining data/libosmocore-1.4.0/src/sercomm.c
Examining data/libosmocore-1.4.0/src/serial.c
Examining data/libosmocore-1.4.0/src/signal.c
Examining data/libosmocore-1.4.0/src/sim/card_fs_hpsim.c
Examining data/libosmocore-1.4.0/src/sim/card_fs_isim.c
Examining data/libosmocore-1.4.0/src/sim/card_fs_sim.c
Examining data/libosmocore-1.4.0/src/sim/card_fs_tetra.c
Examining data/libosmocore-1.4.0/src/sim/card_fs_uicc.c
Examining data/libosmocore-1.4.0/src/sim/card_fs_usim.c
Examining data/libosmocore-1.4.0/src/sim/class_tables.c
Examining data/libosmocore-1.4.0/src/sim/core.c
Examining data/libosmocore-1.4.0/src/sim/gsm_int.h
Examining data/libosmocore-1.4.0/src/sim/reader.c
Examining data/libosmocore-1.4.0/src/sim/reader_pcsc.c
Examining data/libosmocore-1.4.0/src/sim/sim_int.h
Examining data/libosmocore-1.4.0/src/sockaddr_str.c
Examining data/libosmocore-1.4.0/src/socket.c
Examining data/libosmocore-1.4.0/src/stat_item.c
Examining data/libosmocore-1.4.0/src/stats.c
Examining data/libosmocore-1.4.0/src/stats_statsd.c
Examining data/libosmocore-1.4.0/src/strrb.c
Examining data/libosmocore-1.4.0/src/tdef.c
Examining data/libosmocore-1.4.0/src/timer.c
Examining data/libosmocore-1.4.0/src/timer_gettimeofday.c
Examining data/libosmocore-1.4.0/src/usb/osmo_libusb.c
Examining data/libosmocore-1.4.0/src/use_count.c
Examining data/libosmocore-1.4.0/src/utils.c
Examining data/libosmocore-1.4.0/src/vty/buffer.c
Examining data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c
Examining data/libosmocore-1.4.0/src/vty/fsm_vty.c
Examining data/libosmocore-1.4.0/src/vty/logging_vty.c
Examining data/libosmocore-1.4.0/src/vty/stats_vty.c
Examining data/libosmocore-1.4.0/src/vty/talloc_ctx_vty.c
Examining data/libosmocore-1.4.0/src/vty/tdef_vty.c
Examining data/libosmocore-1.4.0/src/vty/telnet_interface.c
Examining data/libosmocore-1.4.0/src/vty/utils.c
Examining data/libosmocore-1.4.0/src/vty/vector.c
Examining data/libosmocore-1.4.0/src/vty/command.c
Examining data/libosmocore-1.4.0/src/vty/vty.c
Examining data/libosmocore-1.4.0/src/write_queue.c
Examining data/libosmocore-1.4.0/src/plugin.c
Examining data/libosmocore-1.4.0/src/timer_clockgettime.c
Examining data/libosmocore-1.4.0/tests/a5/a5_test.c
Examining data/libosmocore-1.4.0/tests/abis/abis_test.c
Examining data/libosmocore-1.4.0/tests/auth/milenage_test.c
Examining data/libosmocore-1.4.0/tests/bits/bitcomp_test.c
Examining data/libosmocore-1.4.0/tests/bits/bitfield_test.c
Examining data/libosmocore-1.4.0/tests/bits/bitrev_test.c
Examining data/libosmocore-1.4.0/tests/bitvec/bitvec_test.c
Examining data/libosmocore-1.4.0/tests/codec/codec_ecu_fr_test.c
Examining data/libosmocore-1.4.0/tests/codec/codec_test.c
Examining data/libosmocore-1.4.0/tests/coding/coding_test.c
Examining data/libosmocore-1.4.0/tests/comp128/comp128_test.c
Examining data/libosmocore-1.4.0/tests/context/context_test.c
Examining data/libosmocore-1.4.0/tests/conv/conv.c
Examining data/libosmocore-1.4.0/tests/conv/conv.h
Examining data/libosmocore-1.4.0/tests/conv/conv_gsm0503_test.c
Examining data/libosmocore-1.4.0/tests/conv/conv_test.c
Examining data/libosmocore-1.4.0/tests/ctrl/ctrl_test.c
Examining data/libosmocore-1.4.0/tests/dtx/dtx_gsm0503_test.c
Examining data/libosmocore-1.4.0/tests/endian/endian_test.c
Examining data/libosmocore-1.4.0/tests/exec/exec_test.c
Examining data/libosmocore-1.4.0/tests/fr/fr_test.c
Examining data/libosmocore-1.4.0/tests/fsm/fsm_dealloc_test.c
Examining data/libosmocore-1.4.0/tests/fsm/fsm_test.c
Examining data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c
Examining data/libosmocore-1.4.0/tests/gb/gprs_bssgp_test.c
Examining data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c
Examining data/libosmocore-1.4.0/tests/gea/gea_test.c
Examining data/libosmocore-1.4.0/tests/gprs/gprs_test.c
Examining data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c
Examining data/libosmocore-1.4.0/tests/gsm0502/gsm0502_test.c
Examining data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c
Examining data/libosmocore-1.4.0/tests/gsm23003/gsm23003_test.c
Examining data/libosmocore-1.4.0/tests/gsm23236/gsm23236_test.c
Examining data/libosmocore-1.4.0/tests/gsm29205/gsm29205_test.c
Examining data/libosmocore-1.4.0/tests/gsup/gsup_test.c
Examining data/libosmocore-1.4.0/tests/i460_mux/i460_mux_test.c
Examining data/libosmocore-1.4.0/tests/kasumi/kasumi_test.c
Examining data/libosmocore-1.4.0/tests/lapd/lapd_test.c
Examining data/libosmocore-1.4.0/tests/libsercomstub.c
Examining data/libosmocore-1.4.0/tests/logging/logging_test.c
Examining data/libosmocore-1.4.0/tests/logging/logging_vty_test.c
Examining data/libosmocore-1.4.0/tests/loggingrb/loggingrb_test.c
Examining data/libosmocore-1.4.0/tests/msgb/msgb_test.c
Examining data/libosmocore-1.4.0/tests/msgfile/msgfile_test.c
Examining data/libosmocore-1.4.0/tests/oap/oap_client_test.c
Examining data/libosmocore-1.4.0/tests/oap/oap_test.c
Examining data/libosmocore-1.4.0/tests/prbs/prbs_test.c
Examining data/libosmocore-1.4.0/tests/sercomm/sercomm_test.c
Examining data/libosmocore-1.4.0/tests/sim/sim_test.c
Examining data/libosmocore-1.4.0/tests/sms/sms_test.c
Examining data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c
Examining data/libosmocore-1.4.0/tests/smscb/smscb_test.c
Examining data/libosmocore-1.4.0/tests/sockaddr_str/sockaddr_str_test.c
Examining data/libosmocore-1.4.0/tests/socket/socket_test.c
Examining data/libosmocore-1.4.0/tests/stats/stats_test.c
Examining data/libosmocore-1.4.0/tests/strrb/strrb_test.c
Examining data/libosmocore-1.4.0/tests/tdef/tdef_test.c
Examining data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_config_root.c
Examining data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_config_subnode.c
Examining data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_dynamic.c
Examining data/libosmocore-1.4.0/tests/timer/timer_test.c
Examining data/libosmocore-1.4.0/tests/timer/clk_override_test.c
Examining data/libosmocore-1.4.0/tests/tlv/tlv_test.c
Examining data/libosmocore-1.4.0/tests/use_count/use_count_test.c
Examining data/libosmocore-1.4.0/tests/ussd/ussd_test.c
Examining data/libosmocore-1.4.0/tests/utils/utils_test.c
Examining data/libosmocore-1.4.0/tests/vty/vty_test.c
Examining data/libosmocore-1.4.0/tests/vty/vty_transcript_test.c
Examining data/libosmocore-1.4.0/tests/write_queue/wqueue_test.c
Examining data/libosmocore-1.4.0/utils/osmo-arfcn.c
Examining data/libosmocore-1.4.0/utils/osmo-auc-gen.c
Examining data/libosmocore-1.4.0/utils/osmo-config-merge.c
Examining data/libosmocore-1.4.0/utils/osmo-sim-test.c
FINAL RESULTS:
data/libosmocore-1.4.0/src/vty/command.c:2974:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(config_file, 0666 & ~CONFIGFILE_MASK) != 0) {
data/libosmocore-1.4.0/include/osmocom/core/logging.h:353:29: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 6, 7)));
data/libosmocore-1.4.0/include/osmocom/core/utils.h:255:29: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
OSMO_STRBUF_APPEND(STRBUF, snprintf, fmt, ##args)
data/libosmocore-1.4.0/src/exec.c:264:3: [4] (shell) execle:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execle("/bin/sh", "sh", "-c", command, (char *) NULL, new_env);
data/libosmocore-1.4.0/src/fsm.c:588:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "%"PRIu32, event);
data/libosmocore-1.4.0/src/fsm.c:618:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "unknown %"PRIu32, state);
data/libosmocore-1.4.0/src/gsm/abis_nm.c:746:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(add_text, ABIS_NM_MSG_HEADROOM, fmt, ap);
data/libosmocore-1.4.0/src/gsm/apn.c:38:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, buf_len-1, APN_GPRS_FMT, ni, mnc, mcc);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:1860:47: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define APPEND_STR(fmt, args...) APPEND_THING(snprintf, fmt, ##args)
data/libosmocore-1.4.0/src/gsm/gsm23003.c:545:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(out, "mmec%02x.mmegi%04x.mme.%s", gummei->mme.code, gummei->mme.group_id, domain);
data/libosmocore-1.4.0/src/gsm/gsm23003.c:579:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
return sprintf(out, "mmegi%04x.mme.%s", mmegi, domain);
data/libosmocore-1.4.0/src/gsm/gsm48.c:483:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, buf_len, "TMSI-0x%08" PRIX32, tmsi);
data/libosmocore-1.4.0/src/gsm/gsm48.c:1214:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return snprintf(string, str_len, "%"PRIu32, tmsi);
data/libosmocore-1.4.0/src/gsm/gsm_utils.c:893:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, buf_len, "%06"PRIu32"/%02"PRIu16"/%02"PRIu8"/%02"PRIu8"/%02"PRIu8,
data/libosmocore-1.4.0/src/gsm/milenage/aes-internal-enc.c:114:50: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/libosmocore-1.4.0/src/gsm/milenage/aes-internal-enc.c:116:30: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
rijndaelEncrypt(ctx, plain, crypt);
data/libosmocore-1.4.0/src/gsm/milenage/aes.h:23:50: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
data/libosmocore-1.4.0/src/gsm/milenage/aes.h:26:39: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
data/libosmocore-1.4.0/src/logging.c:473:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buf + offset, rem, format, ap);
data/libosmocore-1.4.0/src/logging.c:504:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = snprintf(buf + offset, rem, OSMO_LOGCOLOR_END);
data/libosmocore-1.4.0/src/logging_gsmtap.c:101:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf((char *) msg->tail, msgb_tailroom(msg), format, ap);
data/libosmocore-1.4.0/src/msgb.c:566:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf((char *)msgb->tail, msgb_tailroom(msgb), format, args);
data/libosmocore-1.4.0/src/panic.c:47:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/libosmocore-1.4.0/src/pseudotalloc/pseudotalloc.c:98:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (len < vsnprintf(buf, len, fmt, args))
data/libosmocore-1.4.0/src/pseudotalloc/pseudotalloc.c:117:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, 128, fmt, ap);
data/libosmocore-1.4.0/src/sim/reader_pcsc.c:42:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, text ": %s (0x%lX)\n", pcsc_stringify_error(rv), rv); \
data/libosmocore-1.4.0/src/sim/reader_pcsc.c:45:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(text ": OK\n\n"); \
data/libosmocore-1.4.0/src/stats_statsd.c:125:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
nchars = snprintf(buf, buf_size, fmt,
data/libosmocore-1.4.0/src/stats_statsd.c:140:12: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
nchars = snprintf(buf, buf_size, fmt,
data/libosmocore-1.4.0/src/utils.c:63:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(namebuf, sizeof(namebuf), "unknown 0x%"PRIx32, val);
data/libosmocore-1.4.0/src/vty/command.c:767:7: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
rc = vfprintf((FILE*)data, format, args);
data/libosmocore-1.4.0/src/vty/command.c:839:8: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt(const char *, const char *);
data/libosmocore-1.4.0/src/vty/command.c:847:9: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return crypt(passwd, salt);
data/libosmocore-1.4.0/src/vty/command.c:2896:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_file_sav, config_file);
data/libosmocore-1.4.0/src/vty/command.c:2897:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(config_file_sav, CONF_BACKUP_EXT);
data/libosmocore-1.4.0/src/vty/command.c:2905:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(config_file_tmp, "%s.XXXXXX", config_file);
data/libosmocore-1.4.0/src/vty/command.c:3580:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "%s/%s", cwd, fname);
data/libosmocore-1.4.0/src/vty/vty.c:155:8: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypt(const char *, const char *);
data/libosmocore-1.4.0/src/vty/vty.c:184:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
fail = strcmp(crypt(vty->buf, passwd), passwd);
data/libosmocore-1.4.0/src/vty/vty.c:271:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, ap);
data/libosmocore-1.4.0/src/vty/vty.c:276:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, sizeof buf, format, args);
data/libosmocore-1.4.0/src/vty/vty.c:292:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(p, size, format, args);
data/libosmocore-1.4.0/src/vty/vty.c:526:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&vty->buf[vty->cp], str);
data/libosmocore-1.4.0/src/vty/vty.c:1778:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vty_cwd, cwd);
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:110:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(": buffer %s known buffer %s loaded %.16" PRIx64 " expected %.16" PRIx64, s, dump, result, expected);
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:127:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(": buffer %s known buffer %s loaded %.8" PRIx32 " expected %.8" PRIx32, s, dump, result, expected);
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:144:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(": buffer %s known buffer %s loaded %.4" PRIx16 " expected %.4" PRIx16, s, dump, result, expected);
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:179:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(s, 17, "%.16" PRIx64, expected);
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:192:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(s, 17, "%.8" PRIx32, expected);
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:204:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(s, 17, "%.4" PRIx16, test);
data/libosmocore-1.4.0/tests/bitvec/bitvec_test.c:147:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(OSMO_BIT_SPEC " ", OSMO_BIT_PRINT(b->data[i]));
data/libosmocore-1.4.0/tests/coding/coding_test.c:55:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printd(fmt, args...) printf(fmt, ##args)
data/libosmocore-1.4.0/tests/kasumi/kasumi_test.c:35:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(passed ? " OK. " : "FAILED!");
data/libosmocore-1.4.0/tests/msgb/msgb_test.c:48:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/libosmocore-1.4.0/tests/strrb/strrb_test.c:199:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tests2, tests1);
data/libosmocore-1.4.0/tests/use_count/use_count_test.c:39:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define log(fmt, args...) fprintf(stderr, fmt, ##args)
data/libosmocore-1.4.0/tests/utils/utils_test.c:1083:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
OSMO_STRBUF_APPEND(sb, snprintf, "The answer is %d but what is the question?", 42);
data/libosmocore-1.4.0/include/osmocom/gsm/comp128.h:20:50: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void comp128v1(const uint8_t *ki, const uint8_t *srand, uint8_t *sres, uint8_t *kc);
data/libosmocore-1.4.0/include/osmocom/gsm/comp128.h:22:48: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void comp128(const uint8_t *ki, const uint8_t *srand, uint8_t *sres, uint8_t *kc) OSMO_DEPRECATED("Use generic API from osmocom/crypt/auth.h instead");
data/libosmocore-1.4.0/src/vty/command.c:843:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
to64(&salt[0], random(), 3);
data/libosmocore-1.4.0/src/vty/command.c:3984:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libosmocore-1.4.0/tests/auth/milenage_test.c:86:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libosmocore-1.4.0/tests/bits/bitcomp_test.c:18:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:231:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libosmocore-1.4.0/tests/conv/conv.c:17:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
b[i] = random() & 1;
data/libosmocore-1.4.0/tests/conv/conv.c:30:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(time(NULL));
data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c:155:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "s:r:d:l:c:",
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:1300:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(1);
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:1312:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
min_freq = random() % (1023 - range);
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:1315:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int arfcn = min_freq + random() % (range + 1);
data/libosmocore-1.4.0/tests/logging/logging_vty_test.c:163:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hc:d:Dc:sTVe:",
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:41:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_config_root.c:165:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hc:d:Dc:sTVe:",
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_config_subnode.c:158:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hc:d:Dc:sTVe:",
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_dynamic.c:232:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hc:d:Dc:sTVe:",
data/libosmocore-1.4.0/tests/timer/timer_test.c:172:14: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, "s:", NULL, NULL)) != -1) {
data/libosmocore-1.4.0/tests/utils/utils_test.c:757:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/libosmocore-1.4.0/tests/vty/vty_transcript_test.c:79:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hc:d:Dc:sTVe:",
data/libosmocore-1.4.0/utils/osmo-arfcn.c:103:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "pa:f:udh")) != -1) {
data/libosmocore-1.4.0/utils/osmo-auc-gen.c:137:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "23a:k:o:f:s:i:l:r:hO:A:I", long_options,
data/libosmocore-1.4.0/utils/osmo-sim-test.c:483:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, "hn:o:",
data/libosmocore-1.4.0/include/osmocom/core/gsmtap.h:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proc_name[16]; /*!< name of process */
data/libosmocore-1.4.0/include/osmocom/core/gsmtap.h:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsys[16]; /*!< logging sub-system */
data/libosmocore-1.4.0/include/osmocom/core/gsmtap.h:321:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; /*!< source file name */
data/libosmocore-1.4.0/include/osmocom/core/msgb.h:60:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char _data[0]; /*!< optional immediate data array */
data/libosmocore-1.4.0/include/osmocom/core/sockaddr_str.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[INET6_ADDRSTRLEN];
data/libosmocore-1.4.0/include/osmocom/core/stats.h:95:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(struct osmo_stats_reporter *srep);
data/libosmocore-1.4.0/include/osmocom/ctrl/control_cmd.h:172:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int tmp = atoi(cmd->value); \
data/libosmocore-1.4.0/include/osmocom/ctrl/control_cmd.h:184:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int tmp = atoi(value); \
data/libosmocore-1.4.0/include/osmocom/gsm/abis_nm.h:11:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char abis_nm_ipa_magic[13];
data/libosmocore-1.4.0/include/osmocom/gsm/abis_nm.h:12:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char abis_nm_osmo_magic[12];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm0480.h:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_LEN_USSD_STRING + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm29118.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[GSM48_MI_SIZE];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm29118.h:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlr_name[SGS_VLR_NAME_MAXLEN + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm29118.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlr_name[SGS_VLR_NAME_MAXLEN + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm29118.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mme_name[SGS_MME_NAME_LEN + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm48.h:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[GSM23003_IMSI_MAX_DIGITS + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm48.h:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imei[GSM23003_IMEI_NUM_DIGITS + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsm48.h:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imeisv[GSM23003_IMEISV_NUM_DIGITS + 1];
data/libosmocore-1.4.0/include/osmocom/gsm/gsup.h:304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[OSMO_IMSI_BUF_SIZE];
data/libosmocore-1.4.0/include/osmocom/gsm/mncc.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[33];
data/libosmocore-1.4.0/include/osmocom/gsm/mncc.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diag[32];
data/libosmocore-1.4.0/include/osmocom/gsm/mncc.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[GSM_MAX_USERUSER + 1]; /* + termination char */
data/libosmocore-1.4.0/include/osmocom/gsm/mncc.h:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[GSM_MAX_FACILITY];
data/libosmocore-1.4.0/include/osmocom/gsm/mncc.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[GSM_MAX_SSVERSION];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char more_magic[2];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sw_part[20];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[64];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time[12];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[14];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[10];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[20];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text1[64];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time[12];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[14];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[10];
data/libosmocore-1.4.0/include/osmocom/gsm/protocol/ipaccess.h:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[20];
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:107:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:128:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len*2);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:139:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, val, len);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:288:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len);
data/libosmocore-1.4.0/include/osmocom/gsm/tlv.h:313:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, val, len);
data/libosmocore-1.4.0/include/osmocom/usb/libusb.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[USB_MAX_PATH_LEN];
data/libosmocore-1.4.0/include/osmocom/vty/command.h:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/libosmocore-1.4.0/include/osmocom/vty/vty.h:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hist[VTY_MAXHIST];
data/libosmocore-1.4.0/include/osmocom/vty/vty.h:137:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sb_buf[TELNET_NAWS_SB_LEN];
data/libosmocore-1.4.0/src/bitcomp.c:328:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec.data, bv->data, bv->data_len);
data/libosmocore-1.4.0/src/bitcomp.c:347:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bv->data, tmp, bv->data_len);
data/libosmocore-1.4.0/src/bitvec.c:340:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bytes, bv->data + byte_offs, count);
data/libosmocore-1.4.0/src/bitvec.c:376:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bv->data + byte_offs, bytes, count);
data/libosmocore-1.4.0/src/codec/ecu_fr.c:136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->frame_backup, frame, GSM_FR_BYTES);
data/libosmocore-1.4.0/src/codec/ecu_fr.c:162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(frame, state->frame_backup, GSM_FR_BYTES);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:708:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(burst, &bursts[i * 348], 348);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:732:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(burst, &bursts[i * 348], 348);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:765:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(C, hc, code->hdr_code_len);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1247:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hc, C, code->hdr_code_len);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1457:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conv, gsm0503_usf2six[usf], 6);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1475:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conv, gsm0503_usf2six[usf], 6);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1493:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB, gsm0503_usf2twelve_ubit[usf], 12);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1776:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, u, 95);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1777:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, u + 95, 3);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1782:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u, d, 95);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1783:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u + 95, p, 3);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1788:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w, s, 71);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1790:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w + 73, s + 71, 50);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1792:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w + 125, s + 121, 53);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1794:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w + 180, s + 174, 50);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1796:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w + 232, s + 224, 20);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1797:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(w + 252, p, 8);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1804:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, w, 71);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1807:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + 71, w + 73, 50);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1810:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + 121, w + 125, 53);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1813:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + 174, w + 180, 50);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1816:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + 224, w + 232, 20);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1817:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, w + 252, 8);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1822:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u, d, prot);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1823:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u + prot, p, 6);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1824:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(u + prot + 6, d + prot, len - prot);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1829:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, u, prot);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1830:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, u + prot, 6);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1831:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d + prot, u + prot + 6, len - prot);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:1957:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 378, d + 182, 78);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2084:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 211, d + 95, 17);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2554:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB, gsm0503_afs_ic_ubit[id], 8);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2927:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 192, d + 123, 36);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2942:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 200, d + 120, 28);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2957:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 204, d + 110, 24);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2972:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 212, d + 102, 16);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:2987:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 216, d + 91, 12);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:3002:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB + 216, d + 83, 12);
data/libosmocore-1.4.0/src/coding/gsm0503_coding.c:3010:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cB, gsm0503_afs_ic_ubit[id], 4);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:374:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[0], c1, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:375:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[612], c2, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:413:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c1, &dc[0], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:414:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c2, &dc[612], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:436:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[0], c1, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:437:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[612], c2, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:475:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c1, &dc[0], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:476:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c2, &dc[612], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:498:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[0], c1, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:499:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[612], c2, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:538:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c1, &dc[0], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:539:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c2, &dc[612], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:561:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[0], c1, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:562:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dc[612], c2, 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:600:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c1, &dc[0], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_interleaving.c:601:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c2, &dc[612], 612);
data/libosmocore-1.4.0/src/coding/gsm0503_mapping.c:43:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iB, eB, 57);
data/libosmocore-1.4.0/src/coding/gsm0503_mapping.c:44:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iB + 57, eB + 59, 57);
data/libosmocore-1.4.0/src/coding/gsm0503_mapping.c:56:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eB, iB, 57);
data/libosmocore-1.4.0/src/coding/gsm0503_mapping.c:57:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eB + 59, iB + 57, 57);
data/libosmocore-1.4.0/src/conv.c:377:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_sym, &input[i_idx], code->N);
data/libosmocore-1.4.0/src/conv.c:417:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ae, ae_next, sizeof(unsigned int) * n_states);
data/libosmocore-1.4.0/src/conv.c:478:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in_sym, &input[i_idx], code->N);
data/libosmocore-1.4.0/src/conv.c:522:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ae, ae_next, sizeof(unsigned int) * n_states);
data/libosmocore-1.4.0/src/conv_acc_generic.c:130:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sums, new_sums, num_states * sizeof(int16_t));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:544:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:559:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:576:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:591:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_if.c:675:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = atoi(ctr_idx);
data/libosmocore-1.4.0/src/exec.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/libosmocore-1.4.0/src/exec.c:181:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int fd = atoi(ent->d_name);
data/libosmocore-1.4.0/src/exec.c:220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[getpw_buflen];
data/libosmocore-1.4.0/src/exec.c:229:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_env[1024];
data/libosmocore-1.4.0/src/fsm.c:586:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/fsm.c:616:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/fsm.c:657:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trailer[64];
data/libosmocore-1.4.0/src/gb/gprs_bssgp_bss.c:472:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(budh->qos_profile, qos_profile, 3);
data/libosmocore-1.4.0/src/gb/gprs_bssgp_bss.c:532:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ra, TLVP_VAL(&tp, BSSGP_IE_LOCATION_AREA),
data/libosmocore-1.4.0/src/gb/gprs_bssgp_bss.c:537:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ra, TLVP_VAL(&tp, BSSGP_IE_ROUTEING_AREA),
data/libosmocore-1.4.0/src/gb/gprs_bssgp_bss.c:553:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pinfo->qos, TLVP_VAL(&tp, BSSGP_IE_QOS_PROFILE),
data/libosmocore-1.4.0/src/gb/gprs_bssgp_vty.c:123:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]), bvci = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_bssgp_vty.c:123:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]), bvci = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_bssgp_vty.c:159:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_bssgp_vty.c:186:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_bssgp_vty.c:187:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t bvci = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns.c:1550:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[80];
data/libosmocore-1.4.0/src/gb/gprs_ns.c:2054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_str[INET_ADDRSTRLEN];
data/libosmocore-1.4.0/src/gb/gprs_ns_sns.c:405:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&gss->ip4_remote[gss->num_ip4_remote], v4_list, num_v4*sizeof(*v4_list));
data/libosmocore-1.4.0/src/gb/gprs_ns_sns.c:661:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_ip[32];
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local[INET6_ADDRSTRLEN + 1];
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:260:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t id = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:289:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:290:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsvci = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:313:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:334:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:335:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t port = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:361:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:362:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t dlci = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:388:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:413:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:435:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t nsei = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:461:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:493:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int port = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:505:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int dscp = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:545:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int enabled = atoi(argv[0]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:563:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t id = atoi(argv[1]);
data/libosmocore-1.4.0/src/gb/gprs_ns_vty.c:610:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint16_t id = atoi(argv[1]);
data/libosmocore-1.4.0/src/gsm/abis_nm.c:40:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char abis_nm_ipa_magic[13] = "com.ipaccess";
data/libosmocore-1.4.0/src/gsm/abis_nm.c:41:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char abis_nm_osmo_magic[12] = "org.osmocom";
data/libosmocore-1.4.0/src/gsm/abis_nm.c:731:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char add_text[ABIS_NM_MSG_HEADROOM];
data/libosmocore-1.4.0/src/gsm/abis_nm.c:799:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sw.file_id, id, sw.file_id_len);
data/libosmocore-1.4.0/src/gsm/abis_nm.c:800:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sw.file_version, ver, sw.file_version_len);
data/libosmocore-1.4.0/src/gsm/abis_nm.c:880:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sw->file_id, TLVP_VAL(&tp, NM_ATT_FILE_ID), sw->file_id_len);
data/libosmocore-1.4.0/src/gsm/abis_nm.c:881:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sw->file_version, TLVP_VAL(&tp, NM_ATT_FILE_VERSION), sw->file_version_len);
data/libosmocore-1.4.0/src/gsm/abis_nm.c:943:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char foh_buf[128];
data/libosmocore-1.4.0/src/gsm/apn.c:34:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char apn_strbuf[APN_MAXLEN+1];
data/libosmocore-1.4.0/src/gsm/apn.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[3+1], nbuf[3+1];
data/libosmocore-1.4.0/src/gsm/apn.c:72:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return osmo_apn_qualify_buf(buf, buf_len, atoi(cbuf), atoi(nbuf), ni);
data/libosmocore-1.4.0/src/gsm/apn.c:72:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return osmo_apn_qualify_buf(buf, buf_len, atoi(cbuf), atoi(nbuf), ni);
data/libosmocore-1.4.0/src/gsm/auth_core.c:108:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ik+4, kc, 8);
data/libosmocore-1.4.0/src/gsm/auth_core.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ck, kc, 8);
data/libosmocore-1.4.0/src/gsm/auth_core.c:117:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ck+8, kc, 8);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:71:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec->res, xdout, sizeof(xdout));
data/libosmocore-1.4.0/src/gsm/auth_xor.c:75:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec->ck, xdout + 1, sizeof(xdout) - 1);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:79:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec->ik, xdout + 2, sizeof(xdout) - 2);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:80:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec->ik + sizeof(xdout) - 2, xdout, 2);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdout + 6, aud->u.umts.amf, 2);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:122:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec->autn + 6, aud->u.umts.amf, 2);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:123:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vec->autn + 8, xmac, sizeof(xmac));
data/libosmocore-1.4.0/src/gsm/auth_xor.c:150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ak, xdout + 3, 6);
data/libosmocore-1.4.0/src/gsm/auth_xor.c:156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cdout, sqnms, 6);
data/libosmocore-1.4.0/src/gsm/cbsp.c:175:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, ce->data, sizeof(ce->data));
data/libosmocore-1.4.0/src/gsm/comp128.c:202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x[16], rand, 16);
data/libosmocore-1.4.0/src/gsm/comp128.c:207:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(x, ki, 16);
data/libosmocore-1.4.0/src/gsm/comp128.c:221:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(x, ki, 16);
data/libosmocore-1.4.0/src/gsm/comp128v23.c:84:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(km_rm, rand, 16);
data/libosmocore-1.4.0/src/gsm/comp128v23.c:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(km_rm + 16, kxor, 16);
data/libosmocore-1.4.0/src/gsm/comp128v23.c:158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sres, output, 4);
data/libosmocore-1.4.0/src/gsm/comp128v23.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kc, output + 4, 8);
data/libosmocore-1.4.0/src/gsm/gprs_rlc.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cps, table_cps, sizeof *cps);
data/libosmocore-1.4.0/src/gsm/gsm0341.c:75:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cbmsg->data, data, len);
data/libosmocore-1.4.0/src/gsm/gsm0411_smc.c:201:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgb_put(nmsg, inst->cp_msg->len), inst->cp_msg->data,
data/libosmocore-1.4.0/src/gsm/gsm0480.c:679:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->ussd_text, uss_req_data + 2, num_chars);
data/libosmocore-1.4.0/src/gsm/gsm0480.c:682:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->ussd_data, uss_req_data + 2, num_chars);
data/libosmocore-1.4.0/src/gsm/gsm0480.c:720:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->ussd_data, uss_req_data + 7, num_chars);
data/libosmocore-1.4.0/src/gsm/gsm0480.c:738:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req->ussd_text, &(uss_req_data[7]), num_chars);
data/libosmocore-1.4.0/src/gsm/gsm0808.c:41:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char str_buff[512];
data/libosmocore-1.4.0/src/gsm/gsm0808.c:799:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cil2.id_list, cil->id_list_lac, cil->id_list_len * sizeof(cil2.id_list[0].lac));
data/libosmocore-1.4.0/src/gsm/gsm0808.c:1326:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, msg_l3->l3h, header->length);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:106:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &sin->sin_addr.s_addr, IP_V4_ADDR_LEN);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, sin6->sin6_addr.s6_addr, IP_V6_ADDR_LEN);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:148:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sin.sin_addr.s_addr, elem, IP_V4_ADDR_LEN);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:153:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss, &sin, sizeof(sin));
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:159:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sin6.sin6_addr.s6_addr, elem, IP_V6_ADDR_LEN);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:164:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ss, &sin6, sizeof(sin6));
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:625:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char dbuf[256];
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:725:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, ei->key, ei->key_len);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:764:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ei->key, elem, ei->key_len);
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:845:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgb_put(msg, sizeof(lai)), &lai, sizeof(lai));
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:862:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgb_put(msg, sizeof(lai)), &lai, sizeof(lai));
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:1879:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[64];
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:1889:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[64];
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:1946:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[1024];
data/libosmocore-1.4.0/src/gsm/gsm0808_utils.c:1973:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[128];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:110:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[8];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:161:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[8];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc[8], mnc[8];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:185:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[16];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:196:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[16];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plmn[16];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:233:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:268:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:279:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plmn[16];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:323:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:514:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(out, "epc.mnc%03u.mcc%03u.3gppnetwork.org", plmn->mnc, plmn->mcc);
data/libosmocore-1.4.0/src/gsm/gsm23003.c:540:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[GSM23003_HOME_NETWORK_DOMAIN_LEN+1];
data/libosmocore-1.4.0/src/gsm/gsm23003.c:574:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[GSM23003_HOME_NETWORK_DOMAIN_LEN+1];
data/libosmocore-1.4.0/src/gsm/gsm29205.c:81:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcr->net, elem + parsed, gcr->net_len);
data/libosmocore-1.4.0/src/gsm/gsm29205.c:93:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gcr->cr, elem + parsed, 5);
data/libosmocore-1.4.0/src/gsm/gsm48.c:207:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[32];
data/libosmocore-1.4.0/src/gsm/gsm48.c:225:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *cc_state_names[32] = {
data/libosmocore-1.4.0/src/gsm/gsm48.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mi_string[GSM48_MI_SIZE];
data/libosmocore-1.4.0/src/gsm/gsm48.c:510:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char mi_name[10 + GSM48_MI_SIZE + 1];
data/libosmocore-1.4.0/src/gsm/gsm48.c:1140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[3], &tmsi_be, sizeof(tmsi_be));
data/libosmocore-1.4.0/src/gsm/gsm48.c:1609:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char namebuf[64];
data/libosmocore-1.4.0/src/gsm/gsm48.c:1730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cm1[42] = "no-cm1";
data/libosmocore-1.4.0/src/gsm/gsm48.c:1731:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cm2[42] = " no-cm2";
data/libosmocore-1.4.0/src/gsm/gsm48.c:1732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cm3[42] = " no-cm3";
data/libosmocore-1.4.0/src/gsm/gsm48.c:1762:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[128];
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:547:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cause->diag, lv + i, in_len - (i-1));
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:584:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lv + i, cause->diag, cause->diag_len);
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:651:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(facility->info, lv+1, in_len);
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:666:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lv+1, facility->info, facility->len);
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:799:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lv + 2, uu->info, strlen(uu->info));
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:817:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssv->info, lv + 1, in_len);
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:833:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lv + 1, ssv->info, ssv->len);
data/libosmocore-1.4.0/src/gsm/gsm_utils.c:337:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + 1, rdata, septet_len);
data/libosmocore-1.4.0/src/gsm/gsm_utils.c:340:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, rdata, septet_len);
data/libosmocore-1.4.0/src/gsm/gsm_utils.c:901:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[64];
data/libosmocore-1.4.0/src/gsm/gsup.c:201:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->rand, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:209:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->sres, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:217:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->kc, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:224:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->ik, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:231:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->ck, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:238:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->autn, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:244:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth_vector->res, value, value_len);
data/libosmocore-1.4.0/src/gsm/gsup.c:688:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, an_apdu.data, an_apdu.data_len);
data/libosmocore-1.4.0/src/gsm/gsup_sms.c:79:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id_enc, gsup_msg->sm_rp_da, gsup_msg->sm_rp_da_len);
data/libosmocore-1.4.0/src/gsm/gsup_sms.c:188:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id_enc, gsup_msg->sm_rp_oa, gsup_msg->sm_rp_oa_len);
data/libosmocore-1.4.0/src/gsm/ipa.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[IPA_STRING_MAX];
data/libosmocore-1.4.0/src/gsm/ipa.c:382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tag + 3, str, strlen(str) + 1);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:442:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l3h, data, len);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:570:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l3h, dl->tx_hist[h].msg->data, length);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:677:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l3h, dl->tx_hist[h].msg->data,
data/libosmocore-1.4.0/src/gsm/lapd_core.c:933:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgb_put(dl->cont_res, length), msg->l3h,
data/libosmocore-1.4.0/src/gsm/lapd_core.c:1566:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msgb_put(dl->rcv_buffer, length),
data/libosmocore-1.4.0/src/gsm/lapd_core.c:1721:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dl->tx_hist[0].msg->data, msg->l3h, msg->len);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:1852:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l3h, dl->send_buffer->l3h + dl->send_out,
data/libosmocore-1.4.0/src/gsm/lapd_core.c:1858:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dl->tx_hist[h].msg->data, msg->l3h, msg->len);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:1882:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l3h, dl->tx_hist[h].msg->data, length);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:1983:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dl->tx_hist[0].msg->data, msg->l3h, msg->len);
data/libosmocore-1.4.0/src/gsm/lapd_core.c:2047:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dl->tx_hist[0].msg->data, msg->l3h, msg->len);
data/libosmocore-1.4.0/src/gsm/lapdm.c:199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/libosmocore-1.4.0/src/gsm/lapdm.c:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[256];
data/libosmocore-1.4.0/src/gsm/milenage/common.h:12:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define os_memcpy(x, y, z) memcpy(x, y, z)
data/libosmocore-1.4.0/src/gsm/mncc.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[16];
data/libosmocore-1.4.0/src/gsm/mncc.c:155:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0];
data/libosmocore-1.4.0/src/gsm/oap.c:100:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oap_msg->autn, value, value_len);
data/libosmocore-1.4.0/src/gsm/oap.c:111:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oap_msg->rand, value, value_len);
data/libosmocore-1.4.0/src/gsm/oap.c:122:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oap_msg->xres, value, value_len);
data/libosmocore-1.4.0/src/gsm/oap.c:133:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oap_msg->auts, value, value_len);
data/libosmocore-1.4.0/src/gsm/oap_client.c:125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tx_xres, vec.res, 8);
data/libosmocore-1.4.0/src/gsm/rsl.c:267:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char str[20];
data/libosmocore-1.4.0/src/gsm/tlv_parser.c:91:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)tp_out->lv[i].val, tp_orig->lv[i].val,
data/libosmocore-1.4.0/src/gsm/tlv_parser.c:118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *) dst->lv[i].val, src->lv[i].val, len);
data/libosmocore-1.4.0/src/gsmtap_util.c:204:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, data, len);
data/libosmocore-1.4.0/src/logging.c:327:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(colon+1);
data/libosmocore-1.4.0/src/logging.c:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libosmocore-1.4.0/src/logging.c:912:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
target->tgt_file.out = fopen(fname, "a");
data/libosmocore-1.4.0/src/logging.c:985:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
target->tgt_file.out = fopen(target->tgt_file.fname, "a");
data/libosmocore-1.4.0/src/logging.c:1061:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cat_ptr[i], &inf->cat[i],
data/libosmocore-1.4.0/src/logging.c:1075:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cat_ptr[cn], &internal_cat[i], sizeof(struct log_info_cat));
data/libosmocore-1.4.0/src/macaddr.c:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[18];
data/libosmocore-1.4.0/src/macaddr.c:99:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac_out, LLADDR(sdl), 6);
data/libosmocore-1.4.0/src/macaddr.c:137:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ifr.ifr_name, dev_name, dev_len + 1);
data/libosmocore-1.4.0/src/macaddr.c:144:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac_out, ifr.ifr_hwaddr.sa_data, 6);
data/libosmocore-1.4.0/src/msgb.c:338:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_msg->_data, msg->_data, new_msg->data_len);
data/libosmocore-1.4.0/src/msgb.c:436:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *lxhs[4];
data/libosmocore-1.4.0/src/msgb.c:514:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char buf[4100];
data/libosmocore-1.4.0/src/msgfile.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *items[3];
data/libosmocore-1.4.0/src/msgfile.c:108:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "r");
data/libosmocore-1.4.0/src/plugin.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[PATH_MAX];
data/libosmocore-1.4.0/src/plugin.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[4096];
data/libosmocore-1.4.0/src/pseudotalloc/pseudotalloc.c:70:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, p, len+1);
data/libosmocore-1.4.0/src/pseudotalloc/pseudotalloc.c:99:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&buf[len-6], "[...]");
data/libosmocore-1.4.0/src/serial.c:64:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(dev, O_RDWR | O_NOCTTY | O_SYNC | O_NONBLOCK);
data/libosmocore-1.4.0/src/sim/card_fs_hpsim.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aprof->aid, adf_hpsim_aid, aprof->aid_len);
data/libosmocore-1.4.0/src/sim/card_fs_isim.c:103:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aprof->aid, adf_isim_aid, aprof->aid_len);
data/libosmocore-1.4.0/src/sim/card_fs_sim.c:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ra_buf, cur, 3);
data/libosmocore-1.4.0/src/sim/card_fs_usim.c:363:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aprof->aid, adf_usim_aid, aprof->aid_len);
data/libosmocore-1.4.0/src/sim/core.c:306:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ah->aid, aid, aid_len);
data/libosmocore-1.4.0/src/sim/core.c:407:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char sw_print_buf[256];
data/libosmocore-1.4.0/src/sim/reader.c:70:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tpduh, msgb_apdu_h(amsg), sizeof(*tpduh));
data/libosmocore-1.4.0/src/sim/reader.c:93:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur, msgb_apdu_dc(amsg), tpduh->p3);
data/libosmocore-1.4.0/src/sim/reader.c:152:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur, tmsg->l3h, msgb_l3len(tmsg));
data/libosmocore-1.4.0/src/socket.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portbuf[6];
data/libosmocore-1.4.0/src/socket.c:492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[512];
data/libosmocore-1.4.0/src/socket.c:829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NI_MAXHOST];
data/libosmocore-1.4.0/src/socket.c:1062:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipbuf[INET6_ADDRSTRLEN], portbuf[6];
data/libosmocore-1.4.0/src/socket.c:1135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[OSMO_SOCK_NAME_MAXLEN];
data/libosmocore-1.4.0/src/socket.c:1152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostbuf_l[INET6_ADDRSTRLEN], hostbuf_r[INET6_ADDRSTRLEN];
data/libosmocore-1.4.0/src/socket.c:1153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portbuf_l[6], portbuf_r[6];
data/libosmocore-1.4.0/src/socket.c:1176:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char str[OSMO_SOCK_NAME_MAXLEN];
data/libosmocore-1.4.0/src/stats.c:129:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (srep->open)
data/libosmocore-1.4.0/src/stats.c:130:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rc = srep->open(srep);
data/libosmocore-1.4.0/src/strrb.c:162:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rb->buffer[rb->end], data, len);
data/libosmocore-1.4.0/src/tdef.c:148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range_str[64];
data/libosmocore-1.4.0/src/usb/osmo_libusb.c:247:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[128];
data/libosmocore-1.4.0/src/usb/osmo_libusb.c:326:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[256];
data/libosmocore-1.4.0/src/usb/osmo_libusb.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[USB_MAX_PATH_LEN];
data/libosmocore-1.4.0/src/usb/osmo_libusb.c:538:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[USB_MAX_PATH_LEN];
data/libosmocore-1.4.0/src/utils.c:44:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char namebuf[255];
data/libosmocore-1.4.0/src/utils.c:46:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char capsbuf[128];
data/libosmocore-1.4.0/src/utils.c:283:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char hexd_buff[4096];
data/libosmocore-1.4.0/src/utils.c:581:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, len);
data/libosmocore-1.4.0/src/vty/buffer.c:59:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0]; /* real dimension is buffer->size */
data/libosmocore-1.4.0/src/vty/buffer.c:113:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, data->data + data->sp, data->cp - data->sp);
data/libosmocore-1.4.0/src/vty/buffer.c:178:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((data->data + data->cp), ptr, chunk);
data/libosmocore-1.4.0/src/vty/buffer.c:318:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iov, small_iov, sizeof(small_iov));
data/libosmocore-1.4.0/src/vty/command.c:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, argv[i], (arglen = strlen(argv[i])));
data/libosmocore-1.4.0/src/vty/command.c:301:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, start, strlen);
data/libosmocore-1.4.0/src/vty/command.c:370:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, start, strlen);
data/libosmocore-1.4.0/src/vty/command.c:450:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token + 1, sp, len);
data/libosmocore-1.4.0/src/vty/command.c:454:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, sp, len);
data/libosmocore-1.4.0/src/vty/command.c:837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salt[6];
data/libosmocore-1.4.0/src/vty/command.c:918:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/libosmocore-1.4.0/src/vty/command.c:950:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(buf) > 255)
data/libosmocore-1.4.0/src/vty/command.c:971:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/libosmocore-1.4.0/src/vty/command.c:1004:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(buf) > 255)
data/libosmocore-1.4.0/src/vty/command.c:1032:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(sp) > 32)
data/libosmocore-1.4.0/src/vty/command.c:1291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DECIMAL_STRLEN_MAX_UNSIGNED + 1];
data/libosmocore-1.4.0/src/vty/command.c:2120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lcdstr, matchvec->index[0], lcd);
data/libosmocore-1.4.0/src/vty/command.c:2259:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[CMD_ARGC_MAX];
data/libosmocore-1.4.0/src/vty/command.c:2475:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[CMD_ARGC_MAX];
data/libosmocore-1.4.0/src/vty/command.c:2908:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(config_file_tmp);
data/libosmocore-1.4.0/src/vty/command.c:3113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/libosmocore-1.4.0/src/vty/command.c:3116:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
confp = fopen(host.config, "r");
data/libosmocore-1.4.0/src/vty/command.c:3565:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[MAXPATHLEN + 1];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufname[64];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[100];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:211:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tid_it = atoi(entry->d_name);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17]; /* 15 + \n + \0 */
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:249:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tid_it = atoi(entry->d_name);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:251:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) == -1)
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[100];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_mask[1024];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:360:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tid_it = atoi(entry->d_name);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:485:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sched_vty_opts->sched_rr_prio = atoi(argv[0]);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[17];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_mask[1024];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:538:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tid_it = atoi(entry->d_name);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:540:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(path, O_RDONLY)) != -1) {
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:575:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_mask[1024];
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:628:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16]; /* 15 + \0 */
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_mask[1024];
data/libosmocore-1.4.0/src/vty/logging_vty.c:177:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_all_filter(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:192:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_use_color(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:207:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_print_timestamp(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:223:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_print_extended_timestamp(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:238:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_print_category(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:254:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_print_category_hex(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:270:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_print_level(tgt, atoi(argv[0]));
data/libosmocore-1.4.0/src/vty/logging_vty.c:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/libosmocore-1.4.0/src/vty/logging_vty.c:668:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int local = atoi(argv[0]);
data/libosmocore-1.4.0/src/vty/logging_vty.c:856:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int rbsize = atoi(argv[0]);
data/libosmocore-1.4.0/src/vty/logging_vty.c:898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char level_buf[128];
data/libosmocore-1.4.0/src/vty/logging_vty.c:965:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cat_name[128];
data/libosmocore-1.4.0/src/vty/stats_vty.c:109:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int_val = atoi(val);
data/libosmocore-1.4.0/src/vty/stats_vty.c:257:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int period = atoi(argv[0]);
data/libosmocore-1.4.0/src/vty/stats_vty.c:361:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int interval = atoi(argv[0]);
data/libosmocore-1.4.0/src/vty/talloc_ctx_vty.c:163:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_depth = atoi(depth);
data/libosmocore-1.4.0/src/vty/tdef_vty.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range_str[64];
data/libosmocore-1.4.0/src/vty/tdef_vty.c:174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range_str[64];
data/libosmocore-1.4.0/src/vty/telnet_interface.c:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sock_name_buf[OSMO_SOCK_NAME_MAXLEN];
data/libosmocore-1.4.0/src/vty/telnet_interface.c:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sock_name_buf[OSMO_SOCK_NAME_MAXLEN];
data/libosmocore-1.4.0/src/vty/utils.c:365:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[name_len];
data/libosmocore-1.4.0/src/vty/vector.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->index, v->index, size);
data/libosmocore-1.4.0/src/vty/vty.c:267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libosmocore-1.4.0/src/vty/vty.c:395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/libosmocore-1.4.0/src/vty/vty.c:397:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(host.motdfile, "r");
data/libosmocore-1.4.0/src/vty/vty.c:767:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vty->buf, vty->hist[vty->hp], length);
data/libosmocore-1.4.0/src/vty/vty.c:1286:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[VTY_READ_BUFSIZ];
data/libosmocore-1.4.0/src/vty/vty.c:1630:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vty_bind_port = argc > 1 ? atoi(argv[1]) : -1;
data/libosmocore-1.4.0/src/vty/vty.c:1765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[MAXPATHLEN];
data/libosmocore-1.4.0/src/vty/vty.c:1841:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cfile = fopen(file_name, "r");
data/libosmocore-1.4.0/tests/abis/abis_test.c:154:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(put.file_id, f_id, put.file_id_len);
data/libosmocore-1.4.0/tests/abis/abis_test.c:155:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(put.file_version, f_ver, put.file_version_len);
data/libosmocore-1.4.0/tests/bits/bitcomp_test.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lol[1024]; // for pretty-printing
data/libosmocore-1.4.0/tests/bits/bitrev_test.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[18];
data/libosmocore-1.4.0/tests/bitvec/bitvec_test.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lol[1024]; // we pollute this with printed vectors
data/libosmocore-1.4.0/tests/codec/codec_test.c:48:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, t, SID_LEN);
data/libosmocore-1.4.0/tests/coding/coding_test.c:397:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l2, tmb->l2, len);
data/libosmocore-1.4.0/tests/exec/exec_test.c:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out[256];
data/libosmocore-1.4.0/tests/exec/exec_test.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *out[256] = {
data/libosmocore-1.4.0/tests/fsm/fsm_dealloc_test.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c:159:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bucket_size_max = atoi(optarg);
data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c:162:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bucket_leak_rate = atoi(optarg);
data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c:165:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_queue_depth = atoi(optarg);
data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c:168:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pdu_length = atoi(optarg);
data/libosmocore-1.4.0/tests/gb/bssgp_fc_test.c:171:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pdu_count = atoi(optarg);
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[12] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:67:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[9] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:83:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:93:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:103:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:113:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[4096] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:133:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg + 4, bssgp_msg, bssgp_msg_size);
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:143:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[22] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:187:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gprs_ns_status_invalid_alive[7] = {
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:192:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char gprs_bssgp_reset[22] = {
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:13:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[len ? len : 1];
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:45:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, ref, ARRAY_SIZE(output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:50:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, ref, ARRAY_SIZE(output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:55:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, ref, ARRAY_SIZE(output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:60:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, ref, ARRAY_SIZE(output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:65:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output, ref, ARRAY_SIZE(output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[strlen(output) + 1];
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64] = {};
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:572:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8] = {};
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:1112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_dec[0xff] = { 0xff };
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:1309:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rnd_arfcns_set[1024] = {0};
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:465:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ss, &sin, sizeof(sin));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:545:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ss, &sin, sizeof(sin));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:598:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ss, &sin, sizeof(sin));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:836:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&enc_addr, &enc_addr_in, sizeof(enc_addr_in));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:865:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&enc_addr, &enc_addr_in, sizeof(enc_addr_in));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:1214:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&enc_cil.id_list[0].lai_and_lac, &id, sizeof(id));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:1219:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&enc_cil.id_list[1].lai_and_lac, &id, sizeof(id));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:1224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&enc_cil.id_list[2].lai_and_lac, &id, sizeof(id));
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:1551:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128] = "?";
data/libosmocore-1.4.0/tests/gsm23003/gsm23003_test.c:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[GSM23003_MME_DOMAIN_LEN];
data/libosmocore-1.4.0/tests/gsup/gsup_test.c:718:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, t->data, t->data_len);
data/libosmocore-1.4.0/tests/lapd/lapd_test.c:58:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l3h, data, len);
data/libosmocore-1.4.0/tests/lapd/lapd_test.c:175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l2h, in_msg->l2h, msgb_l2len(in_msg));
data/libosmocore-1.4.0/tests/lapd/lapd_test.c:245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg->l2h + 3, data, len);
data/libosmocore-1.4.0/tests/lapd/lapd_test.c:499:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cm2, cm, sizeof(cm));
data/libosmocore-1.4.0/tests/logging/logging_vty_test.c:188:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_log_level(osmo_stderr_target, atoi(optarg));
data/libosmocore-1.4.0/tests/sms/sms_test.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[256];
data/libosmocore-1.4.0/tests/sms/sms_test.c:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[256];
data/libosmocore-1.4.0/tests/sms/sms_test.c:295:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) test_encode[i].input,
data/libosmocore-1.4.0/tests/sms/sms_test.c:320:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(const char *) test_encode[i].input,
data/libosmocore-1.4.0/tests/sms/sms_test.c:330:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int number_of_septets = gsm_septet_encode(septet_data, (const char *) test_multiple_encode[0].input);
data/libosmocore-1.4.0/tests/sms/sms_test.c:336:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, septet_data, concatenated_part1_septet_length);
data/libosmocore-1.4.0/tests/sms/sms_test.c:344:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, test_multiple_encode[0].expected, udh_length);
data/libosmocore-1.4.0/tests/sms/sms_test.c:345:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp + udh_length, coded, octet_length);
data/libosmocore-1.4.0/tests/sms/sms_test.c:347:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(coded, tmp, octet_length + 6);
data/libosmocore-1.4.0/tests/sms/sms_test.c:354:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, septet_data + concatenated_part1_septet_length, concatenated_part2_septet_length);
data/libosmocore-1.4.0/tests/sms/sms_test.c:362:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, test_multiple_encode[1].expected, udh_length);
data/libosmocore-1.4.0/tests/sms/sms_test.c:363:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp + udh_length, coded, octet_length);
data/libosmocore-1.4.0/tests/sms/sms_test.c:365:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(coded, tmp, octet_length + 6);
data/libosmocore-1.4.0/tests/sms/sms_test.c:377:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
OSMO_ASSERT(strcmp(result, (const char *) test_decode[i].expected) == 0);
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[GSM341_MAX_CHARS+1];
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:59:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msg_id = atoi(argv[1]);
data/libosmocore-1.4.0/tests/sockaddr_str/sockaddr_str_test.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_config_root.c:190:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_log_level(osmo_stderr_target, atoi(optarg));
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_config_subnode.c:183:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_log_level(osmo_stderr_target, atoi(optarg));
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_dynamic.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[23];
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_dynamic.c:89:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)m->tdefs, (char*)&bts_default_tdefs, sizeof(bts_default_tdefs));
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_dynamic.c:257:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_log_level(osmo_stderr_target, atoi(optarg));
data/libosmocore-1.4.0/tests/timer/clk_override_test.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mono, &ts1, sizeof(struct timespec));
data/libosmocore-1.4.0/tests/timer/timer_test.c:175:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timer_nsteps = atoi(optarg);
data/libosmocore-1.4.0/tests/tlv/tlv_test.c:145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, test_data, len);
data/libosmocore-1.4.0/tests/tlv/tlv_test.c:216:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_end, test_data, len);
data/libosmocore-1.4.0/tests/use_count/use_count_test.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name_buf[1024];
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:62:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, _data, len);
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:78:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, _data, len);
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded[256];
data/libosmocore-1.4.0/tests/utils/utils_test.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/libosmocore-1.4.0/tests/utils/utils_test.c:497:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64] = {};
data/libosmocore-1.4.0/tests/utils/utils_test.c:537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_buf[11];
data/libosmocore-1.4.0/tests/utils/utils_test.c:577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_buf[11];
data/libosmocore-1.4.0/tests/utils/utils_test.c:631:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_buf[11];
data/libosmocore-1.4.0/tests/utils/utils_test.c:682:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_buf[11];
data/libosmocore-1.4.0/tests/utils/utils_test.c:855:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[20] = {};
data/libosmocore-1.4.0/tests/utils/utils_test.c:946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/libosmocore-1.4.0/tests/utils/utils_test.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/libosmocore-1.4.0/tests/utils/utils_test.c:1152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/libosmocore-1.4.0/tests/utils/utils_test.c:1315:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100] = "unchanged";
data/libosmocore-1.4.0/tests/vty/vty_transcript_test.c:104:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_set_log_level(osmo_stderr_target, atoi(optarg));
data/libosmocore-1.4.0/utils/osmo-arfcn.c:142:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
arfcn = atoi(param);
data/libosmocore-1.4.0/utils/osmo-auc-gen.c:218:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ind = atoi(optarg);
data/libosmocore-1.4.0/utils/osmo-auc-gen.c:226:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
test_aud.u.umts.ind_bitlen = atoi(optarg);
data/libosmocore-1.4.0/utils/osmo-config-merge.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/libosmocore-1.4.0/utils/osmo-config-merge.c:135:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(fname, "r");
data/libosmocore-1.4.0/utils/osmo-sim-test.c:54:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, data, data_len);
data/libosmocore-1.4.0/utils/osmo-sim-test.c:94:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pindst, pin, strlen(pin));
data/libosmocore-1.4.0/utils/osmo-sim-test.c:395:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_data = fopen(short_name, "w");
data/libosmocore-1.4.0/utils/osmo-sim-test.c:494:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
readernum = atoi(optarg);
data/libosmocore-1.4.0/utils/osmo-sim-test.c:536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prev_dir[PATH_MAX];
data/libosmocore-1.4.0/src/application.c:166:2: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0);
data/libosmocore-1.4.0/src/conv_acc_neon.c:49:21: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
return (int16_t *) memalign(NEON_ALIGN, sizeof(int16_t) * n);
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:543:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg->l2h = msgb_put(msg, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:544:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:558:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg->l2h = msgb_put(msg, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:559:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:575:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg->l2h = msgb_put(msg, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:576:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:590:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg->l2h = msgb_put(msg, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_cmd.c:591:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(msg->l2h, tmp, strlen(tmp));
data/libosmocore-1.4.0/src/ctrl/control_if.c:248:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(request); i++) {
data/libosmocore-1.4.0/src/ctrl/control_if.c:684:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(saveptr)) {
data/libosmocore-1.4.0/src/ctrl/control_if.c:972:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgb_put(msg, strlen(cmdstr));
data/libosmocore-1.4.0/src/exec.c:113:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, *ent, eq_pos);
data/libosmocore-1.4.0/src/gb/gprs_bssgp.c:1190:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dup->imsi && strlen(dup->imsi)) {
data/libosmocore-1.4.0/src/gsm/abis_nm.c:795:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.file_id_len = strlen(id),
data/libosmocore-1.4.0/src/gsm/abis_nm.c:796:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.file_version_len = strlen(ver),
data/libosmocore-1.4.0/src/gsm/apn.c:62:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cbuf, imsi, 3);
data/libosmocore-1.4.0/src/gsm/apn.c:66:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nbuf, imsi+3, 3);
data/libosmocore-1.4.0/src/gsm/apn.c:69:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nbuf, imsi+3, 2);
data/libosmocore-1.4.0/src/gsm/gsm0411_utils.c:316:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(number) > 20)
data/libosmocore-1.4.0/src/gsm/gsm0411_utils.c:320:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oa[0] = strlen(number) & 0xff;
data/libosmocore-1.4.0/src/gsm/gsm0480.c:148:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/libosmocore-1.4.0/src/gsm/gsm0480.c:185:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgb_put_u8(msg, strlen(text));
data/libosmocore-1.4.0/src/gsm/gsm0808.c:742:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strlen(imsi) <= GSM48_MI_SIZE);
data/libosmocore-1.4.0/src/gsm/gsm23003.c:414:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!mnc_str || !isdigit((unsigned char)mnc_str[0]) || strlen(mnc_str) > 3)
data/libosmocore-1.4.0/src/gsm/gsm23003.c:425:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_mnc_3_digits = strlen(mnc_str) > 2;
data/libosmocore-1.4.0/src/gsm/gsm48.c:672:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mi_nibbles = strlen(mi->imsi);
data/libosmocore-1.4.0/src/gsm/gsm48.c:678:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mi_nibbles = strlen(mi->imei);
data/libosmocore-1.4.0/src/gsm/gsm48.c:684:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mi_nibbles = strlen(mi->imeisv);
data/libosmocore-1.4.0/src/gsm/gsm48.c:1228:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(string) + 1;
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:155:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int in_len = strlen(input);
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:794:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(uu->info) > GSM_MAX_USERUSER)
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:797:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lv[0] = 1 + strlen(uu->info);
data/libosmocore-1.4.0/src/gsm/gsm48_ie.c:799:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(lv + 2, uu->info, strlen(uu->info));
data/libosmocore-1.4.0/src/gsm/gsm_utils.c:296:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(data); i++) {
data/libosmocore-1.4.0/src/gsm/gsm_utils.c:385:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t *rdata = calloc(strlen(data) * 2, sizeof(uint8_t));
data/libosmocore-1.4.0/src/gsm/ipa.c:378:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag = msgb_put(msg, 3 + strlen(str) + 1);
data/libosmocore-1.4.0/src/gsm/ipa.c:380:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tag[1] = 1 + strlen(str) + 1;
data/libosmocore-1.4.0/src/gsm/ipa.c:382:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tag + 3, str, strlen(str) + 1);
data/libosmocore-1.4.0/src/gsmtap_util.c:386:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd->fd, buf, sizeof(buf));
data/libosmocore-1.4.0/src/logging.c:312:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(category_token);
data/libosmocore-1.4.0/src/logging.c:313:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cat_length = strlen(osmo_log_info->cat[i].name);
data/libosmocore-1.4.0/src/logging.c:420:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen(buf + offset);
data/libosmocore-1.4.0/src/macaddr.c:52:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in) < 17)
data/libosmocore-1.4.0/src/macaddr.c:55:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, in, sizeof(tmp)-1);
data/libosmocore-1.4.0/src/macaddr.c:128:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dev_len = strlen(dev_name);
data/libosmocore-1.4.0/src/msgfile.c:74:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(line);
data/libosmocore-1.4.0/src/pseudotalloc/pseudotalloc.c:65:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/libosmocore-1.4.0/src/rate_ctr.c:124:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(out); i++) {
data/libosmocore-1.4.0/src/select.c:405:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(ofd->fd, &fdsi, sizeof(fdsi));
data/libosmocore-1.4.0/src/sim/reader_pcsc.c:86:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr)+1;
data/libosmocore-1.4.0/src/socket.c:986:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
local.sun_len = strlen(local.sun_path);
data/libosmocore-1.4.0/src/socket.c:991:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(local.sun_path) +
data/libosmocore-1.4.0/src/socket.c:1076:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ip, ipbuf, ip_len);
data/libosmocore-1.4.0/src/socket.c:1078:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(port, portbuf, port_len);
data/libosmocore-1.4.0/src/stats.c:154:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(ofd->fd, (void *) &expire_count, sizeof(expire_count));
data/libosmocore-1.4.0/src/stats.c:409:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srep->name_prefix = prefix && strlen(prefix) > 0 ?
data/libosmocore-1.4.0/src/strrb.c:154:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(data);
data/libosmocore-1.4.0/src/usb/osmo_libusb.c:544:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(ifm->path) && !strcmp(path, ifm->path))) {
data/libosmocore-1.4.0/src/utils.c:203:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end_nibble = start_nibble + strlen(digits);
data/libosmocore-1.4.0/src/utils.c:313:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delim_len = strlen(delim);
data/libosmocore-1.4.0/src/utils.c:482:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(in); i++)
data/libosmocore-1.4.0/src/utils.c:484:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out[strlen(in)] = '\0';
data/libosmocore-1.4.0/src/utils.c:495:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(in); i++)
data/libosmocore-1.4.0/src/utils.c:497:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out[strlen(in)] = '\0';
data/libosmocore-1.4.0/src/utils.c:576:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ret = src ? strlen(src) : 0;
data/libosmocore-1.4.0/src/utils.c:657:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!str || (len = strlen(str)) == 0)
data/libosmocore-1.4.0/src/utils.c:747:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, str, write_n);
data/libosmocore-1.4.0/src/utils.c:776:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_len = strlen(str);
data/libosmocore-1.4.0/src/utils.c:1067:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = strlen(dest);
data/libosmocore-1.4.0/src/utils.c:1070:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(src);
data/libosmocore-1.4.0/src/utils.c:1100:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buf_len = strlen(src) + 1;
data/libosmocore-1.4.0/src/utils.c:1125:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = strlen(dest);
data/libosmocore-1.4.0/src/utils.c:1128:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(src);
data/libosmocore-1.4.0/src/utils.c:1158:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buf_len = strlen(src) + 1;
data/libosmocore-1.4.0/src/utils.c:1208:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strncmp(str, startswith_str, strlen(startswith_str)) == 0;
data/libosmocore-1.4.0/src/vty/buffer.c:194:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_put(b, c, strlen(c));
data/libosmocore-1.4.0/src/vty/command.c:133:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(argv[i]) + 1;
data/libosmocore-1.4.0/src/vty/command.c:139:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(p, argv[i], (arglen = strlen(argv[i])));
data/libosmocore-1.4.0/src/vty/command.c:253:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen;
data/libosmocore-1.4.0/src/vty/command.c:301:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(token, start, strlen);
data/libosmocore-1.4.0/src/vty/command.c:302:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(token + strlen) = '\0';
data/libosmocore-1.4.0/src/vty/command.c:348:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen;
data/libosmocore-1.4.0/src/vty/command.c:370:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(token, start, strlen);
data/libosmocore-1.4.0/src/vty/command.c:371:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(token + strlen) = '\0';
data/libosmocore-1.4.0/src/vty/command.c:521:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_strlen = strlen(inp);
data/libosmocore-1.4.0/src/vty/command.c:564:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_strlen = strlen(inp);
data/libosmocore-1.4.0/src/vty/command.c:596:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < strlen(str); ++j) \
data/libosmocore-1.4.0/src/vty/command.c:949:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, sp, str - sp);
data/libosmocore-1.4.0/src/vty/command.c:1003:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, sp, str - sp);
data/libosmocore-1.4.0/src/vty/command.c:1061:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(str, IPV6_ADDR_STR) != strlen(str))
data/libosmocore-1.4.0/src/vty/command.c:1158:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(str, IPV6_PREFIX_STR) != strlen(str))
data/libosmocore-1.4.0/src/vty/command.c:1310:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, range, p - range);
data/libosmocore-1.4.0/src/vty/command.c:1322:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, range, p - range);
data/libosmocore-1.4.0/src/vty/command.c:1346:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, range, p - range);
data/libosmocore-1.4.0/src/vty/command.c:1358:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, range, p - range);
data/libosmocore-1.4.0/src/vty/command.c:1377:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/libosmocore-1.4.0/src/vty/command.c:1438:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp(command, str, strlen(command)) == 0)
data/libosmocore-1.4.0/src/vty/command.c:1595:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strncmp(command, str, strlen (command)) == 0)
data/libosmocore-1.4.0/src/vty/command.c:1686:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(src, dst, strlen(src)) == 0)
data/libosmocore-1.4.0/src/vty/command.c:1744:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(src, dst, strlen(src)) == 0)
data/libosmocore-1.4.0/src/vty/command.c:2113:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(vector_slot(vline, index));
data/libosmocore-1.4.0/src/vty/command.c:2577:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return str? strlen(str) : 0;
data/libosmocore-1.4.0/src/vty/command.c:2892:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(config_file) + strlen(CONF_BACKUP_EXT) + 1,
data/libosmocore-1.4.0/src/vty/command.c:2892:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(config_file) + strlen(CONF_BACKUP_EXT) + 1,
data/libosmocore-1.4.0/src/vty/command.c:2899:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config_file_tmp = _talloc_zero(tall_vty_cmd_ctx, strlen(config_file) + 8,
data/libosmocore-1.4.0/src/vty/command.c:3574:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cwd) + strlen(fname) + 2),
data/libosmocore-1.4.0/src/vty/command.c:3574:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(cwd) + strlen(fname) + 2),
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:114:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:253:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, buf, sizeof(buf) - 1);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:292:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/libosmocore-1.4.0/src/vty/cpu_sched_vty.c:541:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(fd, name, sizeof(name) - 1);
data/libosmocore-1.4.0/src/vty/utils.c:344:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(prefix) + strlen(end);
data/libosmocore-1.4.0/src/vty/utils.c:344:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int size = strlen(prefix) + strlen(end);
data/libosmocore-1.4.0/src/vty/utils.c:345:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sep_len = strlen(sep);
data/libosmocore-1.4.0/src/vty/utils.c:350:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(vs->str) + sep_len;
data/libosmocore-1.4.0/src/vty/utils.c:364:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int j, name_len = strlen(vs->str)+1;
data/libosmocore-1.4.0/src/vty/vty.c:335:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_put(vty->obuf, p, strlen(p));
data/libosmocore-1.4.0/src/vty/vty.c:402:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = buf + strlen(buf);
data/libosmocore-1.4.0/src/vty/vty.c:524:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/libosmocore-1.4.0/src/vty/vty.c:766:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(vty->hist[vty->hp]);
data/libosmocore-1.4.0/src/vty/vty.c:1097:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = _talloc_zero(vty, strlen(desc->str) + 1, "describe_fold");
data/libosmocore-1.4.0/src/vty/vty.c:1101:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p = desc->str; strlen(p) > desc_width; p += pos + 1) {
data/libosmocore-1.4.0/src/vty/vty.c:1109:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, p, pos);
data/libosmocore-1.4.0/src/vty/vty.c:1170:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(desc->cmd);
data/libosmocore-1.4.0/src/vty/vty.c:1197:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (desc_width >= strlen(desc->str))
data/libosmocore-1.4.0/src/vty/vty.c:1217:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (desc_width >= strlen(desc->str))
data/libosmocore-1.4.0/src/vty/vty.c:1291:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((nbytes = read(vty->fd, buf, VTY_READ_BUFSIZ)) <= 0) {
data/libosmocore-1.4.0/src/vty/vty.c:1777:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vty_cwd = _talloc_zero(tall_vty_ctx, strlen(cwd) + 1, "save_cwd");
data/libosmocore-1.4.0/tests/abis/abis_test.c:150:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.file_id_len = strlen(f_id),
data/libosmocore-1.4.0/tests/abis/abis_test.c:151:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
.file_version_len = strlen(f_ver),
data/libosmocore-1.4.0/tests/bitvec/bitvec_test.c:80:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int in_size = strlen((const char *)in);
data/libosmocore-1.4.0/tests/codec/codec_ecu_fr_test.c:200:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
frame_len = strlen(fr_frames_hex[i]) / 2;
data/libosmocore-1.4.0/tests/codec/codec_ecu_fr_test.c:238:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
frame_len = strlen(fr_frames_hex[i]) / 2;
data/libosmocore-1.4.0/tests/context/context_test.c:36:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rc = read(ofd->fd, &rval, sizeof(rval));
data/libosmocore-1.4.0/tests/ctrl/ctrl_test.c:32:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/libosmocore-1.4.0/tests/dtx/dtx_gsm0503_test.c:80:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/libosmocore-1.4.0/tests/fsm/fsm_test.c:144:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(!strncmp(osmo_fsm_inst_name(fi), fsm.name, strlen(fsm.name)));
data/libosmocore-1.4.0/tests/fsm/fsm_test.c:169:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(!strncmp(cmd->reply, exp, strlen(exp)));
data/libosmocore-1.4.0/tests/gb/gprs_ns_test.c:455:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1100000);
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:22:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strlen(out_str) == strlen(wanted_output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:22:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strlen(out_str) == strlen(wanted_output));
data/libosmocore-1.4.0/tests/gprs/gprs_test.c:103:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmp[strlen(output) + 1];
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:511:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int expect_rc = t->expect_rc ? : strlen(expect_str)+1;
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:547:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(str);
data/libosmocore-1.4.0/tests/gsm0408/gsm0408_test.c:550:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) != str_len)
data/libosmocore-1.4.0/tests/gsm0808/gsm0808_test.c:1547:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zu = strlen(gsm0808_cell_id_list_name(&cil));
data/libosmocore-1.4.0/tests/sms/sms_test.c:375:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("Decode case %d: return value %d (expected %zu)\n", i, nchars, strlen(result));
data/libosmocore-1.4.0/tests/sms/sms_test.c:378:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(nchars == strlen(result));
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:35:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int text_len = strlen(text);
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:64:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tbuf, text, GSM341_MAX_CHARS);
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:65:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(text) < GSM341_MAX_CHARS)
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:66:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(tbuf+strlen(text), GSM341_7BIT_PADDING,
data/libosmocore-1.4.0/tests/smscb/gsm0341_test.c:67:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(tbuf)-strlen(text));
data/libosmocore-1.4.0/tests/strrb/strrb_test.c:208:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strlen(rb_content) == RB_MAX_MESSAGE_SIZE - 1);
data/libosmocore-1.4.0/tests/tdef/tdef_vty_test_dynamic.c:128:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strncmp(str, startswith_str, strlen(startswith_str)) == 0;
data/libosmocore-1.4.0/tests/timer/clk_override_test.c:46:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500);
data/libosmocore-1.4.0/tests/timer/clk_override_test.c:54:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500);
data/libosmocore-1.4.0/tests/timer/clk_override_test.c:85:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500);
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:97:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("original = %s\n", osmo_hexdump((uint8_t *)text, strlen(text)));
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:104:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("decoded = %s\n\n", osmo_hexdump((uint8_t *)decoded, strlen(decoded)));
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:106:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strncmp(text, decoded, strlen(text)) == 0);
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:107:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strcmp(appended_after_decode, decoded + strlen(text)) == 0);
data/libosmocore-1.4.0/tests/ussd/ussd_test.c:252:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(strlen((char *) req.ussd_text) == 0);
data/libosmocore-1.4.0/tests/vty/vty_test.c:191:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OSMO_ASSERT(srep->name_prefix == NULL || strlen(srep->name_prefix) == 0);
data/libosmocore-1.4.0/utils/osmo-config-merge.c:101:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(line); i++) {
data/libosmocore-1.4.0/utils/osmo-config-merge.c:112:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/libosmocore-1.4.0/utils/osmo-sim-test.c:87:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pin) > 8)
data/libosmocore-1.4.0/utils/osmo-sim-test.c:94:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(pindst, pin, strlen(pin));
ANALYSIS SUMMARY:
Hits = 769
Lines analyzed = 124543 in approximately 4.03 seconds (30867 lines/second)
Physical Source Lines of Code (SLOC) = 86191
Hits@level = [0] 1548 [1] 170 [2] 518 [3] 24 [4] 56 [5] 1
Hits@level+ = [0+] 2317 [1+] 769 [2+] 599 [3+] 81 [4+] 57 [5+] 1
Hits/KSLOC@level+ = [0+] 26.8822 [1+] 8.92205 [2+] 6.94968 [3+] 0.939773 [4+] 0.661322 [5+] 0.0116021
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.