Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/nsd-4.3.3/nsec3.h
Examining data/nsd-4.3.3/udbzone.c
Examining data/nsd-4.3.3/rbtree.h
Examining data/nsd-4.3.3/udbradtree.c
Examining data/nsd-4.3.3/lookup3.h
Examining data/nsd-4.3.3/configyyrename.h
Examining data/nsd-4.3.3/configparser.h
Examining data/nsd-4.3.3/tsig.h
Examining data/nsd-4.3.3/edns.h
Examining data/nsd-4.3.3/iterated_hash.c
Examining data/nsd-4.3.3/namedb.c
Examining data/nsd-4.3.3/answer.h
Examining data/nsd-4.3.3/difffile.h
Examining data/nsd-4.3.3/compat/strlcat.c
Examining data/nsd-4.3.3/compat/basename.c
Examining data/nsd-4.3.3/compat/memcmp.c
Examining data/nsd-4.3.3/compat/memcmp.h
Examining data/nsd-4.3.3/compat/inet_pton.c
Examining data/nsd-4.3.3/compat/pselect.c
Examining data/nsd-4.3.3/compat/b64_pton.c
Examining data/nsd-4.3.3/compat/cpuset.c
Examining data/nsd-4.3.3/compat/memmove.c
Examining data/nsd-4.3.3/compat/inet_ntop.c
Examining data/nsd-4.3.3/compat/cpuset.h
Examining data/nsd-4.3.3/compat/fake-rfc2553.h
Examining data/nsd-4.3.3/compat/strptime.c
Examining data/nsd-4.3.3/compat/strlcpy.c
Examining data/nsd-4.3.3/compat/malloc.c
Examining data/nsd-4.3.3/compat/reallocarray.c
Examining data/nsd-4.3.3/compat/b64_ntop.c
Examining data/nsd-4.3.3/compat/inet_aton.c
Examining data/nsd-4.3.3/compat/snprintf.c
Examining data/nsd-4.3.3/compat/fake-rfc2553.c
Examining data/nsd-4.3.3/compat/setproctitle.c
Examining data/nsd-4.3.3/nsd-checkzone.c
Examining data/nsd-4.3.3/zparser.h
Examining data/nsd-4.3.3/dbaccess.c
Examining data/nsd-4.3.3/dbcreate.c
Examining data/nsd-4.3.3/region-allocator.c
Examining data/nsd-4.3.3/dns.c
Examining data/nsd-4.3.3/zparser.c
Examining data/nsd-4.3.3/xfrd.c
Examining data/nsd-4.3.3/zonec.c
Examining data/nsd-4.3.3/axfr.c
Examining data/nsd-4.3.3/nsec3.c
Examining data/nsd-4.3.3/query.h
Examining data/nsd-4.3.3/nsd.h
Examining data/nsd-4.3.3/lookup3.c
Examining data/nsd-4.3.3/edns.c
Examining data/nsd-4.3.3/server.c
Examining data/nsd-4.3.3/util.h
Examining data/nsd-4.3.3/xfrd-disk.h
Examining data/nsd-4.3.3/rbtree.c
Examining data/nsd-4.3.3/rrl.c
Examining data/nsd-4.3.3/xfrd-tcp.h
Examining data/nsd-4.3.3/zonec.h
Examining data/nsd-4.3.3/namedb.h
Examining data/nsd-4.3.3/rdata.h
Examining data/nsd-4.3.3/popen3.c
Examining data/nsd-4.3.3/ipc.h
Examining data/nsd-4.3.3/remote.c
Examining data/nsd-4.3.3/nsd-mem.c
Examining data/nsd-4.3.3/nsd-checkconf.c
Examining data/nsd-4.3.3/dns.h
Examining data/nsd-4.3.3/xfr-inspect.c
Examining data/nsd-4.3.3/packet.h
Examining data/nsd-4.3.3/udb.h
Examining data/nsd-4.3.3/xfrd-notify.h
Examining data/nsd-4.3.3/radtree.h
Examining data/nsd-4.3.3/tsig-openssl.c
Examining data/nsd-4.3.3/bitset.h
Examining data/nsd-4.3.3/xfrd.h
Examining data/nsd-4.3.3/nsd.c
Examining data/nsd-4.3.3/zlexer.c
Examining data/nsd-4.3.3/popen3.h
Examining data/nsd-4.3.3/udbzone.h
Examining data/nsd-4.3.3/mini_event.c
Examining data/nsd-4.3.3/dname.h
Examining data/nsd-4.3.3/remote.h
Examining data/nsd-4.3.3/netio.h
Examining data/nsd-4.3.3/rdata.c
Examining data/nsd-4.3.3/difffile.c
Examining data/nsd-4.3.3/radtree.c
Examining data/nsd-4.3.3/iterated_hash.h
Examining data/nsd-4.3.3/configparser.c
Examining data/nsd-4.3.3/tsig-openssl.h
Examining data/nsd-4.3.3/buffer.c
Examining data/nsd-4.3.3/rrl.h
Examining data/nsd-4.3.3/answer.c
Examining data/nsd-4.3.3/ipc.c
Examining data/nsd-4.3.3/xfrd-notify.c
Examining data/nsd-4.3.3/dnstap/dnstap.h
Examining data/nsd-4.3.3/dnstap/dnstap_collector.c
Examining data/nsd-4.3.3/dnstap/dnstap_collector.h
Examining data/nsd-4.3.3/dnstap/dnstap.c
Examining data/nsd-4.3.3/dname.c
Examining data/nsd-4.3.3/udb.c
Examining data/nsd-4.3.3/udbradtree.h
Examining data/nsd-4.3.3/mini_event.h
Examining data/nsd-4.3.3/axfr.h
Examining data/nsd-4.3.3/query.c
Examining data/nsd-4.3.3/options.h
Examining data/nsd-4.3.3/netio.c
Examining data/nsd-4.3.3/nsd-control.c
Examining data/nsd-4.3.3/util.c
Examining data/nsd-4.3.3/region-allocator.h
Examining data/nsd-4.3.3/configlexer.c
Examining data/nsd-4.3.3/xfrd-tcp.c
Examining data/nsd-4.3.3/buffer.h
Examining data/nsd-4.3.3/xfrd-disk.c
Examining data/nsd-4.3.3/tsig.c
Examining data/nsd-4.3.3/packet.c
Examining data/nsd-4.3.3/bitset.c
Examining data/nsd-4.3.3/options.c
FINAL RESULTS:
data/nsd-4.3.3/compat/setproctitle.c:42:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
cnt = readlink("/proc/self/exe", buf, len);
data/nsd-4.3.3/nsd.c:768:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(nsd->pidfile, nsd->uid, nsd->gid) == -1) {
data/nsd-4.3.3/nsd.c:1451:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if(chown(nsd.log_filename, nsd.uid, nsd.gid) != 0)
data/nsd-4.3.3/remote.c:438:8: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if(chown(ip, nsd.uid, nsd.gid) == -1)
data/nsd-4.3.3/remote.c:443:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if(chmod(ip, (mode_t)(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) == -1) {
data/nsd-4.3.3/buffer.c:118:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
written = vsnprintf((char *) buffer_current(buffer), remaining,
data/nsd-4.3.3/buffer.c:124:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
written = vsnprintf((char *) buffer_current(buffer),
data/nsd-4.3.3/buffer.h:412:14: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ATTR_FORMAT(printf, 2, 3);
data/nsd-4.3.3/compat/inet_ntop.c:89:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l = snprintf(tmp, size, fmt, src[0], src[1], src[2], src[3]);
data/nsd-4.3.3/compat/setproctitle.c:76:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
cnt = vsnprintf(
data/nsd-4.3.3/compat/snprintf.c:50:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf my_snprintf
data/nsd-4.3.3/compat/snprintf.c:51:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf my_vsnprintf
data/nsd-4.3.3/compat/snprintf.c:54:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char* str, size_t size, const char* format, ...);
data/nsd-4.3.3/compat/snprintf.c:55:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char* str, size_t size, const char* format, va_list arg);
data/nsd-4.3.3/compat/snprintf.c:67:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char* str, size_t size, const char* format, ...)
data/nsd-4.3.3/compat/snprintf.c:72:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
r = vsnprintf(str, size, format, args);
data/nsd-4.3.3/compat/snprintf.c:630:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char* str, size_t size, const char* format, va_list arg)
data/nsd-4.3.3/compat/snprintf.c:837:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/nsd-4.3.3/compat/snprintf.c:848:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
r=snprintf(buf, sizeof(buf), __VA_ARGS__); \
data/nsd-4.3.3/configlexer.c:1553:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define LEXOUT(s) printf s /* used ONLY when debugging */
data/nsd-4.3.3/configparser.c:1064:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/nsd-4.3.3/nsd-control.c:524:6: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(execl(NSD_START_PATH, "nsd", "-c", cfgfile,
data/nsd-4.3.3/options.c:478:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
r = fprintf(opt->zonelist, ZONELIST_HEADER);
data/nsd-4.3.3/options.c:633:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
r = fprintf(out, ZONELIST_HEADER);
data/nsd-4.3.3/options.c:725:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(m, sizeof(m), fmt, args);
data/nsd-4.3.3/options.c:733:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/nsd-4.3.3/options.h:455:48: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void c_error(const char* msg, ...) ATTR_FORMAT(printf, 1,2);
data/nsd-4.3.3/popen3.c:98:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(*command, command);
data/nsd-4.3.3/remote.c:195:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ATTR_FORMAT(printf, 2, 3);
data/nsd-4.3.3/remote.c:757:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, sizeof(msg), format, args);
data/nsd-4.3.3/util.c:213:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(message, sizeof(message), format, args);
data/nsd-4.3.3/util.h:91:14: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ATTR_FORMAT(printf, 2, 3);
data/nsd-4.3.3/util.h:436:49: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void error(const char *format, ...) ATTR_FORMAT(printf, 1, 2) ATTR_NORETURN;
data/nsd-4.3.3/zlexer.c:553:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define LEXOUT(s) printf s /* used ONLY when debugging */
data/nsd-4.3.3/zonec.h:77:51: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void zc_warning(const char *fmt, ...) ATTR_FORMAT(printf, 1, 2);
data/nsd-4.3.3/zonec.h:78:61: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void zc_warning_prev_line(const char *fmt, ...) ATTR_FORMAT(printf, 1, 2);
data/nsd-4.3.3/zonec.h:79:49: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void zc_error(const char *fmt, ...) ATTR_FORMAT(printf, 1, 2);
data/nsd-4.3.3/zonec.h:80:59: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void zc_error_prev_line(const char *fmt, ...) ATTR_FORMAT(printf, 1, 2);
data/nsd-4.3.3/zparser.c:1287:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/nsd-4.3.3/zparser.c:3701:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(message, sizeof(message), fmt, args);
data/nsd-4.3.3/zparser.c:3737:3: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(m, sizeof(m), fmt, args);
data/nsd-4.3.3/configlexer.c:1628:18: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (cfg_parser->chroot) {
data/nsd-4.3.3/configlexer.c:1629:30: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
int l = strlen(cfg_parser->chroot); /* chroot has trailing slash */
data/nsd-4.3.3/configlexer.c:1630:27: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (strncmp(cfg_parser->chroot, filename, l) != 0) {
data/nsd-4.3.3/configlexer.c:1632:27: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, cfg_parser->chroot);
data/nsd-4.3.3/nsd-checkconf.c:182:25: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
const char* chr = opt->chroot;
data/nsd-4.3.3/nsd-checkconf.c:388:16: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
SERV_GET_STR(chroot, o);
data/nsd-4.3.3/nsd-checkconf.c:557:35: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
print_string_var("chroot:", opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:698:10: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if(opt->chroot != 0)
data/nsd-4.3.3/nsd-checkconf.c:701:19: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:718:18: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (opt->chroot && opt->chroot[0]) {
data/nsd-4.3.3/nsd-checkconf.c:718:33: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (opt->chroot && opt->chroot[0]) {
data/nsd-4.3.3/nsd-checkconf.c:720:31: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
append_trailing_slash(&opt->chroot, opt->region);
data/nsd-4.3.3/nsd-checkconf.c:726:35: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (strncmp(opt->zonesdir, opt->chroot, strlen(opt->chroot)) != 0) {
data/nsd-4.3.3/nsd-checkconf.c:726:55: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (strncmp(opt->zonesdir, opt->chroot, strlen(opt->chroot)) != 0) {
data/nsd-4.3.3/nsd-checkconf.c:728:35: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->zonesdir, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:731:46: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (!file_inside_chroot(opt->pidfile, opt->chroot)) {
data/nsd-4.3.3/nsd-checkconf.c:733:34: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->pidfile, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:736:47: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (!file_inside_chroot(opt->database, opt->chroot)) {
data/nsd-4.3.3/nsd-checkconf.c:738:35: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->database, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:741:47: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (!file_inside_chroot(opt->xfrdfile, opt->chroot)) {
data/nsd-4.3.3/nsd-checkconf.c:743:35: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->xfrdfile, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:746:51: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (!file_inside_chroot(opt->zonelistfile, opt->chroot)) {
data/nsd-4.3.3/nsd-checkconf.c:748:39: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->zonelistfile, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:751:45: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (!file_inside_chroot(opt->xfrdir, opt->chroot)) {
data/nsd-4.3.3/nsd-checkconf.c:753:33: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
filename, opt->xfrdir, opt->chroot);
data/nsd-4.3.3/nsd-checkconf.c:789:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "vfho:a:p:s:z:")) != -1) {
data/nsd-4.3.3/nsd-checkzone.c:104:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "h")) != -1) {
data/nsd-4.3.3/nsd-control.c:505:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while( (c=getopt(argc, argv, "c:s:h")) != -1) {
data/nsd-4.3.3/nsd-mem.c:285:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "c:h"
data/nsd-4.3.3/nsd-mem.c:325:54: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if(nsd.chrootdir == 0) nsd.chrootdir = nsd.options->chroot;
data/nsd-4.3.3/nsd.c:994:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "46a:c:df:hi:I:l:N:n:P:p:s:u:t:X:V:v"
data/nsd-4.3.3/nsd.c:1222:54: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if(nsd.chrootdir == 0) nsd.chrootdir = nsd.options->chroot;
data/nsd-4.3.3/nsd.c:1619:7: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (chroot(nsd.chrootdir)) {
data/nsd-4.3.3/options.h:97:14: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
const char* chroot;
data/nsd-4.3.3/options.h:344:14: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
const char* chroot;
data/nsd-4.3.3/rrl.c:485:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if((rrl_slip_ratio > 0) && ((rrl_slip_ratio == 1) || ((random() % rrl_slip_ratio) == 0))) {
data/nsd-4.3.3/server.c:1351:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned long)v);
data/nsd-4.3.3/server.c:1357:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
hash_set_raninit(random());
data/nsd-4.3.3/util.c:970:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (uint16_t) random();
data/nsd-4.3.3/util.c:989:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (int) ((unsigned)random() % max);
data/nsd-4.3.3/xfr-inspect.c:507:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while( (c=getopt(argc, argv, "hlv")) != -1) {
data/nsd-4.3.3/xfrd.c:202:2: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned long) getpid() * (unsigned long) time(NULL));
data/nsd-4.3.3/axfr.c:183:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[128];
data/nsd-4.3.3/axfr.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[128];
data/nsd-4.3.3/buffer.h:253:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer->_data + at, data, count);
data/nsd-4.3.3/buffer.h:335:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buffer->_data + at, count);
data/nsd-4.3.3/compat/fake-rfc2553.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpserv[16];
data/nsd-4.3.3/compat/fake-rfc2553.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __ss_pad2[_SS_PADSIZE];
data/nsd-4.3.3/compat/inet_ntop.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "255.255.255.255"];
data/nsd-4.3.3/compat/inet_ntop.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"];
data/nsd-4.3.3/compat/inet_pton.c:126:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_INADDRSZ);
data/nsd-4.3.3/compat/inet_pton.c:224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_IN6ADDRSZ);
data/nsd-4.3.3/compat/memmove.c:41:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, n);
data/nsd-4.3.3/compat/setproctitle.c:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/nsd-4.3.3/compat/snprintf.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:330:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:415:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_DEC_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_FLOAT_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PRINT_FLOAT_BUFSZ];
data/nsd-4.3.3/compat/snprintf.c:839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bufsz]; \
data/nsd-4.3.3/configlexer.c:1601:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(filename, "r");
data/nsd-4.3.3/configparser.c:1313:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/nsd-4.3.3/configparser.c:1502:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/nsd-4.3.3/configparser.c:1954:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/nsd-4.3.3/configparser.c:2172:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/nsd-4.3.3/dbaccess.c:85:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zone->soa_nx_rrset->rrs, rrset->rrs, sizeof(rr_type));
data/nsd-4.3.3/dbaccess.c:88:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa_minimum, rdata_atom_data(rrset->rrs->rdatas[6]),
data/nsd-4.3.3/dbaccess.c:465:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDWR);
data/nsd-4.3.3/dbcreate.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096+16];
data/nsd-4.3.3/dbcreate.c:252:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(filename, "w");
data/nsd-4.3.3/dbcreate.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[4096];
data/nsd-4.3.3/dbcreate.c:353:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logs[4096];
data/nsd-4.3.3/dbcreate.c:354:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bakfile[4096];
data/nsd-4.3.3/difffile.c:817:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rrset->rrs, rrs_old, rrset->rr_count * sizeof(rr_type));
data/nsd-4.3.3/difffile.c:1254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&memserial, rdata_atom_data(zone->soa_rrset->rrs[0].rdatas[2]),
data/nsd-4.3.3/difffile.c:1270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone_buf[3072];
data/nsd-4.3.3/difffile.c:1271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_buf[5120];
data/nsd-4.3.3/difffile.c:1272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patname_buf[2048];
data/nsd-4.3.3/difffile.c:1638:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, stat, sizeof(*stat));
data/nsd-4.3.3/difffile.c:1661:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, zone, zlen+1);
data/nsd-4.3.3/dname.c:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *) dname_label_offsets(result),
data/nsd-4.3.3/dname.c:84:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *) dname_name(result),
data/nsd-4.3.3/dname.c:391:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAXDOMAINLEN * 5];
data/nsd-4.3.3/dname.c:447:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + 1, label, length * sizeof(uint8_t));
data/nsd-4.3.3/dname.c:463:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, dname_name(left), left->name_size - 1);
data/nsd-4.3.3/dname.c:464:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + left->name_size - 1, dname_name(right), right->name_size);
data/nsd-4.3.3/dname.c:499:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)dname_name(res), dname_name(name), x_len);
data/nsd-4.3.3/dname.c:500:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)dname_name(res)+x_len, dname_name(dest), dest->name_size);
data/nsd-4.3.3/dname.c:507:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAXDOMAINLEN*5+3];
data/nsd-4.3.3/dname.c:529:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAXDOMAINLEN*5+3];
data/nsd-4.3.3/dns.c:794:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/nsd-4.3.3/dns.c:923:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/nsd-4.3.3/dnstap/dnstap.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXHOSTNAMELEN+1];
data/nsd-4.3.3/edns.h:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ok[OPT_LEN];
data/nsd-4.3.3/edns.h:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[OPT_LEN];
data/nsd-4.3.3/edns.h:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdata_none[OPT_RDATA];
data/nsd-4.3.3/edns.h:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdata_nsid[OPT_RDATA];
data/nsd-4.3.3/edns.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nsid[OPT_HDR];
data/nsd-4.3.3/iterated_hash.c:19:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
iterated_hash(unsigned char out[SHA_DIGEST_LENGTH],
data/nsd-4.3.3/iterated_hash.h:18:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int iterated_hash(unsigned char out[SHA_DIGEST_LENGTH],
data/nsd-4.3.3/netio.c:135:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&minimum_timeout, timeout, sizeof(struct timespec));
data/nsd-4.3.3/nsd-checkconf.c:117:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSIZ];
data/nsd-4.3.3/nsd-checkconf.c:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dest[128];
data/nsd-4.3.3/nsd-checkconf.c:240:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dest[128];
data/nsd-4.3.3/nsd-checkconf.c:758:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(opt->port) <= 0) {
data/nsd-4.3.3/nsd-control.c:222:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(ps);
data/nsd-4.3.3/nsd-control.c:251:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, &sa, addrlen);
data/nsd-4.3.3/nsd-control.c:264:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, &sa, addrlen);
data/nsd-4.3.3/nsd-control.c:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pre[10];
data/nsd-4.3.3/nsd-control.c:392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/nsd-4.3.3/nsd-control.c:492:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/nsd-4.3.3/nsd-mem.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/nsd-4.3.3/nsd-mem.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tf[512];
data/nsd-4.3.3/nsd-mem.c:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char df[512];
data/nsd-4.3.3/nsd.c:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[MAXHOSTNAMELEN];
data/nsd-4.3.3/nsd.c:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_buf[INET6_ADDRSTRLEN + 1 + IF_NAMESIZE + 1 + 16 + 1];
data/nsd-4.3.3/nsd.c:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_buf[INET_ADDRSTRLEN + 1 + 16 + 1];
data/nsd-4.3.3/nsd.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a4[INET_ADDRSTRLEN + 1];
data/nsd-4.3.3/nsd.c:192:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a6[INET6_ADDRSTRLEN + 1];
data/nsd-4.3.3/nsd.c:193:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char if_index_name[IF_NAMESIZE + 1];
data/nsd-4.3.3/nsd.c:284:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dest->ai_addr, src->ai_addr, src->ai_addrlen);
data/nsd-4.3.3/nsd.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_buf[sizeof("65535") + INET6_ADDRSTRLEN + 1 /* '\0' */];
data/nsd-4.3.3/nsd.c:648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sockbuf[INET6_ADDRSTRLEN + 6 + 1];
data/nsd-4.3.3/nsd.c:711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidbuf[16];
data/nsd-4.3.3/nsd.c:715:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(file, O_RDONLY)) == -1) {
data/nsd-4.3.3/nsd.c:748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidbuf[32];
data/nsd-4.3.3/nsd.c:754:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(nsd->pidfile, "w")) == NULL ) {
data/nsd-4.3.3/nsd.c:785:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(file, O_WRONLY | O_TRUNC, 0644);
data/nsd-4.3.3/nsd.c:874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/nsd.c:1057:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(optarg);
data/nsd-4.3.3/nsd.c:1065:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(optarg);
data/nsd-4.3.3/nsd.c:1076:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(optarg) == 0) {
data/nsd-4.3.3/nsd.c:1084:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nsd.st.period = atoi(optarg);
data/nsd-4.3.3/nsd.c:1100:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verbosity = atoi(optarg);
data/nsd-4.3.3/nsd.c:1559:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/null", O_RDWR, 0)) != -1) {
data/nsd-4.3.3/nsd.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[IFNAMSIZ];
data/nsd-4.3.3/nsec3.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b32[SHA_DIGEST_LENGTH*2+1];
data/nsd-4.3.3/nsec3.c:266:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_RDLENGTH*2+16];
data/nsd-4.3.3/nsec3.c:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_RDLENGTH*2+16];
data/nsd-4.3.3/nsec3.c:718:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(d->nsec3->hash_wc->hash.hash, hash, NSEC3_HASH_LEN); }
data/nsd-4.3.3/nsec3.c:722:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(d->nsec3->hash_wc->wc.hash, hash, NSEC3_HASH_LEN); }
data/nsd-4.3.3/nsec3.c:726:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(d->nsec3->ds_parent_hash->hash, hash, NSEC3_HASH_LEN); }
data/nsd-4.3.3/nsec3.c:952:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hashbuf[512];
data/nsd-4.3.3/nsec3.c:953:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reversebuf[512];
data/nsd-4.3.3/options.c:202:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(cfg_parser->filename, "r");
data/nsd-4.3.3/options.c:205:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/options.c:266:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/options.c:370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[64];
data/nsd-4.3.3/options.c:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/nsd-4.3.3/options.c:380:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
opt->zonelist = fopen(opt->zonelistfile, "r+");
data/nsd-4.3.3/options.c:470:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
opt->zonelist = fopen(opt->zonelistfile, "w+");
data/nsd-4.3.3/options.c:620:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outname[1024];
data/nsd-4.3.3/options.c:628:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(outname, "w+");
data/nsd-4.3.3/options.c:716:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/options.c:1711:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char res[2];
data/nsd-4.3.3/options.c:1753:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char f[1024];
data/nsd-4.3.3/options.c:1779:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char f[1024];
data/nsd-4.3.3/options.c:1875:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int subnet_bits = atoi(p);
data/nsd-4.3.3/options.c:1915:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(p+1) == 0) c_error("expected port number after '@'");
data/nsd-4.3.3/options.c:1916:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else acl->port = atoi(p+1);
data/nsd-4.3.3/packet.c:327:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, *src + 1);
data/nsd-4.3.3/query.c:384:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[128];
data/nsd-4.3.3/query.c:396:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[128];
data/nsd-4.3.3/query.c:478:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[128];
data/nsd-4.3.3/query.c:505:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[128];
data/nsd-4.3.3/query.c:672:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->node, &additional->node, sizeof(rbnode_type));
data/nsd-4.3.3/query.c:1156:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&match->node, &wildcard_child->node, sizeof(rbnode_type));
data/nsd-4.3.3/radtree.c:198:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[0], &n->array[0], n->len*sizeof(struct radsel));
data/nsd-4.3.3/radtree.c:370:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dupstr, addstr, addlen);
data/nsd-4.3.3/radtree.c:459:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(common_str, addstr, common_len);
data/nsd-4.3.3/radtree.c:648:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(join, par->array[pidx].str, par->array[pidx].len);
data/nsd-4.3.3/radtree.c:686:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, n->array, sizeof(*a)*n->len);
data/nsd-4.3.3/rdata.c:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[200];
data/nsd-4.3.3/rdata.c:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[200];
data/nsd-4.3.3/rdata.c:365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[15];
data/nsd-4.3.3/rdata.c:488:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text_address[1000];
data/nsd-4.3.3/rdata.c:824:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_rdatas[i].data+1, dname_name(dname),
data/nsd-4.3.3/region-allocator.c:221:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cleanups, region->cleanups,
data/nsd-4.3.3/region-allocator.c:335:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, init, size);
data/nsd-4.3.3/region-allocator.c:529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10240], *str=buf;
data/nsd-4.3.3/remote.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/nsd-4.3.3/remote.c:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port[15];
data/nsd-4.3.3/remote.c:633:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/nsd-4.3.3/remote.c:756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/nsd-4.3.3/remote.c:1119:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(str);
data/nsd-4.3.3/remote.c:1459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/nsd-4.3.3/remote.c:1481:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/nsd-4.3.3/remote.c:1991:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char algo[256];
data/nsd-4.3.3/remote.c:2233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pre[10];
data/nsd-4.3.3/remote.c:2234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8];
data/nsd-4.3.3/remote.c:2235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/nsd-4.3.3/remote.c:2523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, xfrd->zonestat_clear, xfrd->zonestat_clear_num
data/nsd-4.3.3/remote.c:2568:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xfrd->zonestat_clear[n->id], &stat1,
data/nsd-4.3.3/rrl.c:176:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/nsd-4.3.3/rrl.c:187:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prefix[5];
data/nsd-4.3.3/rrl.c:201:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char prefix[5];
data/nsd-4.3.3/rrl.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[128];
data/nsd-4.3.3/rrl.c:396:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[128];
data/nsd-4.3.3/server.c:313:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (tcp_fastopen_fp = open(TCP_FASTOPEN_FILE, O_RDONLY)) == -1 ) {
data/nsd-4.3.3/server.c:484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfile[256];
data/nsd-4.3.3/server.c:484:7: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
char tmpfile[256];
data/nsd-4.3.3/server.c:490:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.zstat.0",
data/nsd-4.3.3/server.c:490:27: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.zstat.0",
data/nsd-4.3.3/server.c:492:53: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
nsd->zonestatfname[0] = region_strdup(nsd->region, tmpfile);
data/nsd-4.3.3/server.c:493:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.zstat.1",
data/nsd-4.3.3/server.c:493:27: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.zstat.1",
data/nsd-4.3.3/server.c:495:53: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
nsd->zonestatfname[1] = region_strdup(nsd->region, tmpfile);
data/nsd-4.3.3/server.c:498:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nsd->zonestatfd[0] = open(nsd->zonestatfname[0], O_CREAT|O_RDWR, 0600);
data/nsd-4.3.3/server.c:504:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nsd->zonestatfd[1] = open(nsd->zonestatfname[1], O_CREAT|O_RDWR, 0600);
data/nsd-4.3.3/server.c:1185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/nsd-4.3.3/server.c:1251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/nsd-4.3.3/server.c:1493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfile[256];
data/nsd-4.3.3/server.c:1493:7: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
char tmpfile[256];
data/nsd-4.3.3/server.c:1496:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.task.0",
data/nsd-4.3.3/server.c:1496:27: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.task.0",
data/nsd-4.3.3/server.c:1498:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
nsd->task[0] = task_file_create(tmpfile);
data/nsd-4.3.3/server.c:1507:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.task.1",
data/nsd-4.3.3/server.c:1507:27: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
snprintf(tmpfile, sizeof(tmpfile), "%snsd-xfr-%d/nsd.%u.task.1",
data/nsd-4.3.3/server.c:1509:34: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
nsd->task[1] = task_file_create(tmpfile);
data/nsd-4.3.3/server.c:1553:47: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
nsd->task[1-nsd->mytask] = task_file_create(tmpfile);
data/nsd-4.3.3/server.c:1554:8: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
free(tmpfile);
data/nsd-4.3.3/server.c:1718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/nsd-4.3.3/server.c:1784:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/nsd-4.3.3/server.c:1882:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, ocspdata, ocspdata_len);
data/nsd-4.3.3/server.c:2042:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(tls_port) == ntohs(port))
data/nsd-4.3.3/server.c:2824:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[48];
data/nsd-4.3.3/server.c:3395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[48];
data/nsd-4.3.3/server.c:3517:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[48];
data/nsd-4.3.3/server.c:3582:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[48];
data/nsd-4.3.3/server.c:3930:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[64], s[256];
data/nsd-4.3.3/server.c:4424:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tcp_data->query->addr, &addr, addrlen);
data/nsd-4.3.3/tsig.c:262:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message[1000];
data/nsd-4.3.3/tsig.c:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char current_time_text[26];
data/nsd-4.3.3/tsig.c:399:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signed_time_text[26];
data/nsd-4.3.3/udb.c:220:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(fname, O_RDWR);
data/nsd-4.3.3/udb.c:261:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(fname, O_CREAT|O_RDWR, 0600);
data/nsd-4.3.3/udb.c:849:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(UDB_CHUNK(rb_new), UDB_CHUNK(rb_old), rb_size);
data/nsd-4.3.3/udb.c:877:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(UDB_CHUNK(rb_new), UDB_CHUNK(rb_old), rb_size);
data/nsd-4.3.3/udb.c:1416:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rp, fp, esz);
data/nsd-4.3.3/udb.c:1456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np, xlp, sz);
data/nsd-4.3.3/udb.c:1462:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np+seg*UDB_ALLOC_CHUNK_SIZE,
data/nsd-4.3.3/udb.c:1836:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(UDB_REL(alloc->udb->base, r), d, sz);
data/nsd-4.3.3/udb.c:1875:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(UDB_REL(base, newd), UDB_REL(base, r), osz);
data/nsd-4.3.3/udbradtree.c:225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RADARRAY(&a), lookup(n), sizeof(struct udb_radarray_d));
data/nsd-4.3.3/udbradtree.c:261:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RADARRAY(&a), lookup(n), sizeof(struct udb_radarray_d));
data/nsd-4.3.3/udbradtree.c:836:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RADARRAY(&a), lookup(n), sizeof(struct udb_radarray_d));
data/nsd-4.3.3/udbzone.c:365:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char params[MAX_RDLENGTH*2+16];
data/nsd-4.3.3/util.c:79:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "a");
data/nsd-4.3.3/util.c:97:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "a");
data/nsd-4.3.3/util.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmbuf[32];
data/nsd-4.3.3/util.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/util.c:652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[9];
data/nsd-4.3.3/util.c:710:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target,buf,8);
data/nsd-4.3.3/util.c:1145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[256];
data/nsd-4.3.3/util.c:1171:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dirname_slash, *dirname, l+1);
data/nsd-4.3.3/xfr-inspect.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone_buf[3072];
data/nsd-4.3.3/xfr-inspect.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patname_buf[2048];
data/nsd-4.3.3/xfr-inspect.c:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_buf[5120];
data/nsd-4.3.3/xfr-inspect.c:325:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(in=fopen(fname, "r"))) {
data/nsd-4.3.3/xfr-inspect.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zone_buf[3072];
data/nsd-4.3.3/xfr-inspect.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patname_buf[2048];
data/nsd-4.3.3/xfr-inspect.c:482:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(!(in=fopen(fname, "r"))) {
data/nsd-4.3.3/xfrd-disk.c:29:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4000];
data/nsd-4.3.3/xfrd-disk.c:50:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*v=atoi(p);
data/nsd-4.3.3/xfrd-disk.c:61:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*v=atoi(p);
data/nsd-4.3.3/xfrd-disk.c:72:5: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*v=atol(p);
data/nsd-4.3.3/xfrd-disk.c:156:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(statefile, "r");
data/nsd-4.3.3/xfrd-disk.c:458:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(statefile, "w");
data/nsd-4.3.3/xfrd-disk.c:531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnm[1024];
data/nsd-4.3.3/xfrd-disk.c:549:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnm[1024];
data/nsd-4.3.3/xfrd-disk.c:563:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnm[1024];
data/nsd-4.3.3/xfrd-disk.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1200];
data/nsd-4.3.3/xfrd-disk.c:574:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xfr = fopen(fname, mode);
data/nsd-4.3.3/xfrd-disk.c:578:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xfr = fopen(fname, mode);
data/nsd-4.3.3/xfrd-disk.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1200];
data/nsd-4.3.3/xfrd-disk.c:602:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1200];
data/nsd-4.3.3/xfrd-notify.c:190:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(unsigned)atoi(TCP_PORT):dest->port);
data/nsd-4.3.3/xfrd-notify.c:493:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zone->current_soa, new_soa, sizeof(xfrd_soa_type));
data/nsd-4.3.3/xfrd-tcp.c:145:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int port = acl->port?acl->port:(unsigned)atoi(TCP_PORT);
data/nsd-4.3.3/xfrd.c:1084:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(soa->prim_ns+1, rr_ns_wire, rr_ns_len);
data/nsd-4.3.3/xfrd.c:1086:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(soa->email+1, rr_em_wire, rr_em_len);
data/nsd-4.3.3/xfrd.c:1089:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa->serial, rdata_atom_data(rr->rdatas[2]), sizeof(uint32_t));
data/nsd-4.3.3/xfrd.c:1090:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa->refresh, rdata_atom_data(rr->rdatas[3]), sizeof(uint32_t));
data/nsd-4.3.3/xfrd.c:1091:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa->retry, rdata_atom_data(rr->rdatas[4]), sizeof(uint32_t));
data/nsd-4.3.3/xfrd.c:1092:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa->expire, rdata_atom_data(rr->rdatas[5]), sizeof(uint32_t));
data/nsd-4.3.3/xfrd.c:1093:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&soa->minimum, rdata_atom_data(rr->rdatas[6]), sizeof(uint32_t));
data/nsd-4.3.3/xfrd.c:2049:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/nsd-4.3.3/zlexer.c:1027:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if (!(input = fopen(yytext, "r"))) {
data/nsd-4.3.3/zonec.c:77:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result + 1, data, size);
data/nsd-4.3.3/zonec.c:206:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proto = getprotobynumber(atoi(protostr));
data/nsd-4.3.3/zonec.c:243:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + 1, bitmap, *r-1);
data/nsd-4.3.3/zonec.c:395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digits[ILNP_MAXDIGITS+1];
data/nsd-4.3.3/zonec.c:559:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + 1, text, len);
data/nsd-4.3.3/zonec.c:614:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, name, len);
data/nsd-4.3.3/zonec.c:749:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + 2, &nsecbits[used[i]], size[used[i]]);
data/nsd-4.3.3/zonec.c:1107:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, &address_family, sizeof(address_family));
data/nsd-4.3.3/zonec.c:1109:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, &prefix, sizeof(prefix));
data/nsd-4.3.3/zonec.c:1111:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, &length, sizeof(length));
data/nsd-4.3.3/zonec.c:1116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, address, length);
data/nsd-4.3.3/zonec.c:1191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *)rd->data + 2 + rd->data[0], data + 1, data[0]);
data/nsd-4.3.3/zonec.c:1207:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_data, rd->data, rd->data[0] + 2);
data/nsd-4.3.3/zonec.c:1346:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(yyin = fopen(filename, "r"))) {
data/nsd-4.3.3/zonec.c:1416:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAXDOMAINLEN*5];
data/nsd-4.3.3/zonec.c:1434:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAXDOMAINLEN*5];
data/nsd-4.3.3/zonec.c:1496:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rrset->rrs, o, (rrset->rr_count) * sizeof(rr_type));
data/nsd-4.3.3/zparser.c:1536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/nsd-4.3.3/zparser.c:1725:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/nsd-4.3.3/zparser.c:2242:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str, (yyvsp[-1].data).str, (yyvsp[-1].data).len);
data/nsd-4.3.3/zparser.c:2311:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str, (yyvsp[-2].data).str, (yyvsp[-2].data).len);
data/nsd-4.3.3/zparser.c:2312:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str + (yyvsp[-2].data).len, " ", 1);
data/nsd-4.3.3/zparser.c:2313:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str + (yyvsp[-2].data).len + 1, (yyvsp[0].data).str, (yyvsp[0].data).len);
data/nsd-4.3.3/zparser.c:2324:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str, (yyvsp[-2].data).str, (yyvsp[-2].data).len);
data/nsd-4.3.3/zparser.c:2325:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str + (yyvsp[-2].data).len, ".", 1);
data/nsd-4.3.3/zparser.c:2326:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((yyval.data).str + (yyvsp[-2].data).len + 1, (yyvsp[0].data).str, (yyvsp[0].data).len);
data/nsd-4.3.3/zparser.c:2393:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, (yyvsp[-2].data).str, (yyvsp[-2].data).len);
data/nsd-4.3.3/zparser.c:2394:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result + (yyvsp[-2].data).len, (yyvsp[0].data).str, (yyvsp[0].data).len);
data/nsd-4.3.3/zparser.c:2407:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, (yyvsp[-2].data).str, (yyvsp[-2].data).len);
data/nsd-4.3.3/zparser.c:2408:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result + (yyvsp[-2].data).len, (yyvsp[0].data).str, (yyvsp[0].data).len);
data/nsd-4.3.3/zparser.c:2430:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, (yyvsp[-1].data).str, (yyvsp[-1].data).len);
data/nsd-4.3.3/zparser.c:2444:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, (yyvsp[-2].data).str, (yyvsp[-2].data).len);
data/nsd-4.3.3/zparser.c:2446:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result + (yyvsp[-2].data).len + 1, (yyvsp[0].data).str, (yyvsp[0].data).len);
data/nsd-4.3.3/zparser.c:3234:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch(atoi((yyvsp[-4].data).str)) {
data/nsd-4.3.3/zparser.c:3700:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/zparser.c:3736:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[MAXSYSLOGMSGLEN];
data/nsd-4.3.3/buffer.h:266:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_write_at(buffer, at, str, strlen(str));
data/nsd-4.3.3/buffer.h:272:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer_write(buffer, str, strlen(str));
data/nsd-4.3.3/compat/inet_ntop.c:179:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp += strlen(tp);
data/nsd-4.3.3/compat/snprintf.c:591:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else w = (int)strlen(s); /* up to the nul */
data/nsd-4.3.3/compat/strlcat.c:60:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(dlen + strlen(s));
data/nsd-4.3.3/compat/strptime.c:80:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(strs[i]);
data/nsd-4.3.3/configlexer.c:1586:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) == 0) {
data/nsd-4.3.3/configlexer.c:1629:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(cfg_parser->chroot); /* chroot has trailing slash */
data/nsd-4.3.3/configlexer.c:1820:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/nsd-4.3.3/configlexer.c:3422:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) );
data/nsd-4.3.3/configparser.c:1210:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/nsd-4.3.3/configparser.c:1848:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nsid_len = strlen((yyvsp[0].str));
data/nsd-4.3.3/configparser.c:2538:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pname = region_alloc(cfg_parser->opt->region, strlen((yyvsp[0].str)) + strlen(marker) + 1);
data/nsd-4.3.3/configparser.c:2538:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pname = region_alloc(cfg_parser->opt->region, strlen((yyvsp[0].str)) + strlen(marker) + 1);
data/nsd-4.3.3/configparser.c:2539:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pname, marker, strlen(marker));
data/nsd-4.3.3/configparser.c:2540:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pname + strlen(marker), (yyvsp[0].str), strlen((yyvsp[0].str)) + 1);
data/nsd-4.3.3/configparser.c:2540:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pname + strlen(marker), (yyvsp[0].str), strlen((yyvsp[0].str)) + 1);
data/nsd-4.3.3/dbaccess.c:314:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->filename)+1);
data/nsd-4.3.3/dbaccess.c:317:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->logstr)+1);
data/nsd-4.3.3/dbaccess.c:610:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->filename)+1);
data/nsd-4.3.3/dbaccess.c:614:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->logstr)+1);
data/nsd-4.3.3/dbaccess.c:635:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->filename)+1);
data/nsd-4.3.3/dbaccess.c:639:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->logstr)+1);
data/nsd-4.3.3/dbcreate.c:241:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!write_data(out, buf, strlen(buf)))
data/nsd-4.3.3/dbcreate.c:245:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return write_data(out, buf, strlen(buf));
data/nsd-4.3.3/dbcreate.c:405:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->filename)+1);
data/nsd-4.3.3/dbcreate.c:409:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zone->logstr)+1);
data/nsd-4.3.3/difffile.c:49:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = strlen(str);
data/nsd-4.3.3/difffile.c:881:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(PATTERN_IMPLICIT_MARKER)) == 0) {
data/nsd-4.3.3/difffile.c:1402:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zonedb->logstr)+1);
data/nsd-4.3.3/difffile.c:1406:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(zonedb->filename)+1);
data/nsd-4.3.3/difffile.c:1648:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t zlen = strlen(zone);
data/nsd-4.3.3/difffile.c:1649:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t plen = strlen(pattern);
data/nsd-4.3.3/difffile.c:1687:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+strlen(key->name)+1+strlen(key->algorithm)+1+
data/nsd-4.3.3/difffile.c:1687:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+strlen(key->name)+1+strlen(key->algorithm)+1+
data/nsd-4.3.3/difffile.c:1688:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key->secret)+1, NULL)) {
data/nsd-4.3.3/difffile.c:1694:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, key->name, strlen(key->name)+1);
data/nsd-4.3.3/difffile.c:1695:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+=strlen(key->name)+1;
data/nsd-4.3.3/difffile.c:1696:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, key->algorithm, strlen(key->algorithm)+1);
data/nsd-4.3.3/difffile.c:1697:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p+=strlen(key->algorithm)+1;
data/nsd-4.3.3/difffile.c:1698:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, key->secret, strlen(key->secret)+1);
data/nsd-4.3.3/difffile.c:1708:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+strlen(name)+1, NULL)) {
data/nsd-4.3.3/difffile.c:1714:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, name, strlen(name)+1);
data/nsd-4.3.3/difffile.c:1749:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+strlen(name)+1, NULL)) {
data/nsd-4.3.3/difffile.c:1755:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, name, strlen(name)+1);
data/nsd-4.3.3/difffile.c:1883:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* pname = zname + strlen(zname)+1;
data/nsd-4.3.3/difffile.c:1943:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.algorithm = key.name + strlen(key.name)+1;
data/nsd-4.3.3/difffile.c:1944:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.secret = key.algorithm + strlen(key.algorithm)+1;
data/nsd-4.3.3/difffile.c:1946:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(key.secret, 0xdd, strlen(key.secret)); /* wipe secret */
data/nsd-4.3.3/dns.c:901:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) < 5)
data/nsd-4.3.3/dns.c:926:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(entry->name) < sizeof(buf));
data/nsd-4.3.3/dns.c:946:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) < 6)
data/nsd-4.3.3/dnstap/dnstap.c:208:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
env->len_identity = (unsigned int)strlen(env->identity);
data/nsd-4.3.3/dnstap/dnstap.c:225:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
env->len_version = (unsigned int)strlen(env->version);
data/nsd-4.3.3/dnstap/dnstap_collector.c:147:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(fd, buffer_current(buf), 4 - buffer_position(buf));
data/nsd-4.3.3/dnstap/dnstap_collector.c:168:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(fd, buffer_current(buf), msglen - (buffer_position(buf) - 4));
data/nsd-4.3.3/dnstap/dnstap_collector.c:267:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(nsd->chrootdir)-1; /* ends in trailing slash */
data/nsd-4.3.3/ipc.c:68:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd, &mode, sizeof(mode))) == -1) {
data/nsd-4.3.3/ipc.c:132:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(handler->fd, &mode, sizeof(mode))) == -1) {
data/nsd-4.3.3/ipc.c:378:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(handler->fd,
data/nsd-4.3.3/ipc.c:403:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((len = read(handler->fd, buffer_current(data->packet),
data/nsd-4.3.3/ipc.c:422:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((len = read(handler->fd, (char*)&data->acl_num+got_acl,
data/nsd-4.3.3/ipc.c:461:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(handler->fd, &mode, sizeof(mode))) == -1) {
data/nsd-4.3.3/ipc.c:527:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(handler->fd, &mode, sizeof(mode))) == -1) {
data/nsd-4.3.3/ipc.c:741:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((len = read(handler->ev_fd, &cmd, sizeof(cmd))) == -1) {
data/nsd-4.3.3/nsd-checkconf.c:705:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (opt->identity && strlen(opt->identity) > UCHAR_MAX) {
data/nsd-4.3.3/nsd-checkconf.c:707:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename, (unsigned) strlen(opt->identity));
data/nsd-4.3.3/nsd-checkconf.c:710:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (opt->version && strlen(opt->version) > UCHAR_MAX) {
data/nsd-4.3.3/nsd-checkconf.c:712:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename, (unsigned) strlen(opt->version));
data/nsd-4.3.3/nsd-checkconf.c:726:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(opt->zonesdir, opt->chroot, strlen(opt->chroot)) != 0) {
data/nsd-4.3.3/nsd-control.c:340:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t rr = read(fd, buf, len-1);
data/nsd-4.3.3/nsd-control.c:377:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remote_write(ssl, fd, buf, strlen(buf));
data/nsd-4.3.3/nsd-control.c:394:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remote_write(ssl, fd, pre, strlen(pre));
data/nsd-4.3.3/nsd-control.c:396:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remote_write(ssl, fd, space, strlen(space));
data/nsd-4.3.3/nsd-control.c:397:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remote_write(ssl, fd, argv[i], strlen(argv[i]));
data/nsd-4.3.3/nsd-control.c:399:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remote_write(ssl, fd, newline, strlen(newline));
data/nsd-4.3.3/nsd-mem.c:342:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nsd.chrootdir && strlen(nsd.chrootdir)) {
data/nsd-4.3.3/nsd.c:165:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ifa->ifa_name) != (size_t)(atsign-search_ifa)
data/nsd-4.3.3/nsd.c:199:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(if_index_name) != 0) {
data/nsd-4.3.3/nsd.c:719:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (((l = read(fd, pidbuf, sizeof(pidbuf)))) == -1) {
data/nsd-4.3.3/nsd.c:760:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!write_data(fd, pidbuf, strlen(pidbuf))) {
data/nsd-4.3.3/nsd.c:1039:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nsd.nsid = xalloc(strlen(optarg+6));
data/nsd-4.3.3/nsd.c:1040:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nsd.nsid_len = strlen(optarg+6);
data/nsd-4.3.3/nsd.c:1043:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg) % 2 != 0) {
data/nsd-4.3.3/nsd.c:1046:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nsd.nsid = xalloc(strlen(optarg) / 2);
data/nsd-4.3.3/nsd.c:1047:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nsd.nsid_len = strlen(optarg) / 2;
data/nsd-4.3.3/nsd.c:1129:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nsd.identity) > UCHAR_MAX) {
data/nsd-4.3.3/nsd.c:1131:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned) strlen(nsd.identity));
data/nsd-4.3.3/nsd.c:1255:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nsd.options->nsid) % 2 != 0) {
data/nsd-4.3.3/nsd.c:1258:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nsd.nsid = xalloc(strlen(nsd.options->nsid) / 2);
data/nsd-4.3.3/nsd.c:1259:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nsd.nsid_len = strlen(nsd.options->nsid) / 2;
data/nsd-4.3.3/nsd.c:1423:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(nsd.options->zonesdir, nsd.chrootdir, strlen(nsd.chrootdir)) != 0) {
data/nsd-4.3.3/nsd.c:1589:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(nsd.chrootdir)-1; /* ends in trailing slash */
data/nsd-4.3.3/options.c:353:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
region_recycle(opt->region, (void*)zone->name, strlen(nm)+1);
data/nsd-4.3.3/options.c:389:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdr[strlen(ZONELIST_HEADER)] = 0;
data/nsd-4.3.3/options.c:390:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fread(hdr, 1, strlen(ZONELIST_HEADER), opt->zonelist) !=
data/nsd-4.3.3/options.c:391:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ZONELIST_HEADER) || strncmp(hdr, ZONELIST_HEADER,
data/nsd-4.3.3/options.c:392:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ZONELIST_HEADER)) != 0) {
data/nsd-4.3.3/options.c:406:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int linesize = strlen(buf);
data/nsd-4.3.3/options.c:430:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int linesize = strlen(buf);
data/nsd-4.3.3/options.c:459:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int linesize = 6 + strlen(zname) + strlen(pname);
data/nsd-4.3.3/options.c:459:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int linesize = 6 + strlen(zname) + strlen(pname);
data/nsd-4.3.3/options.c:479:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(r != strlen(ZONELIST_HEADER)) {
data/nsd-4.3.3/options.c:639:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if(r != strlen(ZONELIST_HEADER)) {
data/nsd-4.3.3/options.c:860:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(acl->ip_address_spec)+1);
data/nsd-4.3.3/options.c:863:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(acl->key_name)+1);
data/nsd-4.3.3/options.c:889:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p->pname)+1);
data/nsd-4.3.3/options.c:892:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p->zonefile)+1);
data/nsd-4.3.3/options.c:895:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p->zonestats)+1);
data/nsd-4.3.3/options.c:1008:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(orig->zonefile)+1);
data/nsd-4.3.3/options.c:1011:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(orig->zonestats)+1);
data/nsd-4.3.3/options.c:1139:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/nsd-4.3.3/options.c:1152:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen((char*)buffer_current(b));
data/nsd-4.3.3/options.c:1354:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
region_recycle(opt->region, k->name, strlen(k->name)+1);
data/nsd-4.3.3/options.c:1356:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
region_recycle(opt->region, k->algorithm, strlen(k->algorithm)+1);
data/nsd-4.3.3/options.c:1358:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(k->secret, 0xdd, strlen(k->secret)); /* wipe secret! */
data/nsd-4.3.3/options.c:1359:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
region_recycle(opt->region, k->secret, strlen(k->secret)+1);
data/nsd-4.3.3/options.c:1396:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(orig->algorithm)+1);
data/nsd-4.3.3/options.c:1399:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(orig->secret)+1);
data/nsd-4.3.3/options.c:1712:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(i >= strlen(str))
data/nsd-4.3.3/options.c:1735:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(str)+strlen(two)-strlen(one) >= len)
data/nsd-4.3.3/options.c:1735:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(str)+strlen(two)-strlen(one) >= len)
data/nsd-4.3.3/options.c:1735:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(str)+strlen(two)-strlen(one) >= len)
data/nsd-4.3.3/options.c:1740:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pos+strlen(two), pos+strlen(one),
data/nsd-4.3.3/options.c:1740:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pos+strlen(two), pos+strlen(one),
data/nsd-4.3.3/options.c:1741:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pos+strlen(one))+1);
data/nsd-4.3.3/options.c:1741:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pos+strlen(one))+1);
data/nsd-4.3.3/options.c:1743:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pos, two, strlen(two));
data/nsd-4.3.3/options.c:1746:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
at = pos+strlen(two);
data/nsd-4.3.3/options.c:1786:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nsd->chrootdir)) == 0)
data/nsd-4.3.3/options.c:1788:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return zone->pattern->zonefile + strlen(nsd->chrootdir) - 1;
data/nsd-4.3.3/options.c:1807:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(f, nsd->chrootdir, strlen(nsd->chrootdir)) == 0)
data/nsd-4.3.3/options.c:1809:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return f + strlen(nsd->chrootdir) - 1;
data/nsd-4.3.3/popen3.c:124:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((ret = read(fdsig[0], &err, sizeof(err))) != 0) {
data/nsd-4.3.3/query.c:274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t txt_length = strlen(txt);
data/nsd-4.3.3/region-allocator.c:428:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (char *) region_alloc_init(region, string, strlen(string) + 1);
data/nsd-4.3.3/region-allocator.c:541:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/nsd-4.3.3/region-allocator.c:556:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/nsd-4.3.3/remote.c:733:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((r=SSL_write(res->ssl, text, (int)strlen(text))) <= 0) {
data/nsd-4.3.3/remote.c:743:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(write_socket(res->fd, text, strlen(text)) <= 0) {
data/nsd-4.3.3/remote.c:795:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t rr = read(res->fd, buf+len, 1);
data/nsd-4.3.3/remote.c:1549:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(PATTERN_IMPLICIT_MARKER)) != 0)
data/nsd-4.3.3/remote.c:1552:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(PATTERN_IMPLICIT_MARKER));
data/nsd-4.3.3/remote.c:1604:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pname + strlen(PATTERN_IMPLICIT_MARKER));
data/nsd-4.3.3/remote.c:1742:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERBOSITY(1, (LOG_INFO, "zone removed from config: %s", p->pname + strlen(PATTERN_IMPLICIT_MARKER)));
data/nsd-4.3.3/remote.c:1757:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERBOSITY(1, (LOG_INFO, "zone added to config: %s", p->pname + strlen(PATTERN_IMPLICIT_MARKER)));
data/nsd-4.3.3/remote.c:1873:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(xfrd->nsd->chrootdir);
data/nsd-4.3.3/remote.c:1952:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:1958:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:1964:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(key_opt->secret, 0xdd, strlen(key_opt->secret));
data/nsd-4.3.3/remote.c:1966:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(key_opt->secret)+1);
data/nsd-4.3.3/remote.c:1971:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:2010:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:2016:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:2022:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:2027:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:2038:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(arg2, 0xdd, strlen(arg2));
data/nsd-4.3.3/remote.c:2055:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(acl->key_name)+1);
data/nsd-4.3.3/remote.c:2251:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t rr = read(res->fd, magic, sizeof(magic)-1);
data/nsd-4.3.3/server.c:316:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(tcp_fastopen_fp, &tcp_fastopen_value, 1) == -1 ) {
data/nsd-4.3.3/server.c:1088:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sock->device, strlen(sock->device)) == -1)
data/nsd-4.3.3/server.c:2080:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(s, buf+total, sz-total);
data/nsd-4.3.3/server.c:3505:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
received = read(fd,
data/nsd-4.3.3/server.c:3571:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
received = read(fd,
data/nsd-4.3.3/udb.c:106:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((r=read(fd, &m, sizeof(m))) == -1) {
data/nsd-4.3.3/udb.c:119:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if((r=read(fd, &g, sizeof(g))) == -1) {
data/nsd-4.3.3/udbzone.c:282:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen((char*)udb_ptr_data(&s))+1;
data/nsd-4.3.3/udbzone.c:289:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(str)+1;
data/nsd-4.3.3/udbzone.c:307:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen((char*)udb_ptr_data(&s))+1;
data/nsd-4.3.3/udbzone.c:314:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(str)+1;
data/nsd-4.3.3/udbzone.c:376:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(params)-strlen(params)-1);
data/nsd-4.3.3/util.c:167:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(message);
data/nsd-4.3.3/util.c:634:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(src) % 2 != 0 || strlen(src)/2 > targsize) {
data/nsd-4.3.3/util.c:634:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(src) % 2 != 0 || strlen(src)/2 > targsize) {
data/nsd-4.3.3/util.c:774:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *end = str + strlen(str) - 1;
data/nsd-4.3.3/util.c:1168:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(*dirname);
data/nsd-4.3.3/util.c:1182:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ((fname && fname[0] && strncmp(fname, chr, strlen(chr)) == 0) ||
data/nsd-4.3.3/xfrd-disk.c:32:6: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if(fscanf(in, " %3990s", buf) != 1)
data/nsd-4.3.3/xfrd-tcp.c:784:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
received = read(tcp->fd,
data/nsd-4.3.3/xfrd-tcp.c:824:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
received = read(tcp->fd, buffer_current(tcp->packet),
data/nsd-4.3.3/zlexer.c:593:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(parser->filename)+1);
data/nsd-4.3.3/zlexer.c:761:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/nsd-4.3.3/zlexer.c:1017:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (*(tmp + strlen(tmp + 1)) != '.') {
data/nsd-4.3.3/zlexer.c:1025:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(yytext) == 0) {
data/nsd-4.3.3/zlexer.c:1958:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes( yystr, (int) strlen(yystr) );
data/nsd-4.3.3/zonec.c:466:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l != (int)strlen(text)){
data/nsd-4.3.3/zonec.c:489:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l != (int)strlen(text)) {
data/nsd-4.3.3/zparser.c:1433:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/nsd-4.3.3/zparser.c:3246:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen((yyvsp[0].data).str) == 0)
data/nsd-4.3.3/zparser.c:3252:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((yyvsp[0].data).str[strlen((yyvsp[0].data).str)-1] != '.') {
ANALYSIS SUMMARY:
Hits = 562
Lines analyzed = 68909 in approximately 1.77 seconds (38859 lines/second)
Physical Source Lines of Code (SLOC) = 51811
Hits@level = [0] 476 [1] 190 [2] 289 [3] 42 [4] 36 [5] 5
Hits@level+ = [0+] 1038 [1+] 562 [2+] 372 [3+] 83 [4+] 41 [5+] 5
Hits/KSLOC@level+ = [0+] 20.0344 [1+] 10.8471 [2+] 7.17994 [3+] 1.60198 [4+] 0.791338 [5+] 0.0965046
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.