Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ndisc6-1.0.4/compat/inet6_rth_add.c Examining data/ndisc6-1.0.4/compat/fixups.h Examining data/ndisc6-1.0.4/compat/dummy.c Examining data/ndisc6-1.0.4/compat/ppoll.c Examining data/ndisc6-1.0.4/compat/fdatasync.c Examining data/ndisc6-1.0.4/rdnss/netlink.c Examining data/ndisc6-1.0.4/rdnss/rdnssd.h Examining data/ndisc6-1.0.4/rdnss/icmp.c Examining data/ndisc6-1.0.4/rdnss/rdnssd.c Examining data/ndisc6-1.0.4/include/gettext.h Examining data/ndisc6-1.0.4/src/trace-icmp.c Examining data/ndisc6-1.0.4/src/gettime.h Examining data/ndisc6-1.0.4/src/traceroute.h Examining data/ndisc6-1.0.4/src/trace-udp.c Examining data/ndisc6-1.0.4/src/tcptraceroute.c Examining data/ndisc6-1.0.4/src/trace-tcp.c Examining data/ndisc6-1.0.4/src/addrinfo.c Examining data/ndisc6-1.0.4/src/ndisc.c Examining data/ndisc6-1.0.4/src/tcpspray.c Examining data/ndisc6-1.0.4/src/traceroute.c FINAL RESULTS: data/ndisc6-1.0.4/rdnss/rdnssd.c:95:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmpfile, "%s.tmp", resolvpath); data/ndisc6-1.0.4/rdnss/rdnssd.c:551:4: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl (hookpath, hookpath, (char *)NULL); data/ndisc6-1.0.4/src/ndisc.c:176:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (req.ifr_name, ifname); data/ndisc6-1.0.4/src/ndisc.c:866:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (gettext (ndisc_usage), path); data/ndisc6-1.0.4/src/tcptraceroute.c:122:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (arg0, argv[0]); data/ndisc6-1.0.4/src/tcptraceroute.c:128:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ptr, bin_name); data/ndisc6-1.0.4/src/tcptraceroute.c:220:2: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp (optv[0], optv); data/ndisc6-1.0.4/src/traceroute.c:1011:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (ngettext ("%u hop max, ", "%u hops max, ", max_ttl), max_ttl); data/ndisc6-1.0.4/src/traceroute.c:1062:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf (ngettext ("%zu byte packets\n", "%zu bytes packets\n", packet_len), data/ndisc6-1.0.4/rdnss/rdnssd.c:781:16: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((val = getopt_long (argc, argv, optstring, opts, NULL)) != -1) data/ndisc6-1.0.4/src/addrinfo.c:185:16: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((val = getopt_long (argc, argv, sopts, lopts, NULL)) != EOF) data/ndisc6-1.0.4/src/ndisc.c:937:16: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((val = getopt_long (argc, argv, "1hmnqr:s:Vvw:", opts, NULL)) != EOF) data/ndisc6-1.0.4/src/tcpspray.c:347:14: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, optstr, opts, NULL)) != EOF) data/ndisc6-1.0.4/src/tcptraceroute.c:144:16: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((val = getopt_long (argc, argv, optstr, opts, NULL)) != EOF) data/ndisc6-1.0.4/src/traceroute.c:1341:16: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((val = getopt_long (argc, argv, optstr, opts, NULL)) != EOF) data/ndisc6-1.0.4/compat/inet6_rth_add.c:58:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (((uint8_t *)bp) + 8 + 16 * ((uint8_t *)bp)[3]++, addr, 16); data/ndisc6-1.0.4/include/gettext.h:218:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_ctxt_id[msgctxt_len + msgid_len]; data/ndisc6-1.0.4/include/gettext.h:220:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/ndisc6-1.0.4/include/gettext.h:229:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1); data/ndisc6-1.0.4/include/gettext.h:231:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len); data/ndisc6-1.0.4/include/gettext.h:266:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_ctxt_id[msgctxt_len + msgid_len]; data/ndisc6-1.0.4/include/gettext.h:268:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/ndisc6-1.0.4/include/gettext.h:277:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (msg_ctxt_id, msgctxt, msgctxt_len - 1); data/ndisc6-1.0.4/include/gettext.h:279:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (msg_ctxt_id + msgctxt_len, msgid, msgid_len); data/ndisc6-1.0.4/rdnss/rdnssd.c:69:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain[MAX_DOMAINLEN + 1]; data/ndisc6-1.0.4/rdnss/rdnssd.c:93:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpfile[strlen(resolvpath) + sizeof(".tmp")]; data/ndisc6-1.0.4/rdnss/rdnssd.c:93:7: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). char tmpfile[strlen(resolvpath) + sizeof(".tmp")]; data/ndisc6-1.0.4/rdnss/rdnssd.c:95:10: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). sprintf(tmpfile, "%s.tmp", resolvpath); data/ndisc6-1.0.4/rdnss/rdnssd.c:97:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). resolv = fopen(tmpfile, "w"); data/ndisc6-1.0.4/rdnss/rdnssd.c:97:17: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). resolv = fopen(tmpfile, "w"); data/ndisc6-1.0.4/rdnss/rdnssd.c:100:46: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). syslog (LOG_ERR, _("Cannot write %s: %m"), tmpfile); data/ndisc6-1.0.4/rdnss/rdnssd.c:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/rdnss/rdnssd.c:119:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char iface[IFNAMSIZ]; data/ndisc6-1.0.4/rdnss/rdnssd.c:128:16: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). rval = rename(tmpfile, resolvpath); data/ndisc6-1.0.4/rdnss/rdnssd.c:131:45: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). syslog(LOG_ERR, _("Cannot write %s: %m"), tmpfile); data/ndisc6-1.0.4/rdnss/rdnssd.c:247:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&servers.list[i].addr, addr, sizeof (*addr)); data/ndisc6-1.0.4/rdnss/rdnssd.c:256:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/rdnss/rdnssd.c:326:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain[MAX_DOMAINLEN]; data/ndisc6-1.0.4/rdnss/rdnssd.c:678:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; // enough for > 2^64 data/ndisc6-1.0.4/rdnss/rdnssd.c:686:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open (path, O_WRONLY|O_CREAT|O_NOFOLLOW, 0644); data/ndisc6-1.0.4/src/addrinfo.c:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[NI_MAXHOST]; data/ndisc6-1.0.4/src/addrinfo.c:100:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NI_MAXHOST + 1], *ptr; data/ndisc6-1.0.4/src/ndisc.c:106:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (addr, res->ai_addr, sizeof (struct sockaddr_in6)); data/ndisc6-1.0.4/src/ndisc.c:190:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (addr, req.ifr_hwaddr.sa_data, 6); data/ndisc6-1.0.4/src/ndisc.c:200:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(addr, sdl->sdl_data + sdl->sdl_nlen, 6); data/ndisc6-1.0.4/src/ndisc.c:238:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&ns->hdr.nd_ns_target, &tgt->sin6_addr, 16); data/ndisc6-1.0.4/src/ndisc.c:241:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tgt->sin6_addr.s6_addr, "\xff\x02\x00\x00\x00\x00\x00\x00" data/ndisc6-1.0.4/src/ndisc.c:349:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/src/ndisc.c:409:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/src/ndisc.c:411:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dst.s6_addr, opt + 8, (optlen - 1) << 3); data/ndisc6-1.0.4/src/ndisc.c:433:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/src/ndisc.c:465:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/ndisc6-1.0.4/src/ndisc.c:478:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (str, &base[i + 1], base[i]); data/ndisc6-1.0.4/src/ndisc.c:630:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cbuf[CMSG_SPACE (sizeof (int))]; data/ndisc6-1.0.4/src/ndisc.c:737:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/src/ndisc.c:797:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/src/tcpspray.c:141:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *stream = fopen (fillname, "r"); data/ndisc6-1.0.4/src/tcptraceroute.c:121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arg0[strlen (argv[0]) + sizeof (bin_name)]; data/ndisc6-1.0.4/src/tcptraceroute.c:135:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optbuf[3 * len + argc], *buf = optbuf; data/ndisc6-1.0.4/src/tcptraceroute.c:136:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *optv[argc + len + /* "-S", "-p", NULL */ 3]; data/ndisc6-1.0.4/src/trace-icmp.c:44:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas (struct icmp6_hdr) char buf[plen]; data/ndisc6-1.0.4/src/trace-tcp.c:55:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas (struct tcphdr) char buf[plen]; data/ndisc6-1.0.4/src/trace-tcp.c:133:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas (struct tcphdr) char buf[plen]; data/ndisc6-1.0.4/src/trace-udp.c:47:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. alignas (struct udphdr) char buf[plen]; data/ndisc6-1.0.4/src/traceroute.c:97:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ifname[IFNAMSIZ] = ""; data/ndisc6-1.0.4/src/traceroute.c:99:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *rt_segv[127]; data/ndisc6-1.0.4/src/traceroute.c:115:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cbuf[CMSG_SPACE (sizeof (int))]; data/ndisc6-1.0.4/src/traceroute.c:136:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (CMSG_DATA (cmsg), &hlim, sizeof (hlim)); data/ndisc6-1.0.4/src/traceroute.c:152:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cbuf[CMSG_SPACE (sizeof (int))]; data/ndisc6-1.0.4/src/traceroute.c:178:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (hlim, CMSG_DATA (cmsg), sizeof (*hlim)); data/ndisc6-1.0.4/src/traceroute.c:289:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&ip6->ip6_dst, data/ndisc6-1.0.4/src/traceroute.c:298:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&offset, payload + 2, 2); data/ndisc6-1.0.4/src/traceroute.c:581:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[NI_MAXHOST]; data/ndisc6-1.0.4/src/traceroute.c:595:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (buf, "???"); data/ndisc6-1.0.4/src/traceroute.c:779:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INET6_ADDRSTRLEN]; data/ndisc6-1.0.4/src/traceroute.c:783:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (buf, "??"); data/ndisc6-1.0.4/src/traceroute.c:792:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dst, res->ai_addr, res->ai_addrlen); data/ndisc6-1.0.4/src/traceroute.c:1157:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (t, &results, sizeof (*t)); data/ndisc6-1.0.4/include/gettext.h:214:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t msgctxt_len = strlen (msgctxt) + 1; data/ndisc6-1.0.4/include/gettext.h:215:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t msgid_len = strlen (msgid) + 1; data/ndisc6-1.0.4/include/gettext.h:262:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t msgctxt_len = strlen (msgctxt) + 1; data/ndisc6-1.0.4/include/gettext.h:263:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t msgid_len = strlen (msgid) + 1; data/ndisc6-1.0.4/rdnss/rdnssd.c:93:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char tmpfile[strlen(resolvpath) + sizeof(".tmp")]; data/ndisc6-1.0.4/rdnss/rdnssd.c:201:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (domains.list[i].domain, domain, MAX_DOMAINLEN); data/ndisc6-1.0.4/rdnss/rdnssd.c:355:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(domain + total_length, dom_list, len); data/ndisc6-1.0.4/rdnss/rdnssd.c:583:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(pipe, &buf, sizeof(buf)) > 0) data/ndisc6-1.0.4/rdnss/rdnssd.c:684:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (buf); data/ndisc6-1.0.4/rdnss/rdnssd.c:840:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read (pfd[0], &val, sizeof (val)) != sizeof (val)) data/ndisc6-1.0.4/src/ndisc.c:174:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (((unsigned)strlen (ifname)) >= (unsigned)IFNAMSIZ) data/ndisc6-1.0.4/src/tcptraceroute.c:121:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char arg0[strlen (argv[0]) + sizeof (bin_name)]; data/ndisc6-1.0.4/src/tcptraceroute.c:133:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen (argv[i]); data/ndisc6-1.0.4/src/traceroute.c:1384:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (ifname, optarg, IFNAMSIZ - 1); ANALYSIS SUMMARY: Hits = 92 Lines analyzed = 5663 in approximately 0.17 seconds (32993 lines/second) Physical Source Lines of Code (SLOC) = 4106 Hits@level = [0] 112 [1] 14 [2] 63 [3] 6 [4] 9 [5] 0 Hits@level+ = [0+] 204 [1+] 92 [2+] 78 [3+] 15 [4+] 9 [5+] 0 Hits/KSLOC@level+ = [0+] 49.6834 [1+] 22.4062 [2+] 18.9966 [3+] 3.65319 [4+] 2.19191 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.