Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_connect.c Examining data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_fragment.c Examining data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_listen.c Examining data/libusrsctp-0.9.3.0+20201102/fuzzer/pcap2corpus.c Examining data/libusrsctp-0.9.3.0+20201102/programs/chargen_server_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/client.c Examining data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/daytime_server.c Examining data/libusrsctp-0.9.3.0+20201102/programs/daytime_server_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/discard_server.c Examining data/libusrsctp-0.9.3.0+20201102/programs/discard_server_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/echo_server.c Examining data/libusrsctp-0.9.3.0+20201102/programs/echo_server_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/ekr_client.c Examining data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c Examining data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c Examining data/libusrsctp-0.9.3.0+20201102/programs/ekr_server.c Examining data/libusrsctp-0.9.3.0+20201102/programs/http_client.c Examining data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c Examining data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.h Examining data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c Examining data/libusrsctp-0.9.3.0+20201102/programs/st_client.c Examining data/libusrsctp-0.9.3.0+20201102/programs/test_libmgmt.c Examining data/libusrsctp-0.9.3.0+20201102/programs/test_timer.c Examining data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c Examining data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_bsd_addr.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_bsd_addr.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_callout.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_callout.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_cc_functions.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_constants.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_crc32.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_crc32.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_header.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_lock_userspace.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_peeloff.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_peeloff.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sha1.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sha1.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_ss_functions.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_structs.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sysctl.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sysctl.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_timer.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_timer.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_uio.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_userspace.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_var.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet6/sctp6_usrreq.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet6/sctp6_var.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_atomic.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_environment.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_environment.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_inpcb.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_ip6_var.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_ip_icmp.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_malloc.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_queue.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_route.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socketvar.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_uma.h Examining data/libusrsctp-0.9.3.0+20201102/usrsctplib/usrsctp.h FINAL RESULTS: data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:97:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (vsnprintf(charbuf, 1024, format, ap) < 0) { data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:126:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (vsnprintf(charbuf, 1024, format, ap) < 0) { data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:156:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (vsnprintf(charbuf, 1024, format, ap) < 0) { data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:228:6: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (snprintf(data, __VA_ARGS__) < 0 ) { \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:809:6: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (snprintf(data, __VA_ARGS__) < 0) { \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3211:6: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (snprintf(dump_buf, PREAMBLE_LENGTH + 1, PREAMBLE_FORMAT, data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3229:6: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if (snprintf(dump_buf, PREAMBLE_LENGTH + 1, PREAMBLE_FORMAT, data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3240:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dump_buf + pos, HEADER); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3257:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dump_buf + pos, TRAILER); data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:169:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(pc->mutex)); data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:199:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(pc->mutex)); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:463:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "a:cd:DE:f:l:L:n:p:P:R:S:t:T:uU:vV")) != -1) data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:431:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt(argc, argv, "a:DE:f:Hl:L:n:p:R:S:T:uU:vV")) != -1) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:811:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (authinfo->random != NULL) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:812:27: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sctp_free_key(authinfo->random); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1503:26: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (stcb->asoc.authinfo.random != NULL) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1504:37: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sctp_free_key(stcb->asoc.authinfo.random); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1555:48: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sctp_compute_hashkey(stcb->asoc.authinfo.random, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1700:48: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sctp_compute_hashkey(stcb->asoc.authinfo.random, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2013:26: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (stcb->asoc.authinfo.random != NULL) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2014:40: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sctp_free_key(stcb->asoc.authinfo.random); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.h:92:14: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. sctp_key_t *random; /* local random key (concatenated) */ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_callout.h:57:37: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define SCTP_TIMERQ_LOCK() EnterCriticalSection(&SCTP_BASE_VAR(timer_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_callout.h:59:37: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. #define SCTP_TIMERQ_LOCK_INIT() InitializeCriticalSection(&SCTP_BASE_VAR(timer_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:298:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define random() rand() data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:299:9: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define srandom(s) srand(s) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:299:20: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define srandom(s) srand(s) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:5212:27: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if (stcb->asoc.authinfo.random != NULL) { data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:122:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&SCTP_BASE_INFO(wq_addr_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:126:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&SCTP_BASE_INFO(wq_addr_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:132:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&SCTP_BASE_INFO(ipi_ep_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:136:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&SCTP_BASE_INFO(ipi_ep_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:140:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&SCTP_BASE_INFO(ipi_ep_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:147:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&SCTP_BASE_INFO(ipi_pktlog_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:151:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&SCTP_BASE_INFO(ipi_pktlog_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:161:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(_inp)->inp_rdata_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:165:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_rdata_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:170:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(_inp)->inp_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:177:3: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_mtx); \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:182:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_mtx); \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:186:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:188:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:194:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(_tcb)->tcb_send_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:198:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_tcb)->tcb_send_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:206:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(_inp)->inp_create_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:213:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_create_mtx); \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:217:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_inp)->inp_create_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:236:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(_tcb)->tcb_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:243:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_tcb)->tcb_mtx); \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:247:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_tcb)->tcb_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:500:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&(_so_buf)->sb_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:535:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&SCTP_BASE_INFO(ipi_addr_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:539:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&SCTP_BASE_INFO(ipi_addr_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:543:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&SCTP_BASE_INFO(ipi_addr_mtx)) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:552:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&sctp_it_ctl.it_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:556:3: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&sctp_it_ctl.it_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:561:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&sctp_it_ctl.ipi_iterator_wq_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_process_lock.h:565:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&sctp_it_ctl.ipi_iterator_wq_mtx) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_userspace.c:359:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&(cv->waiters_count_lock)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_userspace.c:377:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_userspace.c:385:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_userspace.c:391:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection (mtx); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_userspace.c:399:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&cv->waiters_count_lock); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_atomic.h:178:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&atomic_mtx); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_atomic.h:184:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&atomic_mtx); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:92:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(&accept_mtx); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socketvar.h:245:2: [3] (misc) EnterCriticalSection: On some versions of Windows, exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. EnterCriticalSection(&accept_mtx); \ data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socketvar.h:277:2: [3] (misc) InitializeCriticalSection: Exceptions can be thrown in low-memory situations. Use InitializeCriticalSectionAndSpinCount instead. InitializeCriticalSection(SOCKBUF_MTX(_sb)) data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_connect.c:436:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fuzz_packet_buffer, fuzz_common_header, COMMON_HEADER_SIZE); // common header data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_connect.c:437:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fuzz_packet_buffer + COMMON_HEADER_SIZE, data + 1, data_size - 1); data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_fragment.c:334:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fuzz_packet_buffer, data_common_headr, COMMON_HEADER_SIZE); // common header data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_fragment.c:335:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fuzz_packet_buffer + COMMON_HEADER_SIZE, data+fuzz_data_count, data_chunk_size); data/libusrsctp-0.9.3.0+20201102/fuzzer/pcap2corpus.c:161:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(filename, "w"); data/libusrsctp-0.9.3.0+20201102/fuzzer/pcap2corpus.c:193:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c, argv[i], arg_len); data/libusrsctp-0.9.3.0+20201102/fuzzer/pcap2corpus.c:206:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[PCAP_ERRBUF_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/chargen_server_upcall.c:57:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[95]; data/libusrsctp-0.9.3.0+20201102/programs/chargen_server_upcall.c:162:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/chargen_server_upcall.c:192:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/client.c:101:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[80]; data/libusrsctp-0.9.3.0+20201102/programs/client.c:110:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/client.c:138:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr6.sin6_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/client.c:147:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[5])); data/libusrsctp-0.9.3.0+20201102/programs/client.c:162:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr4.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/client.c:163:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr6.sin6_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/client.c:188:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client.c:202:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client.c:236:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client.c:250:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:141:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[200]; data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:145:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:168:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr6.sin6_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:179:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[5])); data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:197:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr4.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:198:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr6.sin6_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:225:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:273:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:287:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/daytime_server.c:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[80]; data/libusrsctp-0.9.3.0+20201102/programs/daytime_server.c:73:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/daytime_server.c:89:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/daytime_server_upcall.c:60:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[80]; data/libusrsctp-0.9.3.0+20201102/programs/daytime_server_upcall.c:96:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/daytime_server_upcall.c:113:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/discard_server.c:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/discard_server.c:137:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/discard_server.c:138:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/discard_server.c:144:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/discard_server.c:173:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/discard_server_upcall.c:59:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/discard_server_upcall.c:97:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&addr4, (struct sockaddr_in *)&addr, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/programs/discard_server_upcall.c:106:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&addr6, (struct sockaddr_in6 *)&addr, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/programs/discard_server_upcall.c:158:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/discard_server_upcall.c:188:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/echo_server.c:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/echo_server.c:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/echo_server.c:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/echo_server.c:159:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/echo_server.c:188:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/echo_server_upcall.c:59:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/echo_server_upcall.c:99:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&addr4, (struct sockaddr_in *)&addr, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/programs/echo_server_upcall.c:108:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&addr6, (struct sockaddr_in6 *)&addr, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/programs/echo_server_upcall.c:175:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/echo_server_upcall.c:205:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_client.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PACKET_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_client.c:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_client.c:207:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_client.c:228:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[4])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PACKET_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:207:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:221:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:270:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:284:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:356:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). client_port = atoi(argv[1]); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:360:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). server_port = atoi(argv[2]); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop.c:364:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). crc32c_offloading = atoi(argv[3]); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:85:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PACKET_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:237:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:251:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:300:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:314:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:391:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile = fopen("ekr_loop_upcall.log", "a+"); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:400:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). client_port = atoi(argv[1]); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:404:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). server_port = atoi(argv[2]); data/libusrsctp-0.9.3.0+20201102/programs/ekr_loop_upcall.c:408:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). crc32c_offloading = atoi(argv[3]); data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PACKET_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:168:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[LINE_LENGTH]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:202:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:223:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[4])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:276:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sconn.sconn_port = htons(atoi(argv[5])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:286:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sconn.sconn_port = htons(atoi(argv[6])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_server.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PACKET_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/ekr_server.c:205:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/ekr_server.c:226:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[4])); data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:70:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request[512]; data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:144:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr4.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:154:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr6.sin6_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:162:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:219:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bind4.sin_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:234:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bind6.sin6_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:248:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[5])); data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:70:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char request[512]; data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:172:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr4.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:182:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr6.sin6_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:190:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[4]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:239:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bind4.sin_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:254:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bind6.sin6_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:268:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[5])); data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:89:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charbuf[1024]; data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:109:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charbuf[1024]; data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charbuf[1024]; data/libusrsctp-0.9.3.0+20201102/programs/programs_helper.c:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:917:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1316:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[LINE_LENGTH + 1]; data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1333:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1336:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). usrsctp_init(atoi(argv[1]), NULL, debug_printf_stack); data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1353:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). encaps.sue_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1398:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr.sin_port = htons(atoi(argv[4])); data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1414:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). addr.sin_port = htons(atoi(argv[3])); data/libusrsctp-0.9.3.0+20201102/programs/st_client.c:95:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_PACKET_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/st_client.c:143:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/st_client.c:165:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[BUFFER_SIZE]; data/libusrsctp-0.9.3.0+20201102/programs/st_client.c:307:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[2])); data/libusrsctp-0.9.3.0+20201102/programs/st_client.c:328:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sin.sin_port = htons(atoi(argv[4])); data/libusrsctp-0.9.3.0+20201102/programs/st_client.c:376:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sconn.sconn_port = htons(atoi(argv[5])); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:466:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ind.ssb_adaptation_ind = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:472:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). round_duration = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:478:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). length = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:481:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). number_of_messages = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:484:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:487:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). policy = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:490:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). local_udp_port = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:493:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fragpoint = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:501:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rcvbufsize = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:504:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sndbufsize = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:507:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timetolive = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:510:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). runtime = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:517:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). remote_udp_port = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:540:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ind.ssb_adaptation_ind = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:551:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). length = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:559:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:567:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). policy = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:575:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). number_of_messages = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:583:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fragpoint = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:599:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). remote_udp_port = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:607:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). local_udp_port = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:615:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rcvbufsize = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:623:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sndbufsize = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:631:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timetolive = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:639:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). runtime = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp.c:775:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:163:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char output[200]; data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrbuf[INET_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:434:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ind.ssb_adaptation_ind = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:440:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). local_udp_port = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:443:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fragpoint = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:449:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_message_length = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:458:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_messages = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:461:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_port = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:464:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rcvbufsize = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:467:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sndbufsize = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:470:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_runtime = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:477:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). remote_udp_port = atoi(optarg); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:500:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ind.ssb_adaptation_ind = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:511:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). local_udp_port = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:519:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fragpoint = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:530:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_message_length = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:546:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_messages = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:554:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_port = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:562:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rcvbufsize = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:570:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sndbufsize = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:578:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). par_runtime = atoi(opt); data/libusrsctp-0.9.3.0+20201102/programs/tsctp_upcall.c:590:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). remote_udp_port = atoi(opt); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:144:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tlv, error_tlv, tlv_length); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:230:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t)&sin6->sin6_addr, v6addr->addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:391:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin6->sin6_addr, v6addr->addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:529:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t)&sin6->sin6_addr, v6addr->addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:1323:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&aa->ap.addrp.addr, &sin6->sin6_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:1338:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&aa->ap.addrp.addr, &sin->sin_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:1538:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&aa->ap.addrp.addr, &sin6->sin6_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:1552:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&aa->ap.addrp.addr, &sin->sin_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:1736:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:2690:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lookup->addr, &aa->ap.addrp.addr, addr_size); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:2695:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, &aa->ap, p_length); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:2764:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lookup->addr, addr_ptr, addr_size); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:2844:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sin6.sin6_addr, a6p->addr, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_asconf.c:2997:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin6_tmp, sin6, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:98:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_list, list, sizeof(*new_list)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:342:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key, key, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:431:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_ptr, shared->key, shared->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:435:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_ptr, key1->key, key1->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:439:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_ptr, key2->key, key2->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:444:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_ptr, shared->key, shared->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:448:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_ptr, key2->key, key2->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:452:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_ptr, key1->key, key1->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:770:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, &hmac_id, sizeof(hmac_id)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:973:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ipad, key, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:974:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opad, key, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1033:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ipad, key, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1034:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(opad, key, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1108:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key->key, temp, key->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1142:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key->key, temp, key->keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1487:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key, p_random, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1493:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key + keylen, chunks, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1499:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key + keylen, hmacs, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:1718:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(digest, auth->hmac, digestlen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2083:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(text, "Hi There"); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2098:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(key, "Jefe"); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2100:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(text, "what do ya want for nothing?"); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2132:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key, "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19", keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2152:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(text, "Test With Truncation"); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2169:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(text, "Test Using Larger Than Block-Size Key - Hash Key First"); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_auth.c:2186:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(text, "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_bsd_addr.c:490:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[SCTP_IFNAMSIZ]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_bsd_addr.c:981:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)lenat, (void *)SCTP_BASE_VAR(packet_log_buffer), this_copy); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_header.h:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[SCTP_ARRAY_MIN_LEN]; /* host name */ data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_header.h:109:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char address[SCTP_ADDRMAX]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:294:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outinfo, sinfo, sizeof(struct sctp_extrcvinfo)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:439:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:525:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:1712:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:2721:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to, from, SCTP_BUF_LEN((*mm))); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:2756:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:2767:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:2790:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:2859:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:2878:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:3999:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:4547:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_indata.c:5596:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:655:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sin6.sin6_addr, cp->heartbeat.hb_info.address, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:669:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sconn.sconn_addr, cp->heartbeat.hb_info.address, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:2409:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sin6.sin6_addr, cookie->laddress, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:2420:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sconn.sconn_addr, cookie->laddress, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:2620:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cookie->address, &sconnp->sconn_addr , sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:2627:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cookie->laddress, &sconnp->sconn_addr , sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:2840:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sconn.sconn_addr, cookie->address, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:3277:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&bkup, cp, sizeof(struct old_sctp_ecne_chunk)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:4197:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&liste->list_of_streams, req->list_of_streams, number_entries * sizeof(uint16_t)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:4621:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(desc.data_bytes, data_chunk + 1, SCTP_NUM_DB_TO_VERIFY); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:4645:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(desc.data_bytes, idata_chunk + 1, SCTP_NUM_DB_TO_VERIFY); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:4736:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_input.c:5752:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:219:9: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define bcopy(srcKey, dstKey, len) memcpy(dstKey, srcKey, len) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_os_userspace.h:219:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define bcopy(srcKey, dstKey, len) memcpy(dstKey, srcKey, len) data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:2848:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin6, &ro->ro_dst, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:2895:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lsa6, &sifa->address.sin6, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:3979:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stc, stc_in, sizeof(struct sctp_state_cookie)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:4253:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ro->ro_dst, to, to->sa_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:4255:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ro->ro_dst, to, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:4372:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&iproute, ro, sizeof(*ro)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:4598:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ro->ro_dst, sin6, sin6->sin6_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:4600:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ro->ro_dst, sin6, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:5223:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(randp, stcb->asoc.authinfo.random->key, parameter_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:5847:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t)&sin6.sin6_addr, p6->addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6003:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6125:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.address, &src6->sin6_addr, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6171:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.laddress, &dst6->sin6_addr, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6184:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.address, &srcconn->sconn_addr, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6191:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.laddress, &dstconn->sconn_addr, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6267:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.address, &sin6->sin6_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6287:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.laddress, &net->ro._s_addr->address.sin6.sin6_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6299:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.address, &sconn->sconn_addr, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6305:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&stc.laddress, &sconn->sconn_addr, sizeof(void *)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:7250:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:7396:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ca->sndrcv, srcv, sizeof(struct sctp_nonpad_sndrcvinfo)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:10125:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:12105:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hb->heartbeat.hb_info.address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:12112:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hb->heartbeat.hb_info.address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:12119:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hb->heartbeat.hb_info.address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:14619:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:14901:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&gw6.sin6_addr, &pfxrtr->router->rtaddr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:113:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tmp_a, a, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:117:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tmp_b, b, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:668:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sctp_ifap->address, addr, addr->sa_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:673:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sctp_ifap->address, addr, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:678:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sctp_ifap->address, addr, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:683:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sctp_ifap->address, addr, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:2422:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin4.sin_addr, &p4->addr, sizeof(p4->addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:2443:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin6.sin6_addr, &p6->addr, sizeof(p6->addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:2681:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin6->sin6_addr, &p6->addr, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:2710:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sin->sin_addr, &p4->addr, sizeof(struct in_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:3060:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_inp->sctp_ep.secret_key, old_inp->sctp_ep.secret_key, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:3678:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sin, addr, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:3684:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sin6, addr, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:3690:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&store.sconn, addr, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:4448:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&net->ro._l_addr, newaddr, newaddr->sa_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:4454:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&net->ro._l_addr, newaddr, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:4462:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&net->ro._l_addr, newaddr, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:4470:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&net->ro._l_addr, newaddr, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7177:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7215:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t)&sin6.sin6_addr, p6->addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7271:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[SCTP_DIAG_INFO_LEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7356:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sin6.sin6_addr.s6_addr, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7607:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key, p_random, keylen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7613:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key + keylen, chunks, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.c:7619:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_key->key + keylen, hmacs, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.h:90:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifn_name[SCTP_IFNAMSIZ]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_pcb.h:448:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char align[(sizeof(struct inpcb) + SCTP_ALIGNM1) & data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sha1.c:207:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ctx->sha_block[ctx->how_many_in_block], data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sha1.c:214:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ctx->sha_block[ctx->how_many_in_block], data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sha1.h:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sha_block[64]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sysctl.c:381:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&xladdr.address, (const void *)&sctp_ifa->address, sizeof(union sctp_sockstore)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sysctl.c:399:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&xladdr.address, (const void *)&laddr->ifa->address, sizeof(union sctp_sockstore)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sysctl.c:1003:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sarry, &sb_temp, sizeof(struct sctpstat)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_sysctl.c:1013:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&SCTP_BASE_STATS, &sb_temp, sizeof(struct sctpstat)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1412:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, src->sa_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1417:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1422:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1427:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1591:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, sin, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1661:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, sin6, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:1676:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, &sctp_ifa->address.sconn, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:2532:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vrf_ids, inp->m_vrf_ids, siz_needed); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:2865:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, &net->ro._l_addr, cpsz); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:2868:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, &net->ro._l_addr, cpsz); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3244:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sstat->sstat_primary.spinfo_address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3251:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sstat->sstat_primary.spinfo_address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3258:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sstat->sstat_primary.spinfo_address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3265:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sstat->sstat_primary.spinfo_address, data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3419:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s_info, &stcb->asoc.def_send, sizeof(stcb->asoc.def_send)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3427:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(s_info, &inp->def_send, sizeof(inp->def_send)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3473:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ssp->ssp_addr, &addr->sin, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3476:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ssp->ssp_addr, &addr->sin, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3482:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ssp->ssp_addr, &addr->sin6, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:3487:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ssp->ssp_addr, &addr->sconn, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_usrreq.c:4981:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tarray, inp->m_vrf_ids, (sizeof(uint32_t) * inp->vrf_size)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:1472:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_array1, asoc->mapping_array, asoc->mapping_array_size); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:1473:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_array2, asoc->nr_mapping_array, asoc->mapping_array_size); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:3176:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, mtod(m, caddr_t) + off, count); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:3327:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sac->sac_info, abort, abort_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:3436:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&spc->spc_aaddr, sa, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:3439:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&spc->spc_aaddr, sa, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:3449:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&spc->spc_aaddr, sa, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:3473:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&spc->spc_aaddr, sa, sizeof(struct sockaddr_conn)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:4202:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sre->sre_data, chunk, chunk_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:5011:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip6buf[INET6_ADDRSTRLEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:5441:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cause->info, info, info_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:6565:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(from, &store, min((size_t)fromlen, len)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet6/sctp6_usrreq.c:1550:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, &sin6, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet6/sctp6_usrreq.c:1613:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, &sin6, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_environment.c:130:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *)buf + position, &randval, remaining); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_environment.c:151:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/urandom", O_RDONLY); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_ip_icmp.h:130:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id_data[1]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_malloc.h:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mth_name[MALLOC_MAX_NAME]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:873:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtod(m, caddr_t) + m->m_len,mtod(n, caddr_t), (u_int)count); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1036:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( mtod(n->m_next, caddr_t), mtod(n, caddr_t) + off,hlen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1058:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtod(o, caddr_t), mtod(n, caddr_t) + off, hlen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1170:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtod(n, caddr_t), mtod(m, caddr_t) + off, (u_int)n->m_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1236:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p + 1, t + 1, t->m_tag_len); /* Copy the data */ data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1292:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(off + mtod(m, caddr_t), cp, (u_int)mlen); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1368:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, mtod(m, caddr_t) + off, count); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1395:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtod(m, caddr_t) + m->m_len, mtod(n, caddr_t), (u_int)n->m_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1538:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mtod(n, caddr_t), mtod(m, caddr_t) + len, remain); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.c:1559:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer+offset, mtod(mb, caddr_t), count_to_copy); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.h:212:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char MH_databuf[MHLEN]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_mbuf.h:215:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char M_databuf[MLEN]; /* !M_PKTHDR, !M_EXT */ data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:143:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rt_buffer[1024]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:239:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sa->sin_addr, inp, sizeof(struct in_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:248:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sa6->sin6_addr, inp, sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:458:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmsgbuf[CMSG_SPACE(sizeof (struct in6_pktinfo))]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:468:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ControlBuffer[1024]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:578:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&dst.sin6_addr, (const void *) &(info->ipi6_addr), sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:659:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmsgbuf[CMSG_SPACE(sizeof(struct in_pktinfo))]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:661:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmsgbuf[CMSG_SPACE(sizeof(struct in_addr))]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:672:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ControlBuffer[1024]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:782:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&dst.sin_addr, (const void *)&(info->ipi_addr), sizeof(struct in_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:794:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&dst.sin_addr, (const void *)addr, sizeof(struct in_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:871:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmsgbuf[CMSG_SPACE(sizeof (struct in6_pktinfo))]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:881:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ControlBuffer[1024]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_recv_thread.c:995:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&dst.sin6_addr, (const void *)&(info->ipi6_addr), sizeof(struct in6_addr)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:565:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:571:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:646:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(iov->iov_base, cp, cnt); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:648:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, iov->iov_base, cnt); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:704:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t)&sp.spinfo_address, sa, sa->sa_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:724:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((caddr_t)&sp.spinfo_address, sa, sa_len); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:2599:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SCTP_STACK_BUF_SIZE]; data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:2630:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpto, at, sizeof(struct sockaddr_in)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:2658:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpto, at, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:2667:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpto, at, sizeof(struct sockaddr_in6)); data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_connect.c:391:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). usrsctp_sendv(socket_client, sendbuffer, strlen(sendbuffer), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0); data/libusrsctp-0.9.3.0+20201102/fuzzer/fuzzer_connect.c:431:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). usrsctp_sendv(socket_client, sendbuffer, strlen(sendbuffer), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0); data/libusrsctp-0.9.3.0+20201102/fuzzer/pcap2corpus.c:184:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(argv[i]) + 1; data/libusrsctp-0.9.3.0+20201102/fuzzer/pcap2corpus.c:192:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). arg_len = strlen(argv[i]); data/libusrsctp-0.9.3.0+20201102/programs/chargen_server_upcall.c:139:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (usrsctp_sendv(upcall_socket, buffer, strlen(buffer), NULL, 0, &snd_info, (socklen_t)sizeof(struct sctp_sndinfo), SCTP_SENDV_SNDINFO, 0) < 0) { data/libusrsctp-0.9.3.0+20201102/programs/client.c:272:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). usrsctp_sendv(sock, buffer, strlen(buffer), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0); data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:311:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer[strlen(buffer)] = '\0'; data/libusrsctp-0.9.3.0+20201102/programs/client_upcall.c:312:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). usrsctp_sendv(sock, buffer, strlen(buffer), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0); data/libusrsctp-0.9.3.0+20201102/programs/daytime_server.c:125:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (usrsctp_sendv(conn_sock, buffer, strlen(buffer), NULL, 0, (void *)&sndinfo, data/libusrsctp-0.9.3.0+20201102/programs/daytime_server_upcall.c:83:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). usrsctp_sendv(conn_sock, buffer, strlen(buffer), NULL, 0, (void *)&sndinfo, data/libusrsctp-0.9.3.0+20201102/programs/ekr_peer.c:314:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (usrsctp_sendv(s, line, strlen(line), NULL, 0, (void *)&sndinfo, data/libusrsctp-0.9.3.0+20201102/programs/http_client.c:295:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (usrsctp_sendv(sock, request, strlen(request), NULL, 0, &sndinfo, sizeof(struct sctp_sndinfo), SCTP_SENDV_SNDINFO, 0) < 0) { data/libusrsctp-0.9.3.0+20201102/programs/http_client_upcall.c:130:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytesSent = usrsctp_sendv(sock, request, strlen(request), NULL, 0, NULL, 0, SCTP_SENDV_NOINFO, 0); data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1458:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(line, "?", strlen("?")) == 0 || data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1459:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncmp(line, "help", strlen("help")) == 0) { data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1467:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strncmp(line, "status", strlen("status")) == 0) { data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1471:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strncmp(line, "quit", strlen("quit")) == 0) { data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1507:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (send_user_message(&peer_connection, &peer_connection.channels[id], msg, strlen(msg))) { data/libusrsctp-0.9.3.0+20201102/programs/rtcweb.c:1509:82: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (send_user_message(&peer_connection, &peer_connection.channels[id], msg, strlen(msg) - 1)) { data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctp_output.c:6318:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). min(strlen(SCTP_VERSION_STRING), sizeof(stc.identification))); data/libusrsctp-0.9.3.0+20201102/usrsctplib/netinet/sctputil.c:5430:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). info_len = strlen(info); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_environment.c:163:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(fd, (char *)buf + position, size - position); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3203:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((dump_buf = malloc(PREAMBLE_LENGTH + strlen(HEADER) + 3 * len + strlen(TRAILER) + 1)) == NULL) { data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3203:70: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((dump_buf = malloc(PREAMBLE_LENGTH + strlen(HEADER) + 3 * len + strlen(TRAILER) + 1)) == NULL) { data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3238:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy_s(dump_buf + pos, strlen(HEADER) + 1, HEADER, strlen(HEADER)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3238:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy_s(dump_buf + pos, strlen(HEADER) + 1, HEADER, strlen(HEADER)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3242:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pos += strlen(HEADER); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3255:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy_s(dump_buf + pos, strlen(TRAILER) + 1, TRAILER, strlen(TRAILER)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3255:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy_s(dump_buf + pos, strlen(TRAILER) + 1, TRAILER, strlen(TRAILER)); data/libusrsctp-0.9.3.0+20201102/usrsctplib/user_socket.c:3259:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pos += strlen(TRAILER); ANALYSIS SUMMARY: Hits = 472 Lines analyzed = 103605 in approximately 2.63 seconds (39364 lines/second) Physical Source Lines of Code (SLOC) = 82225 Hits@level = [0] 406 [1] 30 [2] 374 [3] 59 [4] 9 [5] 0 Hits@level+ = [0+] 878 [1+] 472 [2+] 442 [3+] 68 [4+] 9 [5+] 0 Hits/KSLOC@level+ = [0+] 10.678 [1+] 5.74035 [2+] 5.37549 [3+] 0.826999 [4+] 0.109456 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.