Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c
Examining data/nagios-nrpe-4.0.3/include/acl.h
Examining data/nagios-nrpe-4.0.3/include/nrpe.h
Examining data/nagios-nrpe-4.0.3/include/utils.h
Examining data/nagios-nrpe-4.0.3/include/dh.h
Examining data/nagios-nrpe-4.0.3/src/acl.c
Examining data/nagios-nrpe-4.0.3/src/check_nrpe.c
Examining data/nagios-nrpe-4.0.3/src/nrpe.c
Examining data/nagios-nrpe-4.0.3/src/snprintf.c
Examining data/nagios-nrpe-4.0.3/src/utils.c
FINAL RESULTS:
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:34:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state,argv[1]);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:35:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state_type,argv[2]);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:37:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host_name,argv[4]);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:51:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_input,input_buffer);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:52:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_string,strtok(temp_input,"="));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:53:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ent_type,strtok(temp_string,"["));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:56:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(test_host,strtok(NULL,"]"));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:60:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(service_name,strtok(NULL,";"));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:65:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(check_name,strtok(temp_var,"!"));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:92:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_input,input_buffer);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:93:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_string,strtok(temp_input,"="));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:94:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ent_type,strtok(temp_string,"["));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:97:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(test_host,strtok(NULL,"]"));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:101:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(service_name,strtok(NULL,";"));
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:106:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(check_name,strtok(temp_var,"!"));
data/nagios-nrpe-4.0.3/src/acl.c:467:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dns_acl_curr->domain, domain);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1236:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&v3_send_packet->buffer[0], query);
data/nagios-nrpe-4.0.3/src/nrpe.c:1670:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host, ipstr);
data/nagios-nrpe-4.0.3/src/nrpe.c:1818:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(send_buff, buffer);
data/nagios-nrpe-4.0.3/src/nrpe.c:1835:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(send_buff, buffer);
data/nagios-nrpe-4.0.3/src/nrpe.c:1929:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&v3_send_packet->buffer[0], send_buff);
data/nagios-nrpe-4.0.3/src/nrpe.c:2378:8: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen(command, "r"); /* run the command */
data/nagios-nrpe-4.0.3/src/snprintf.c:1198:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf smb_vsnprintf
data/nagios-nrpe-4.0.3/src/snprintf.c:1214:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(str, count, fmt, ap);
data/nagios-nrpe-4.0.3/src/snprintf.c:1218:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf smb_snprintf
data/nagios-nrpe-4.0.3/src/snprintf.c:1231:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(NULL, 0, format, ap2);
data/nagios-nrpe-4.0.3/src/snprintf.c:1239:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(*ptr, ret+1, format, ap2);
data/nagios-nrpe-4.0.3/src/snprintf.c:1263:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
int sprintf(char *str,const char *fmt,...);
data/nagios-nrpe-4.0.3/src/snprintf.c:1332:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l1 = snprintf(NULL, 0, fp_fmt[x], fp_nums[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1333:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l2 = snprintf(buf1, sizeof(buf1), fp_fmt[x], fp_nums[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1334:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf2, fp_fmt[x], fp_nums[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1348:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l1 = snprintf(NULL, 0, int_fmt[x], int_nums[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1349:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l2 = snprintf(buf1, sizeof(buf1), int_fmt[x], int_nums[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1350:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf2, int_fmt[x], int_nums[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1364:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l1 = snprintf(NULL, 0, str_fmt[x], str_vals[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1365:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l2 = snprintf(buf1, sizeof(buf1), str_fmt[x], str_vals[y]);
data/nagios-nrpe-4.0.3/src/snprintf.c:1366:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (buf2, str_fmt[x], str_vals[y]);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:264:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, optchars, long_options, &option_index);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:266:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, optchars);
data/nagios-nrpe-4.0.3/src/nrpe.c:302:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/nagios-nrpe-4.0.3/src/nrpe.c:2975:7: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, optchars, long_options, &option_index);
data/nagios-nrpe-4.0.3/src/nrpe.c:2977:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, optchars);
data/nagios-nrpe-4.0.3/src/utils.c:126:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:13:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char check_name[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:14:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ent_type[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:15:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_buffer[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:16:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_name[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:17:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_name[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:18:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:19:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state_type[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:20:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_input[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:21:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_string[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:22:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test_host[MAX_CHARS];
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:36:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
attempt=atoi(argv[3]);
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:41:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
services_fp=fopen(SERVICES_FILE,"r");
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:42:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
command_fp=fopen(COMMAND_FILE,"a");
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:82:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
services_fp=fopen(SERVICES_FILE,"r");
data/nagios-nrpe-4.0.3/contrib/nrpe_check_control.c:83:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
command_fp=fopen(COMMAND_FILE,"a");
data/nagios-nrpe-4.0.3/include/acl.h:55:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[255];
data/nagios-nrpe-4.0.3/src/acl.c:314:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maskval = atoi(mask_part);
data/nagios-nrpe-4.0.3/src/acl.c:569:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formattedStr[INET6_ADDRSTRLEN];
data/nagios-nrpe-4.0.3/src/acl.c:577:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &addr6, ai->ai_addr, sizeof(addr6));
data/nagios-nrpe-4.0.3/src/check_nrpe.c:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeout_txt[10];
data/nagios-nrpe-4.0.3/src/check_nrpe.c:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rem_host[MAX_HOST_ADDRESS_LENGTH];
data/nagios-nrpe-4.0.3/src/check_nrpe.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[MAX_INPUT_BUFFER] = "";
data/nagios-nrpe-4.0.3/src/check_nrpe.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher_list[MAX_FILENAME_LENGTH];
data/nagios-nrpe-4.0.3/src/check_nrpe.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optchars[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/check_nrpe.c:314:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server_port = atoi(optarg);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:324:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
payload_size = atoi(optarg);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:412:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sslprm.allowDH = atoi(optarg);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:576:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(fname, "r")) == NULL) {
data/nagios-nrpe-4.0.3/src/check_nrpe.c:685:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(timeout_val) > 0)
data/nagios-nrpe-4.0.3/src/check_nrpe.c:686:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(timeout_val);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1007:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sslprm.cipher_list, ":!ADH");
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1153:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_cn[256], buffer[2048];
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1455:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*v2_pkt, &packet, common_size);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1486:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*v3_pkt, &packet, common_size);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1545:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*v2_pkt, &packet, common_size);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1582:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*v3_pkt, &packet, common_size);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], issuer[256];
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/nagios-nrpe-4.0.3/src/nrpe.c:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_host[MAX_HOST_ADDRESS_LENGTH];
data/nagios-nrpe-4.0.3/src/nrpe.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *macro_argv[MAX_COMMAND_ARGUMENTS];
data/nagios-nrpe-4.0.3/src/nrpe.c:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[MAX_INPUT_BUFFER] = "nrpe.cfg";
data/nagios-nrpe-4.0.3/src/nrpe.c:87:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_address[NI_MAXHOST] = "";
data/nagios-nrpe-4.0.3/src/nrpe.c:144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher_list[MAX_FILENAME_LENGTH];
data/nagios-nrpe-4.0.3/src/nrpe.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/nrpe.c:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seedfile[FILENAME_MAX];
data/nagios-nrpe-4.0.3/src/nrpe.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[120] = { "" };
data/nagios-nrpe-4.0.3/src/nrpe.c:462:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sslprm.cipher_list, ":!ADH");
data/nagios-nrpe-4.0.3/src/nrpe.c:627:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_WRONLY);
data/nagios-nrpe-4.0.3/src/nrpe.c:690:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_RDONLY); /* redirect standard descriptors to /dev/null */
data/nagios-nrpe-4.0.3/src/nrpe.c:691:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_WRONLY);
data/nagios-nrpe-4.0.3/src/nrpe.c:692:2: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open("/dev/null", O_WRONLY);
data/nagios-nrpe-4.0.3/src/nrpe.c:746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], issuer[256];
data/nagios-nrpe-4.0.3/src/nrpe.c:835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[MAX_FILENAME_LENGTH];
data/nagios-nrpe-4.0.3/src/nrpe.c:836:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_buffer[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/nrpe.c:845:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r"); /* open the config file for reading */
data/nagios-nrpe-4.0.3/src/nrpe.c:912:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_commands = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:919:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server_port = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:951:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:964:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
allow_arguments = (atoi(varvalue) == 1) ? TRUE : FALSE;
data/nagios-nrpe-4.0.3/src/nrpe.c:967:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
disable_syslog = (atoi(varvalue) == 1) ? TRUE : FALSE;
data/nagios-nrpe-4.0.3/src/nrpe.c:970:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
allow_bash_cmd_subst = (atoi(varvalue) == 1) ? TRUE : FALSE;
data/nagios-nrpe-4.0.3/src/nrpe.c:973:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
command_timeout = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:981:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connection_timeout = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:990:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssl_shutdown_timeout = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:999:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
allow_weak_random_seed = (atoi(varvalue) == 1) ? TRUE : FALSE;
data/nagios-nrpe-4.0.3/src/nrpe.c:1005:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
listen_queue_size = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:1047:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sslprm.allowDH = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:1072:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sslprm.client_certs = atoi(varvalue);
data/nagios-nrpe-4.0.3/src/nrpe.c:1126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[MAX_FILENAME_LENGTH];
data/nagios-nrpe-4.0.3/src/nrpe.c:1294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntop[NI_MAXHOST], strport[NI_MAXSERV];
data/nagios-nrpe-4.0.3/src/nrpe.c:1468:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrstr[100];
data/nagios-nrpe-4.0.3/src/nrpe.c:1588:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[INET6_ADDRSTRLEN];
data/nagios-nrpe-4.0.3/src/nrpe.c:1720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_INPUT_BUFFER], *send_buff = NULL, *send_pkt;
data/nagios-nrpe-4.0.3/src/nrpe.c:1721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_command[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/nrpe.c:1722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char processed_command[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/nrpe.c:1741:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
errfp = fopen("/tmp/err.log", "a");
data/nagios-nrpe-4.0.3/src/nrpe.c:1863:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(send_buff, "NRPE: Command timed out after %d seconds\n",
data/nagios-nrpe-4.0.3/src/nrpe.c:1867:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(send_buff, "NRPE: Unable to read output\n");
data/nagios-nrpe-4.0.3/src/nrpe.c:1997:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/nrpe.c:2048:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
errfp = fopen("/tmp/err.log", "a");
data/nagios-nrpe-4.0.3/src/nrpe.c:2151:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*v3_pkt, v2_pkt, common_size);
data/nagios-nrpe-4.0.3/src/nrpe.c:2246:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*v3_pkt, v2_pkt, common_size);
data/nagios-nrpe-4.0.3/src/nrpe.c:2300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/nrpe.c:2523:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gid = (gid_t) atoi(group);
data/nagios-nrpe-4.0.3/src/nrpe.c:2547:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uid = (uid_t) atoi(user);
data/nagios-nrpe-4.0.3/src/nrpe.c:2580:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuf[16];
data/nagios-nrpe-4.0.3/src/nrpe.c:2587:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(pid_file, O_RDONLY)) >= 0) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2594:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = (pid_t) atoi(pbuf);
data/nagios-nrpe-4.0.3/src/nrpe.c:2609:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(pid_file, O_WRONLY | O_CREAT, 0644)) >= 0) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2610:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pbuf, "%d\n", (int)getpid());
data/nagios-nrpe-4.0.3/src/nrpe.c:2908:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
arg_index = atoi(temp_buffer + 3);
data/nagios-nrpe-4.0.3/src/nrpe.c:2945:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optchars[MAX_INPUT_BUFFER];
data/nagios-nrpe-4.0.3/src/snprintf.c:682:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(buffer[currlen]), &(base[cnk->start]), len);
data/nagios-nrpe-4.0.3/src/snprintf.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[20];
data/nagios-nrpe-4.0.3/src/snprintf.c:960:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[311];
data/nagios-nrpe-4.0.3/src/snprintf.c:961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fconvert[311];
data/nagios-nrpe-4.0.3/src/snprintf.c:1267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[1024];
data/nagios-nrpe-4.0.3/src/snprintf.c:1268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[1024];
data/nagios-nrpe-4.0.3/src/snprintf.c:1395:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
l2 = sprintf(buf2, "%4$*1$d %2$s %3$*1$.*1$f", 3, "pos test", 12.3456, 9);
data/nagios-nrpe-4.0.3/src/snprintf.c:1405:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
l2 = sprintf(buf2, "%4$*4$d %2$s %3$*4$.*4$f", 3, "pos test", 12.3456, 9);
data/nagios-nrpe-4.0.3/src/snprintf.c:1415:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
l2 = sprintf(buf2, "%lld", (LLONG)1234567890);
data/nagios-nrpe-4.0.3/src/snprintf.c:1425:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
l2 = sprintf(buf2, "%Lf", (LDOUBLE)890.1234567890123);
data/nagios-nrpe-4.0.3/src/snprintf.c:1442:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf2, "%1.1f", r);
data/nagios-nrpe-4.0.3/src/utils.c:117:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("/dev/urandom", "r");
data/nagios-nrpe-4.0.3/src/utils.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntop[NI_MAXHOST], strport[NI_MAXSERV];
data/nagios-nrpe-4.0.3/src/utils.c:180:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
data/nagios-nrpe-4.0.3/src/utils.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strport[NI_MAXSERV];
data/nagios-nrpe-4.0.3/src/utils.c:502:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fh = open(log_file, flags, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) == -1) {
data/nagios-nrpe-4.0.3/src/acl.c:144:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ipv4);
data/nagios-nrpe-4.0.3/src/acl.c:403:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(domain);
data/nagios-nrpe-4.0.3/src/acl.c:641:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trimmed_tok = malloc(sizeof(char) * (strlen(tok) + 1));
data/nagios-nrpe-4.0.3/src/acl.c:645:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(trimmed_tok) > 0) {
data/nagios-nrpe-4.0.3/src/check_nrpe.c:155:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sslprm.cipher_list, "ALL:!MD5:@STRENGTH:@SECLEVEL=0", MAX_FILENAME_LENGTH - 1);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:157:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sslprm.cipher_list, "ALL:!MD5:@STRENGTH", MAX_FILENAME_LENGTH - 1);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:482:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sslprm.cipher_list, optarg, sizeof(sslprm.cipher_list) - 1);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:526:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = sizeof(query) - strlen(query) - 2;
data/nagios-nrpe-4.0.3/src/check_nrpe.c:530:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(query, "!");
data/nagios-nrpe-4.0.3/src/check_nrpe.c:531:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(query, argv[c], i);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1006:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sslprm.cipher_list) < sizeof(sslprm.cipher_list) - 6) {
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1015:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sslprm.cipher_list, "ADH@SECLEVEL=0", MAX_FILENAME_LENGTH - 1);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1017:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sslprm.cipher_list, "ADH", MAX_FILENAME_LENGTH - 1);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1076:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(rem_host, "Unknown", sizeof(rem_host));
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1205:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&v2_send_packet->buffer[0], query, payload_size);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1208:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&v2_send_packet->buffer[0], query, MAX_PACKETBUFFER_LENGTH);
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1219:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(query) + 1;
data/nagios-nrpe-4.0.3/src/check_nrpe.c:1221:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(query) + 1;
data/nagios-nrpe-4.0.3/src/nrpe.c:183:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, config_file, sizeof(buffer));
data/nagios-nrpe-4.0.3/src/nrpe.c:187:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(config_file, "");
data/nagios-nrpe-4.0.3/src/nrpe.c:194:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(config_file, "/", sizeof(config_file) - 2);
data/nagios-nrpe-4.0.3/src/nrpe.c:198:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(config_file, buffer, sizeof(config_file) - strlen(config_file) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:198:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(config_file, buffer, sizeof(config_file) - strlen(config_file) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:461:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sslprm.cipher_list) < sizeof(sslprm.cipher_list) - 6)
data/nagios-nrpe-4.0.3/src/nrpe.c:467:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sslprm.cipher_list, "ADH@SECLEVEL=0", MAX_FILENAME_LENGTH - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:469:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(sslprm.cipher_list, "ADH", MAX_FILENAME_LENGTH - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:781:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(input);
data/nagios-nrpe-4.0.3/src/nrpe.c:862:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(input_line);
data/nagios-nrpe-4.0.3/src/nrpe.c:892:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(config_file, varvalue, sizeof(config_file) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:896:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (config_file[strlen(config_file) - 1] == '/')
data/nagios-nrpe-4.0.3/src/nrpe.c:897:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
config_file[strlen(config_file) - 1] = '\x0';
data/nagios-nrpe-4.0.3/src/nrpe.c:931:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(server_address, varvalue, sizeof(server_address) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:1059:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(sslprm.cipher_list, varvalue, sizeof(sslprm.cipher_list) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:1158:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = strlen(dirfile->d_name);
data/nagios-nrpe-4.0.3/src/nrpe.c:1614:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(remote_host, inet_ntoa(nptr->sin_addr), sizeof(remote_host) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:1622:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(ipstr, "Unknown", sizeof(ipstr));
data/nagios-nrpe-4.0.3/src/nrpe.c:1624:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(remote_host, ipstr, sizeof(remote_host) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:1843:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(raw_command, temp_command->command_line, sizeof(raw_command) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:1854:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buffer, "");
data/nagios-nrpe-4.0.3/src/nrpe.c:1889:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pkt_size = strlen(send_buff);
data/nagios-nrpe-4.0.3/src/nrpe.c:1891:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (send_buff[strlen(send_buff) - 1] == '\n')
data/nagios-nrpe-4.0.3/src/nrpe.c:1892:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_buff[strlen(send_buff) - 1] = '\x0';
data/nagios-nrpe-4.0.3/src/nrpe.c:1907:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&send_packet.buffer[0], send_buff, MAX_PACKETBUFFER_LENGTH);
data/nagios-nrpe-4.0.3/src/nrpe.c:1917:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
data/nagios-nrpe-4.0.3/src/nrpe.c:1919:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
data/nagios-nrpe-4.0.3/src/nrpe.c:1928:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
v3_send_packet->buffer_length = htonl(strlen(send_buff) + 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2343:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*output, buffer, output_size - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2382:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buffer, "NRPE: Call to popen() failed\n", sizeof(buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2386:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd[1], buffer, strlen(buffer) + 1) == -1)
data/nagios-nrpe-4.0.3/src/nrpe.c:2447:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(fd[0], buffer, sizeof(buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2457:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(*output, buffer, output_size - tot_bytes - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2513:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(group, "0123456789") < strlen(group)) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2537:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strspn(user, "0123456789") < strlen(user)) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2589:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
result = read(fd, pbuf, (sizeof pbuf) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2612:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd, pbuf, strlen(pbuf)) == -1)
data/nagios-nrpe-4.0.3/src/nrpe.c:2872:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (result != strlen(str))
data/nagios-nrpe-4.0.3/src/nrpe.c:2886:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(output_buffer, "");
data/nagios-nrpe-4.0.3/src/nrpe.c:2896:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(output_buffer) + strlen(temp_buffer) < buffer_length - 1) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2896:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(output_buffer) + strlen(temp_buffer) < buffer_length - 1) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2897:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(output_buffer, temp_buffer, buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2897:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(output_buffer, temp_buffer, buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2904:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(output_buffer) + strlen(temp_buffer) < buffer_length - 1) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2904:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(output_buffer) + strlen(temp_buffer) < buffer_length - 1) {
data/nagios-nrpe-4.0.3/src/nrpe.c:2914:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(output_buffer, "$", buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2914:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(output_buffer, "$", buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2918:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(output_buffer, "$", buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2918:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(output_buffer, "$", buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2920:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(output_buffer, temp_buffer,
data/nagios-nrpe-4.0.3/src/nrpe.c:2921:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2923:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(output_buffer, "$", buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2923:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(output_buffer, "$", buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:2929:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(output_buffer, (selected_macro == NULL) ? "" : selected_macro,
data/nagios-nrpe-4.0.3/src/nrpe.c:2930:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_length - strlen(output_buffer) - 1);
data/nagios-nrpe-4.0.3/src/nrpe.c:3000:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(config_file, optarg, sizeof(config_file));
data/nagios-nrpe-4.0.3/src/snprintf.c:711:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max = strlen(cnk->strvalue);
data/nagios-nrpe-4.0.3/src/utils.c:119:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
seed = fgetc(fp);
data/nagios-nrpe-4.0.3/src/utils.c:282:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(keep);
data/nagios-nrpe-4.0.3/src/utils.c:310:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(var, environ[i], var_sz);
data/nagios-nrpe-4.0.3/src/utils.c:314:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(var, kept[j], strlen(kept[j])))
data/nagios-nrpe-4.0.3/src/utils.c:367:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = strlen(buffer); x >= 1; x--) {
ANALYSIS SUMMARY:
Hits = 231
Lines analyzed = 7893 in approximately 0.24 seconds (32688 lines/second)
Physical Source Lines of Code (SLOC) = 5994
Hits@level = [0] 241 [1] 80 [2] 108 [3] 6 [4] 37 [5] 0
Hits@level+ = [0+] 472 [1+] 231 [2+] 151 [3+] 43 [4+] 37 [5+] 0
Hits/KSLOC@level+ = [0+] 78.7454 [1+] 38.5385 [2+] 25.1919 [3+] 7.17384 [4+] 6.17284 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.