Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ntpsec-1.2.0+dfsg1/tests/common/caltime.c
Examining data/ntpsec-1.2.0+dfsg1/tests/common/caltime.h
Examining data/ntpsec-1.2.0+dfsg1/tests/common/tests_main.h
Examining data/ntpsec-1.2.0+dfsg1/tests/common/tests_main.c
Examining data/ntpsec-1.2.0+dfsg1/tests/common/sockaddrtest.h
Examining data/ntpsec-1.2.0+dfsg1/tests/common/sockaddrtest.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_extens.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/recvbuff.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_client.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/restrict.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_server.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/filegen.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_cookie.c
Examining data/ntpsec-1.2.0+dfsg1/tests/ntpd/leapsec.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libparse/gpstolfp.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/authkeys.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/ymd2yd.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/statestr.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_endian.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/socktoa.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/numtoa.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/clocktime.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/strtolfp.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/hextolfp.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_calendar.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/decodenetnum.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/lfpfunc.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/vi64ops.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/refidsmear.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/timespecops.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/prettydate.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/dolfptoa.c
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/lfptest.h
Examining data/ntpsec-1.2.0+dfsg1/tests/libntp/lfptostr.c
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity.c
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity_internals.h
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity_fixture.h
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity_memory.h
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity_memory.c
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity.h
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity_fixture.c
Examining data/ntpsec-1.2.0+dfsg1/tests/unity/unity_fixture_internals.h
Examining data/ntpsec-1.2.0+dfsg1/libaes_siv/demo.c
Examining data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c
Examining data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c
Examining data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.h
Examining data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv_test.c
Examining data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_zyfer.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/nts_extens.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_pps.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_restrict.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_loopfilter.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_dns.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_spectracom.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_shm.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_peer.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_filegen.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_wrapdate.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_refclock.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_recvbuff.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_timer.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_packetstamp.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.h
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_local.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/nts.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_monitor.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.h
Examining data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_signd.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ppsapi_timepps.h
Examining data/ntpsec-1.2.0+dfsg1/ntpd/refclock_conf.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_sandbox.c
Examining data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c
Examining data/ntpsec-1.2.0+dfsg1/attic/kern.c
Examining data/ntpsec-1.2.0+dfsg1/attic/digest-timing.c
Examining data/ntpsec-1.2.0+dfsg1/attic/cmac-timing.c
Examining data/ntpsec-1.2.0+dfsg1/attic/backwards.c
Examining data/ntpsec-1.2.0+dfsg1/attic/random.c
Examining data/ntpsec-1.2.0+dfsg1/attic/sht.c
Examining data/ntpsec-1.2.0+dfsg1/attic/digest-find.c
Examining data/ntpsec-1.2.0+dfsg1/attic/clocks.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/jitter.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/precision.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/tickadj.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/main.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/dump.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/ntpfrob.h
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/bumpclock.c
Examining data/ntpsec-1.2.0+dfsg1/ntpfrob/pps-api.c
Examining data/ntpsec-1.2.0+dfsg1/include/refclock_pps.h
Examining data/ntpsec-1.2.0+dfsg1/include/lib_strbuf.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_wrapdate.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_calendar.h
Examining data/ntpsec-1.2.0+dfsg1/include/binio.h
Examining data/ntpsec-1.2.0+dfsg1/include/isc_result.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_machine.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_refclock.h
Examining data/ntpsec-1.2.0+dfsg1/include/ieee754io.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_stdlib.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_fp.h
Examining data/ntpsec-1.2.0+dfsg1/include/ascii.h
Examining data/ntpsec-1.2.0+dfsg1/include/parse_conf.h
Examining data/ntpsec-1.2.0+dfsg1/include/recvbuff.h
Examining data/ntpsec-1.2.0+dfsg1/include/gpstolfp.h
Examining data/ntpsec-1.2.0+dfsg1/include/mbg_gps166.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_net.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_syscall.h
Examining data/ntpsec-1.2.0+dfsg1/include/isc_netaddr.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_filegen.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_malloc.h
Examining data/ntpsec-1.2.0+dfsg1/include/parse.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_endian.h
Examining data/ntpsec-1.2.0+dfsg1/include/nts2.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_types.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_io.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_lists.h
Examining data/ntpsec-1.2.0+dfsg1/include/isc_interfaceiter.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntpd.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_control.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_tty.h
Examining data/ntpsec-1.2.0+dfsg1/include/timespecops.h
Examining data/ntpsec-1.2.0+dfsg1/include/trimble.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_auth.h
Examining data/ntpsec-1.2.0+dfsg1/include/timetoa.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_debug.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_assert.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_syslog.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_dns.h
Examining data/ntpsec-1.2.0+dfsg1/include/ntp_config.h
Examining data/ntpsec-1.2.0+dfsg1/include/nts.h
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_varitext.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/parse.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/info_trimble.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_schmid.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_hopf6021.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_meinberg.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_sel240x.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/binio.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/gpstolfp.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_rawdcf.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/trim_info.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_trimtaip.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_dcf7000.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/ieee754io.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/parse_conf.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_rcc8000.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_computime.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_wharton.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/clk_trimtsip.c
Examining data/ntpsec-1.2.0+dfsg1/libparse/data_mbg.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/authkeys.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/statestr.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/lib_strbuf.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/ntp_endian.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/socktoa.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/numtoa.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/emalloc.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/strl_obsd.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/assert.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/clocktime.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/ntp_random.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/ssl_init.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/isc_net.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/clockwork.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/hextolfp.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/ntp_calendar.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/getopt.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/decodenetnum.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/macencrypt.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/refidsmear.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/timespecops.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/socket.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/systime.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/prettydate.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/dolfptoa.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/syssignal.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/python_compatibility.h
Examining data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.h
Examining data/ntpsec-1.2.0+dfsg1/libntp/initnetwork.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/pymodule.c
Examining data/ntpsec-1.2.0+dfsg1/libntp/ntp_c.c
Examining data/ntpsec-1.2.0+dfsg1/libjsmn/test/test.h
Examining data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c
Examining data/ntpsec-1.2.0+dfsg1/libjsmn/test/testutil.h
Examining data/ntpsec-1.2.0+dfsg1/libjsmn/example/simple.c
Examining data/ntpsec-1.2.0+dfsg1/libjsmn/example/jsondump.c
Examining data/ntpsec-1.2.0+dfsg1/libjsmn/jsmn.h
Examining data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c
FINAL RESULTS:
data/ntpsec-1.2.0+dfsg1/include/ntp_debug.h:23:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf arg; \
data/ntpsec-1.2.0+dfsg1/include/parse.h:19:53: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define parseprintf(LEVEL, ARGS) if (debug > LEVEL) printf ARGS
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:189:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/ntpsec-1.2.0+dfsg1/libntp/prettydate.c:156:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(bp, LIB_BUFLENGTH, pfmt,
data/ntpsec-1.2.0+dfsg1/libntp/prettydate.c:162:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(bp, LIB_BUFLENGTH, pfmt,
data/ntpsec-1.2.0+dfsg1/libntp/socktoa.c:97:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, buflen,
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:291:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(preamble, timestamp);
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:695:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (2 == sscanf(line, "#define %s %d", name, &token)
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1151:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), use_f ? "=%.*f" : "=%.*g", precision, d);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1171:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "=%" PRIu64, uval);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1220:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "=0x%" PRIx64, uval);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3264:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), addr_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3270:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), last_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3275:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), first_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3280:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), ct_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3285:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), mv_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3290:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), rs_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3295:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), sc_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3300:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), dr_fmt, count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3517:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), last_fmt, (int)i);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3519:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), addr_fmt, (int)i);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3573:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (1 != sscanf(val, resaxx_fmt, &resall))
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3576:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (1 != sscanf(val, resaxx_fmt, &resany))
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3591:19: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (1 == sscanf(v->text, last_fmt, &si) &&
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3598:19: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (1 == sscanf(v->text, addr_fmt, &si) &&
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3811:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), addr_fmtu, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3817:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), bcast_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3826:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), en_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3831:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), name_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3836:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), flags_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3841:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), rx_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3846:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), tx_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3851:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), txerr_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3856:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), pc_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3861:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), up_fmt, ifnum);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3989:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), addr_fmtu, idx);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3995:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), mask_fmtu, idx);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4001:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), hits_fmt, idx);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4006:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tag, sizeof(tag), flags_fmt, idx);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4370:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf(msg, sizeof(msg), fmt, ap);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_sandbox.c:310:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
SCMP_SYS(access),
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:505:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf(msg, sizeof(msg), fmt, ap);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:880:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(statsdir, W_OK) != 0) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:152:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2016:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l = vsnprintf(pos, rem, fmt, va);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2563:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void) snprintf(parsedev, sizeof(parsedev), PARSEDEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2569:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void) snprintf(parseppsdev, sizeof(parsedev), PARSEPPSDEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:1511:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(up->buffer, sizeof(up->buffer),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:2140:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
plen = (size_t)vsnprintf(*spp, alen, fmt, va);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c:162:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:435:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sDeviceName, sizeof(sDeviceName), DEVICE, unit ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1120:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1133:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1154:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1169:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1183:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1207:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1225:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1237:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1256:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1263:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1425:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1443:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1462:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1600:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1623:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1649:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1830:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1854:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1865:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2040:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2052:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2072:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2086:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2100:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2124:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2136:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2155:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2162:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2358:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2393:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2415:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2430:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2442:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2454:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2993:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog), JJY_CLOCKSTATS_MESSAGE_LOOPBACK_DELAY,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3452:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3468:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3483:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3523:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3528:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3542:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3551:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( sLog, sizeof(sLog),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:497:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(lockfile, sizeof(lockfile), LOCKFILE,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:515:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, up->unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:622:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(lockfile, sizeof(lockfile),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:511:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rcode = snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:604:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rcode = snprintf(device, sizeof(device), PPSDEV, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:636:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(device1, sizeof(device1), DEVICE1, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:637:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)snprintf(device2, sizeof(device2), DEVICE2, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1817:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(Msg, sizeof(Msg), /* MAX length 128, currently at 127 */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1956:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(Msg2, "%02x", buf[i++]);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:4133:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf(msg, sizeof(msg), fmt, ap);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_pps.c:144:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_spectracom.c:177:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:311:6: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:314:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rcode = snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:188:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(up->debug, fmt, ap);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:210:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_zyfer.c:126:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(device, sizeof(device), DEVICE, unit);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:323:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt1 : ofmt1, status, timex_state(status));
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:338:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt2 : ofmt2, json ? rfc3339date(ts) : prettydate(ts), fdigits, (int)time_frac);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:339:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt3 : ofmt3, (unsigned long)ntv.maxerror, (unsigned long)ntv.esterror);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:341:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt4 : ofmt4,
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:349:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt5 : ofmt5, (long)ntv.tai);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:383:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt7 : ofmt7, status, timex_state(status));
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:384:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt8 : ofmt8,
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:387:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt9 : ofmt9, ftemp);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:389:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt10 : ofmt10, ftemp, 1 << ntx.shift);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:390:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt11 : ofmt11,
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:392:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt12 : ofmt12,
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:404:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt13 : ofmt13,
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:410:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt14 : ofmt14,
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:412:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(json ? jfmt15 : ofmt15,
data/ntpsec-1.2.0+dfsg1/tests/ntpd/leapsec.c:441:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stream, fmt, ap);
data/ntpsec-1.2.0+dfsg1/attic/random.c:77:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sum += random();
data/ntpsec-1.2.0+dfsg1/attic/random.c:155:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sum += random();
data/ntpsec-1.2.0+dfsg1/attic/sht.c:167:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rcv_frc = (unsigned int)random() % 1000000000U;
data/ntpsec-1.2.0+dfsg1/attic/sht.c:171:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
clk_frc = rcv_frc + (unsigned int)(random()%7094713 - 3547356);
data/ntpsec-1.2.0+dfsg1/libntp/systime.c:231:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
normalize_time(ts, sys_fuzz > 0.0 ? random() : 0, now);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3208:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
noise = random();
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3252:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
noise = (uint32_t)random();
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3796:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
noise = (uint32_t)random();
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3974:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
noise = (uint32_t)random();
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_packetstamp.c:156:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
fuzz = random() * 2. / FRAC * sys_fuzz;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_peer.c:101:28: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
current_association_ID = random() & ASSOCID_MAX;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:479:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(double)random() / RAND_MAX < .1) ||
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:1051:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((fmri = getenv("SMF_FMRI")) != NULL) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:1216:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
next = ((0x1000UL | (random() & 0x0ff)) <<
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_sandbox.c:156:8: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (chroot(chrootdir)) {
data/ntpsec-1.2.0+dfsg1/ntpfrob/main.c:44:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "a:Ab:cdDejp:rh?V")) != EOF) {
data/ntpsec-1.2.0+dfsg1/tests/common/tests_main.c:54:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
RUN_TEST_GROUP(random);
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:7:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TEST_GROUP(random);
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:9:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TEST_SETUP(random) {}
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:11:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TEST_TEAR_DOWN(random) {}
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:16:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TEST(random, random32) {
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:27:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint32_t sample = random();
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:37:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TEST(random, random_bytes) {
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:70:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TEST_GROUP_RUNNER(random) {
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:71:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
RUN_TEST_CASE(random, random32);
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:72:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
RUN_TEST_CASE(random, random_bytes);
data/ntpsec-1.2.0+dfsg1/attic/cmac-timing.c:51:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char answer[EVP_MAX_MD_SIZE];
data/ntpsec-1.2.0+dfsg1/attic/cmac-timing.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbc[100];
data/ntpsec-1.2.0+dfsg1/attic/cmac-timing.c:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbc[100];
data/ntpsec-1.2.0+dfsg1/attic/cmac-timing.c:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbc[100];
data/ntpsec-1.2.0+dfsg1/attic/digest-find.c:38:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packet[100];
data/ntpsec-1.2.0+dfsg1/attic/digest-find.c:62:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE];
data/ntpsec-1.2.0+dfsg1/attic/digest-timing.c:85:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char answer[EVP_MAX_MD_SIZE];
data/ntpsec-1.2.0+dfsg1/attic/digest-timing.c:103:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char answer[EVP_MAX_MD_SIZE];
data/ntpsec-1.2.0+dfsg1/attic/random.c:91:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rnd[512];
data/ntpsec-1.2.0+dfsg1/attic/random.c:121:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rnd[512];
data/ntpsec-1.2.0+dfsg1/attic/random.c:171:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rnd[512];
data/ntpsec-1.2.0+dfsg1/attic/random.c:203:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rnd[512];
data/ntpsec-1.2.0+dfsg1/attic/sht.c:103:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->nsamples=atoi(argp+1);
data/ntpsec-1.2.0+dfsg1/attic/sht.c:107:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->leap=atoi(argp+1);
data/ntpsec-1.2.0+dfsg1/attic/sht.c:111:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->precision=-atoi(argp+1);
data/ntpsec-1.2.0+dfsg1/include/ieee754io.h:24:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char offsets_t[IEEE_OFFSETS];
data/ntpsec-1.2.0+dfsg1/include/isc_interfaceiter.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; /* Interface name, null-terminated. */
data/ntpsec-1.2.0+dfsg1/include/lib_strbuf.h:16:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char libbufstr[LIB_BUFLENGTH];
data/ntpsec-1.2.0+dfsg1/include/mbg_gps166.h:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[GPS_ID_STR_SIZE]; ///< Optional string identifying a customized version
data/ntpsec-1.2.0+dfsg1/include/mbg_gps166.h:386:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char TZ_NAME[6];
data/ntpsec-1.2.0+dfsg1/include/mbg_gps166.h:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[23]; ///< 22 chars GPS ASCII message plus trailing zero
data/ntpsec-1.2.0+dfsg1/include/ntp.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; /* name of interface */
data/ntpsec-1.2.0+dfsg1/include/ntp.h:424:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refid[REFIDLEN];
data/ntpsec-1.2.0+dfsg1/include/ntp_config.h:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXLINE];
data/ntpsec-1.2.0+dfsg1/include/ntp_config.h:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[MAXLINE];
data/ntpsec-1.2.0+dfsg1/include/ntp_refclock.h:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a_lastcode[BMAX]; /* last timecode received */
data/ntpsec-1.2.0+dfsg1/include/ntpd.h:438:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char statsdir[MAXFILENAME];
data/ntpsec-1.2.0+dfsg1/include/parse.h:125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char parse_msg[PARSE_TCMAX]; /* original messages */
data/ntpsec-1.2.0+dfsg1/include/parse.h:147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parse_buffer[PARSE_TCMAX+1]; /* timecode buffer */
data/ntpsec-1.2.0+dfsg1/include/parse.h:153:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parse_buffer[PARSE_TCMAX+1]; /* format code string */
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:95:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char byte[16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:100:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte[8];
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:275:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst->d, &src->d, sizeof src->d);
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:399:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t, in + (len-16), 16);
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:407:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t, in, len);
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:475:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v_out, &q, 16);
data/ntpsec-1.2.0+dfsg1/libaes_siv/aes_siv.c:504:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&q, v, 16);
data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c:18:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char key[64];
data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c:19:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ad[65536];
data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c:20:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char nonce[16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c:21:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char in[65536+16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c:22:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char out[65536+16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/bench.c:170:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in, out, call_list[i].in_len + 16);
data/ntpsec-1.2.0+dfsg1/libaes_siv/demo.c:36:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "rb");
data/ntpsec-1.2.0+dfsg1/libaes_siv/demo.c:184:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1024];
data/ntpsec-1.2.0+dfsg1/libaes_siv/demo.c:201:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(plaintext + plaintext_len, buf, r);
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:127:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:128:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:209:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:210:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:286:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:287:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:352:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:353:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:412:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:413:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:477:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext1_out[256], ciphertext2_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:523:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char key[40];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:524:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ad[16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:525:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char plaintext[16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:527:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ciphertext_out[256];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:551:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char key[32];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:552:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ad[16];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:553:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char ciphertext[32];
data/ntpsec-1.2.0+dfsg1/libaes_siv/tests.c:555:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char plaintext_out[256];
data/ntpsec-1.2.0+dfsg1/libjsmn/example/jsondump.c:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(toklarge, toksmall, sizeof(toksmall));
data/ntpsec-1.2.0+dfsg1/libntp/authkeys.c:466:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth->key, key, key_size);
data/ntpsec-1.2.0+dfsg1/libntp/authkeys.c:475:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newkey, key, key_size);
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:108:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[EVP_MAX_MD_SIZE];
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:128:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mac[CMAC_MAX_MAC_LENGTH+1024];
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[EVP_MAX_KEY_LENGTH]; /* garbage is OK */
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512]; /* lots of room for line */
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[NAMEBUFSIZE];
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:256:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file, "r");
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:282:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
keyno = (keyid_t)atoi(token);
data/ntpsec-1.2.0+dfsg1/libntp/decodenetnum.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[INET6_ADDRSTRLEN];
data/ntpsec-1.2.0+dfsg1/libntp/decodenetnum.c:119:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ip, ip_start, (size_t)(ip_end - ip_start));
data/ntpsec-1.2.0+dfsg1/libntp/decodenetnum.c:143:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(netnum, ai->ai_addr, ai->ai_addrlen);
data/ntpsec-1.2.0+dfsg1/libntp/emalloc.c:136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy, str, bytes);
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:91:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst->type.in,
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:97:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst->type.in6, &sa6->sin6_addr,
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:229:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[ISC_IF_INET6_SZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:238:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:259:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
iter->proc = fopen("/proc/net/if_inet6", "r");
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:372:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->current.name, ifa->ifa_name, namelen);
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:510:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:606:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->current.name, sdl->sdl_data, namelen);
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:796:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[ISC_IF_INET6_SZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:831:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:894:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:971:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1034:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
iter->proc = fopen("/proc/net/if_inet6", "r");
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1075:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1079:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sabuf[256];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1110:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->current.name, ifreq.ifr_name, sizeof(ifreq.ifr_name));
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1173:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lifreq.lifr_addr, &iter->current.address.type.in6,
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1271:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1293:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter->current.name, lifreq.lifr_name, sizeof(lifreq.lifr_name));
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1624:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[33];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1625:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IF_NAMESIZE+1];
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1709:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifdata, &iter->current, sizeof(*ifdata));
data/ntpsec-1.2.0+dfsg1/libntp/isc_net.c:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/isc_net.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:41:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void humanlogtime(char buf[TIMESTAMP_LEN]);
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
humanlogtime(char buf[TIMESTAMP_LEN])
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:61:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const months[12] = {
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[TIMESTAMP_LEN];
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PIPE_BUF];
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:185:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curdir[512];
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:329:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new_file = fopen(abs_fname, "a");
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:419:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new_file = fopen(syslog_fname, "a");
data/ntpsec-1.2.0+dfsg1/libntp/numtoa.c:33:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&text[1], &refid, sizeof(refid));
data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char upcase[100];
data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.c:84:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void do_mac(char *name,
data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char upcase[100];
data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.c:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newkey, key, keylen);
data/ntpsec-1.2.0+dfsg1/libntp/pymodule-mac.h:22:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void do_mac(char *name,
data/ntpsec-1.2.0+dfsg1/libntp/socktoa.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[LIB_BUFLENGTH];
data/ntpsec-1.2.0+dfsg1/libntp/socktoa.c:93:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[LIB_BUFLENGTH];
data/ntpsec-1.2.0+dfsg1/libntp/systime.c:417:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldbuf[100], newbuf[100];
data/ntpsec-1.2.0+dfsg1/libparse/clk_meinberg.c:614:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parseio->parse_ldata, parseio->parse_data, (unsigned)(parseio->parse_index+1));
data/ntpsec-1.2.0+dfsg1/libparse/clk_meinberg.c:638:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parseio->parse_ldata, parseio->parse_data, (unsigned)(parseio->parse_index+1));
data/ntpsec-1.2.0+dfsg1/libparse/clk_rawdcf.c:318:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char histbuf[BITS];
data/ntpsec-1.2.0+dfsg1/libparse/clk_trimtsip.c:152:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parseio->parse_ldata, parseio->parse_data, parseio->parse_ldsize);
data/ntpsec-1.2.0+dfsg1/libparse/ieee754io.c:77:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[4];
data/ntpsec-1.2.0+dfsg1/libparse/parse.c:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parseio->parse_ldata, parseio->parse_data, (unsigned)(parseio->parse_index+1));
data/ntpsec-1.2.0+dfsg1/libparse/parse.c:156:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parseio->parse_ldata, parseio->parse_data, (unsigned)(parseio->parse_index+1));
data/ntpsec-1.2.0+dfsg1/libparse/parse.c:569:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dct->parsegettc.parse_buffer, parse->parse_ldata, dct->parsegettc.parse_count);
data/ntpsec-1.2.0+dfsg1/libparse/parse.c:652:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dct->parseformat.parse_buffer, clockformats[dct->parseformat.parse_format]->name, dct->parseformat.parse_count);
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:231:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * symb[1024]; /* map token ID to symbolic name */
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[128];
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:298:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rprefix[MAX_TOK_LEN + 1];
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[MAX_TOK_LEN + 1];
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token_id_comment[16 + MAX_TOK_LEN + 1];
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2 * MAX_TOK_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:685:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[2 * MAX_TOK_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:688:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
yh = fopen(header_file, "r");
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:718:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:148:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sys_phone[MAXPHONE] = {NULL}; /* ACTS phone numbers */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:742:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&my_node->clock_stat.fudgeval2,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:1737:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, pai->ai_addr,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:1787:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr, pai->ai_addr,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:2398:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&clock_stat.fudgeval2,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3020:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origin[128];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirpath[PATH_MAX];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3153:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptree, &cfgt, sizeof(*ptree));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_s[40], *mask_p;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:656:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pkt->data, rbufp->recv_buffer + 12, 480 + MAX_MAC_LEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datapt, &keyid, sizeof(keyid));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1057:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datapt, dp, currentlen);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1067:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datapt, dp, dlen);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1092:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1147:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1148:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1166:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1167:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1188:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1216:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1237:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1306:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[16];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1307:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(refid) + 1];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1501:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CTL_MAX_DATA_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1527:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffp, k->text, len);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1547:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffp, k->text, len);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2064:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CTL_MAX_DATA_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2101:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[256];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2282:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, k->text, sz);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CTL_MAX_DATA_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2460:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, k->text, sz);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2480:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, k->text, sz);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2517:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2569:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, plhead, plsize);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2892:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nulltxt[1] = { '\0' };
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2960:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tt, valuep, 1 + strlen(valuep));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3038:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(remote_config.buffer, reqpt, data_count);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[32];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3444:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char nulltxt[1] = { '\0' };
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[32];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3925:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&SOCK_ADDR6(psaA), &pres->u.v6.addr,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3928:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&SOCK_ADDR6(psaM), &pres->u.v6.mask,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3953:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[32];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statstr[NTP_MAXSTRLEN];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4470:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td, data, size);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4484:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td, data, size);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4494:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(td, data, size);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_dns.c:127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sockaddr, ai->ai_addr, ai->ai_addrlen);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_filegen.c:273:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fullname, "a");
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&t->type.in6, &s->type.sin6.sin6_addr, 16);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:639:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[128];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:726:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iface, interface, sizeof(*iface));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:2080:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RX_BUFF_SIZE];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:2139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char control[100]; /* FIXME: Need space for time stamp plus overhead */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:2150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RX_BUFF_SIZE];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:3014:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5120];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:116:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p2, p1, sizeof(leap_table_t));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp, *ep, linebuf[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:500:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fname, "r")) == NULL) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:521:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psig, &pt->lsig, sizeof(leap_signature_t));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:865:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hv[ISC_SHA1_DIGESTLENGTH];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:913:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text[32]; // must be a power of two!
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:943:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[50];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_loopfilter.c:131:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char relative_path[PATH_MAX + 1]; /* relative path per recursive make */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_loopfilter.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[256], nbuf[256], tbuf[1024];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_loopfilter.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char des[1024] = ""; /* Decoded Error Status */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_loopfilter.c:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[80]; /* report buffer */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:331:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkt->refid, recv_buf + 12, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:607:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&peer->refid, rbufp->pkt.refid, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:1076:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sys_vars.sys_refid, "STEP", REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:1266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&peer->refid, ident, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:1318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[80];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:1530:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sys_vars.sys_refid, "DOWN", REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:2245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xpkt.refid, "RATE", REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:2796:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sys_vars.sys_refid, "INIT", REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_proto.c:2956:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[JUNKSIZE];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_refclock.c:635:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lineptr, rbufp->recv_buffer, bmax);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_refclock.c:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trash[128]; /* litter bin for old input data */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_refclock.c:701:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(dev, O_RDWR | O_NONBLOCK | O_NOCTTY);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_restrict.c:551:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, &match,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_restrict.c:556:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, &match,
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_sandbox.c:352:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SCMP_SYS(open),
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char yytext[MAX_LEXEME]; /* Buffer for storing the input text/lexeme */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:150:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stream->fname, path, nnambuf);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:153:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream->fpi = fopen(path, mode);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:408:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[PATH_MAX];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subpath[PATH_MAX];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1]; /* (formal only) buffered name */
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_signd.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkt[LEN_PKT_NOMAC];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_signd.c:158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkt[LEN_PKT_NOMAC];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_signd.c:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_socket[256];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_signd.c:214:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&samba_reply, reply, reply_len);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_timer.c:235:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sys_vars.sys_refid, "LOOP", REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statsdir[MAXFILENAME] = NTP_VAR;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[PATH_MAX];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:163:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((new = fopen(tempfile, "w")) == NULL) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:212:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(drift_file, "r")) == NULL) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stats_drift_file, value, len+1);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:302:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(value, "w")) == NULL) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:324:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(leapfile_name, value, len + 1);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:812:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key_file_name, keyfile, len + 1);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:249:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:308:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config_priority = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:361:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long val = atol(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:464:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char versionbuf[64];
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:578:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
INSIST(0 == open("/dev/null", 0) && 1 == dup2(0, 1) \
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:716:43: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long tkey = (unsigned long)atol(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024]; /* Secret knowledge of msyslog buf length */
data/ntpsec-1.2.0+dfsg1/ntpd/nts.c:219:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts.c:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/ntpsec-1.2.0+dfsg1/ntpd/nts.c:368:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->next, data, length);
data/ntpsec-1.2.0+dfsg1/ntpd/nts.c:403:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf->next, length);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256], port[32];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:291:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sockaddr, worker->ai_addr, worker->ai_addrlen);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256], *tmp;
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[200];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:463:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff [16];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:465:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, data, l);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:483:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char context[5];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:586:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:588:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server[MAX_SERVER];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:773:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, answer->ai_addr, answer->ai_addrlen);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:178:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(cookie_filename, "r");
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:259:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(cookie_filename, O_CREAT|O_WRONLY, S_IRUSR|S_IWUSR);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(finger, &temp, AEAD_LENGTH);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:313:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(finger, c2s, keylen);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:315:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(finger, s2c, keylen);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:322:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(finger, &I, sizeof(I));
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:417:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, finger, AEAD_LENGTH);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:420:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c2s, finger, *keylen);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_cookie.c:422:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s2c, finger, *keylen);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_extens.c:397:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t*)&peer->nts_state.cookies[idx], buf.next, length);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foo[256];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usingbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/nts_server.c:413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[100];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[MAXSTA]; /* receiver status (SR command) */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char latlon[MAXPOS]; /* receiver position (lat/lon/alt) */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:182:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[BMAX]; /* temp buffer */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:1613:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, "\\\\", 2);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:1628:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(endb, ellipsis, sizeof(ellipsis));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2180:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2223:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[40];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parsedev[sizeof(PARSEDEVICE)+20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2524:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parseppsdev[sizeof(PARSEPPSDEVICE)+20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2573:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd232 = open(path, O_RDWR | O_NOCTTY | O_NONBLOCK, 0777);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2694:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
parse->ppsfd = open(ppspath, O_RDWR | O_NOCTTY | O_NONBLOCK, 0777);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3019:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char outstatus[400]; /* status output buffer */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char item[80];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3281:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[400];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3392:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[200];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3393:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp2[200];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3820:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuffer[600];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3842:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3874:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3914:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3929:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3954:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4012:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4106:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4136:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4142:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[128];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4196:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd_buffer[64];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4221:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4594:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4938:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pbuffer[200];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_PDU_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:348:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const s_req_watch[2] = {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:546:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:2166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_lbuf[MAX_PDU_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statscrn[SMAX]; /* receiver status screen buffer */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c:198:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prompt[BMAX]; /* prompt in response from receiver */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_hpgps.c:280:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(up->lastptr, pp->a_lastcode, (size_t)pp->lencode);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sRawBuf [ MAX_RAWBUF ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLineBuf [ MAX_RAWBUF ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sTextBuf [ MAX_RAWBUF ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sDeviceName [ sizeof(DEVICE) + 10 ], sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:515:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (char*)&pp->refid, REFID, strlen(REFID) ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLogText [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:819:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog [ MAX_LOGTEXT ], sReach [ 9 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog [ MAX_LOGTEXT ], cStatus ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1093:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLog [ MAX_LOGTEXT ], sErr [ 60 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sCmd[2] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLog [ MAX_LOGTEXT ], sMsg [ 16 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cApostrophe, sStatus[3] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1984:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pBuf, sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog [ MAX_LOGTEXT ], sFirstThreeDigits [ 4 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2976:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog[120];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3902:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sResp [ 40 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4053:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cBuf [ 46 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sCmd [ 46 ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sLog [ MAX_LOGTEXT ] ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_local.c:109:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, "LOCL", REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BMAX]; /* bufptr roams within buf[] */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:272:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[sizeof(up->buf)];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[BMAX], *cp;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfile[128], pidbuf[8];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:499:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(lockfile, O_WRONLY | O_CREAT | O_EXCL,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lockfile[128];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utc[10]; /* ACTS timescale */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:804:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFACTS, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:830:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFUSNO, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:855:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFPTB, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:874:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFTYPE, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:896:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFTYPE, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20], *path;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:503:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[32];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:612:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
up->ppsapi_fd = open(peer->cfg.ppspath,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rd_lastcode[BMAX];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:1252:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp->a_lastcode, tc, len);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:1283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NMEA_PROTO_MAXLEN + 7];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:425:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char flag[3];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device1[STRING_LEN], device2[STRING_LEN];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:625:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, "GPS\0", (size_t) 4);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:689:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd2=open(device2, O_RDWR, 0777)) < 0) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:941:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(instance->shmem_fname, O_RDONLY)) < 0)
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:955:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((instance->shmemfd = open(instance->shmem_fname, O_RDWR|O_CREAT|O_TRUNC, 0644)) < 0) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1033:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, cp1, (size_t) n);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cc, *ca, line[100], units[2], device[64];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1217:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd=fopen(device, "r"))) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1222:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd=fopen(device, "r"))) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1226:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd=fopen(device, "r"))) { /* last try "ntp.oncore" */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1470:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msg[120], Msg2[10];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1494:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcvbuf+rcvptr, p, i);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1526:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcvbuf, rcvbuf+i, (size_t)(rcvptr-i));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1544:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcvbuf, rcvbuf+4, (size_t) 4);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1574:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->shmem + oncore_messages[m].shmem + 3,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1584:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msg[120], Msg2[10];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1599:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rcvbuf, rcvbuf+l, (size_t) (rcvptr-l));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msg[160];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1800:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f1[5], f2[5], f3[8], f4[5];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1838:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f1[5], f2[5], f3[8], f4[5];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msg[120], Msg2[10];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2183:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->BEHa, buf, (size_t) (len+3)); /* Ba, Ea or Ha */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2383:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&smp[i+3], buf, (size_t) (len+3));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2678:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->BEHn, buf, (size_t) len); /* Bn or En or Hn */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2821:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->shmem + instance->shmem_Cb + i + 3, buf,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2883:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance->Cj, buf, len);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2933:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cp2, Model[21];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2954:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
instance->version = (unsigned int)atoi((char *) &instance->Cj[83]);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:2955:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
instance->revision = (unsigned int)atoi((char *) &instance->Cj[111]);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3098:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Az, (size_t) sizeof(oncore_cmd_Az));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3103:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Ay, (size_t) sizeof(oncore_cmd_Ay)); /* some have it, some don't */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3110:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Ag, (size_t) sizeof(oncore_cmd_Ag));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3255:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * insrem[2] = {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3660:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Gb, (size_t) sizeof(oncore_cmd_Gb));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3677:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Ac, (size_t) sizeof(oncore_cmd_Ac));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3684:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Aa, (size_t) sizeof(oncore_cmd_Aa));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Msg[160], Msg2[10];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3860:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_As, (size_t) sizeof(oncore_cmd_As)); /* don't modify static variables */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3867:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Au, (size_t) sizeof(oncore_cmd_Au));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3875:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Ga, (size_t) sizeof(oncore_cmd_Ga));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3882:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Ad, (size_t) sizeof(oncore_cmd_Ad));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3886:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Ae, (size_t) sizeof(oncore_cmd_Ae));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:3890:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cmd, oncore_cmd_Af, (size_t) sizeof(oncore_cmd_Af));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:4130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_pps.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[80];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_pps.c:135:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_pps.c:146:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
up->fddev = open(pps_path, O_RDWR);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_shm.c:175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_spectracom.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_spectracom.c:208:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rpt_buf[RMAX]; /* packet assembly buffer */
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:143:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tracking_status[PAL_TSTATS+1][16] = {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:159:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char tb_disc_mode[TB_DISC_MODES+1][16] = {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20], *path;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_trimble.c:448:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:168:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[40];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:173:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_CREAT | O_WRONLY | O_EXCL,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:176:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[40];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:240:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rd_lastcode[BMAX];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_zyfer.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device[20];
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_zyfer.c:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&pp->refid, REFID, REFIDLEN);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_zyfer.c:213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp->a_lastcode + pp->lencode, p, rbufp->recv_length);
data/ntpsec-1.2.0+dfsg1/ntpfrob/main.c:56:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tickadj(mode, atoi(optarg));
data/ntpsec-1.2.0+dfsg1/ntpfrob/main.c:63:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bumpclock(atol(optarg));
data/ntpsec-1.2.0+dfsg1/ntpfrob/pps-api.c:86:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascbuf[BUFSIZ];
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:144:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntx.constant = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:153:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntx.esterror = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:167:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntx.maxerror = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:172:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntx.offset = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:181:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntx.status = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:188:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntx.constant = atoi(ntp_optarg);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:360:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binbuf[132];
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:524:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/ntpsec-1.2.0+dfsg1/tests/libntp/lfpfunc.c:251:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packetPtr[totalLength];
data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c:39:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packetPtr, packet, (size_t)packetLength);
data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packetPtr[totalLength];
data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c:77:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(packetPtr, packet, (size_t)packetLength);
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_calendar.c:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[255];
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_calendar.c:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[255];
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:39:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zeros[BYTES]; /* collected zeros */
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:40:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ones[BYTES]; /* collected ones */
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char clear[BYTES]; /* expected all zeros */
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char full[BYTES]; /* expected all ones */
data/ntpsec-1.2.0+dfsg1/tests/libntp/ntp_random.c:58:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sample[BYTES];
data/ntpsec-1.2.0+dfsg1/tests/libntp/refidsmear.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[100];
data/ntpsec-1.2.0+dfsg1/tests/libntp/refidsmear.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[100];
data/ntpsec-1.2.0+dfsg1/tests/libntp/strtolfp.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:24:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:34:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 1, 2};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:44:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:54:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:64:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0x80};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:75:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 0, 0, 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:86:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 1, 2, 3, 4};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:97:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 4, 3, 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:108:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 0xff, 0xff, 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:119:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 0, 0, 0, 0x80};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:129:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ret[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:130:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char expect[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:139:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ret[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:140:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char expect[2] = { 1, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:149:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ret[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:150:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char expect[2] = { 0, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:159:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ret[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:160:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char expect[2] = { 0xff, 0xff };
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:169:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ret[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:170:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char expect[2] = { 1, 0x80};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:183:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:193:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 1, 2};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:203:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:213:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:223:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0x80};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:234:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 0, 0, 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:245:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 1, 2, 3, 4};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:256:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 4, 3, 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:267:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 0xff, 0xff, 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:278:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[4] = { 0, 0, 0, 0x80};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:290:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:300:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:310:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 1, 2};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:320:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:330:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0x80, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:340:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:349:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:358:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 1, 2};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:367:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:376:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0x80, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:385:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:394:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:403:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 1, 2};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:412:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0xff, 0xff};
data/ntpsec-1.2.0+dfsg1/tests/libparse/binio.c:421:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = { 0x80, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:37:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char one[4] = { 0, 0, 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:49:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char one[4] = { 0x3f, 0x80, 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:61:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char negone[4] = { 0xbf, 0x80, 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:73:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4] = { 0x7f, 0x80, 0, 0};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:107:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4] = { 0x4e, 0xff, 255, 255};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:108:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_n[4] = { 0xce, 0xff, 255, 255};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:129:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4] = { 0x3e, 127, 1, 2};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:131:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_n[4] = { 127, 0x3e, 2, 1};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:154:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4] = { 0x2F, 255, 255, 255};
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:167:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char one[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:179:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char one[8] = { 0x3f, 0xf0, 0, 0, 0, 0, 0, 0 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:191:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char negone[8] = { 0xbf, 0xf0, 0, 0, 0, 0, 0, 0 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:203:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8] = { 0x7f, 0xF0, 0, 0, 0, 0, 0, 0 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:257:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8] = { 65, 239, 255, 255, 255, 255, 255, 255 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:259:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_n[8] = { 65, 239, 255, 255, 255, 255, 255, 254 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:280:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8] = { 65, 239, 1, 2, 3, 4, 5, 6 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:282:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_n[8] = { 239, 65, 2, 1, 4, 3, 6, 5 };
data/ntpsec-1.2.0+dfsg1/tests/libparse/ieee754io.c:303:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8] = { 0x3d, 255, 255, 255, 255, 255, 255, 255};
data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_client.c:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pAEAD[50] = "AES_SIV_CMAC_512";
data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_client.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gAEAD[50] = "AES_SIV_CMAC_384";
data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_extens.c:48:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(peer.nts_state.c2s, c2s, sizeof(c2s));
data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_extens.c:69:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkt, base_pkt, sizeof(base_pkt));
data/ntpsec-1.2.0+dfsg1/tests/unity/unity.c:374:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16] = {0};
data/ntpsec-1.2.0+dfsg1/tests/unity/unity_memory.c:43:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char unity_heap[UNITY_INTERNAL_HEAP_SIZE_BYTES];
data/ntpsec-1.2.0+dfsg1/tests/unity/unity_memory.c:102:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mem[size], end, sizeof(end));
data/ntpsec-1.2.0+dfsg1/tests/unity/unity_memory.c:199:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newMem, oldMem, guard->size);
data/ntpsec-1.2.0+dfsg1/attic/backwards.c:33:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
for(int equal = 0; equal < 5; ) {
data/ntpsec-1.2.0+dfsg1/libjsmn/example/jsondump.c:113:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(js + jslen, buf, r);
data/ntpsec-1.2.0+dfsg1/libjsmn/example/simple.c:16:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tok->type == JSMN_STRING && (int)strlen(s) == tok->end - tok->start &&
data/ntpsec-1.2.0+dfsg1/libjsmn/example/simple.c:30:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = jsmn_parse(&p, JSON_STRING, strlen(JSON_STRING), t,
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:107:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 1; i <= strlen(js); i++) {
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:109:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i == strlen(js)) {
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:130:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 1; i <= strlen(js); i++) {
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:132:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i == strlen(js)) {
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:158:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = jsmn_parse(&p, js, strlen(js), toksmall, i);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:163:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = jsmn_parse(&p, js, strlen(js), toklarge, 10);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:182:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = jsmn_parse(&p, js, strlen(js), tok, 10);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:208:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = jsmn_parse(&p, js, strlen(js), tokens, 128);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:242:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 1);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:246:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 1);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:250:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 2);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:254:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 3);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:258:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 3);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:262:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 7);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:266:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 5);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:270:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 5);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:274:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 4);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/tests.c:278:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check(jsmn_parse(&p, js, strlen(js), NULL, 0) == 7);
data/ntpsec-1.2.0+dfsg1/libjsmn/test/testutil.h:52:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) != (unsigned long)(t[i].end - t[i].start) ||
data/ntpsec-1.2.0+dfsg1/libjsmn/test/testutil.h:81:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r = jsmn_parse(&p, s, strlen(s), t, numtok);
data/ntpsec-1.2.0+dfsg1/libntp/authreadkeys.c:365:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(token);
data/ntpsec-1.2.0+dfsg1/libntp/decodenetnum.c:58:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numlen = strlen(num);
data/ntpsec-1.2.0+dfsg1/libntp/emalloc.c:130:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bytes = strlen(str) + 1;
data/ntpsec-1.2.0+dfsg1/libntp/getopt.c:164:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[ntp_optind]) < 3 || strncmp(argv[ntp_optind], "--", 2) != 0) {
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:367:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = (unsigned int)strlen(ifa->ifa_name);
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1642:15: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
res = sscanf(iter->entry, "%32[a-f0-9] %x %x %x %x %16s\n",
data/ntpsec-1.2.0+dfsg1/libntp/isc_interfaceiter.c:1654:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(address) != 32) {
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:138:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ('\n' != msg[strlen(msg) - 1]) {
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:171:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf) - 1,
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:171:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf) - 1,
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:173:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
IGNORE(write(fileno(syslog_file), buf, strlen(buf)));
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:313:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd_octets = strlen(curdir);
data/ntpsec-1.2.0+dfsg1/libntp/msyslog.c:320:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
octets += strlen(log_fname);
data/ntpsec-1.2.0+dfsg1/libntp/numtoa.c:35:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen(text);
data/ntpsec-1.2.0+dfsg1/libntp/statestr.c:403:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cc = cb + strlen(cb);
data/ntpsec-1.2.0+dfsg1/libntp/strl_obsd.c:83:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(dlen + strlen(s));
data/ntpsec-1.2.0+dfsg1/libparse/data_mbg.c:158:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/ntpsec-1.2.0+dfsg1/libparse/data_mbg.c:181:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*buffpp += strlen(*buffpp);
data/ntpsec-1.2.0+dfsg1/libparse/data_mbg.c:199:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*buffpp += strlen(*buffpp);
data/ntpsec-1.2.0+dfsg1/libparse/parse.c:650:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(clockformats[dct->parseformat.parse_format]->name) <= PARSE_TCMAX) {
data/ntpsec-1.2.0+dfsg1/libparse/parse.c:651:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dct->parseformat.parse_count = (unsigned short) (strlen(clockformats[dct->parseformat.parse_format]->name) + 1);
data/ntpsec-1.2.0+dfsg1/ntpd/keyword-gen.c:700:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > MAX_TOK_LEN) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:744:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
min(strlen(option->value.s), REFIDLEN));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:2314:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
varlen = strlen(my_node->var);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:2315:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vallen = strlen(my_node->val);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:2400:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
min(strlen(curr_opt->value.s), REFIDLEN));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3076:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_sys_var(line, strlen(line) + 1, RO);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3188:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(*pstr, m->name, strlen(m->name)) == 0) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_config.c:3189:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pstr += strlen(m->name);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1101:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1123:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(tag) + 2 + len) >= sizeof(buffer)) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1132:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1154:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1174:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1201:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buf), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1223:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1244:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1265:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1293:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1325:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(output, strlen(output), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1355:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(buffer, strlen(buffer), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1442:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(sys_var[CS_PEERADR].text, ss, strlen(ss));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1479:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utsnamebuf.machine, strlen(utsnamebuf.machine));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1485:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putstr(sys_var[CS_SYSTEM].text, str, strlen(str));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1490:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putstr(sys_var[CS_VERSION].text, ss, strlen(ss));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1511:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buffp + strlen(sys_var[CS_VARLIST].text) + 4 > buffend)
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1515:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffp += strlen(buffp);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1520:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(k->text);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1538:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(k->text);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:1815:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putstr(sys_var[varid].text, ss, strlen(ss));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2098:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p->hostname));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2103:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putstr(peer_var[id].text, buf1, strlen(buf1));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2268:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(peer_var[id].text) + 4 > sizeof(buf))
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2272:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2277:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(k->text);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2364:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pcs->clockname));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2434:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pcs->clockdesc));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2441:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clock_var[CC_VARLIST].text) + 4 >
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2447:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2454:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sz = strlen(k->text);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2842:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(pch, strlen(pch), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2850:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(kv->text, strlen(kv->text),
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2953:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
octets = strlen(v->text) + strlen(valuep) + 2;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2953:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
octets = strlen(v->text) + strlen(valuep) + 2;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2960:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tt, valuep, 1 + strlen(valuep));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:2961:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_sys_var(vareqv, 1 + strlen(vareqv), v->flags);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3010:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(remote_config.err_msg), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3029:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(remote_config.err_msg), false);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3266:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(tag, pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3518:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_var(&in_parms, buf, strlen(buf) + 1, 0);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3520:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_var(&in_parms, buf, strlen(buf) + 1, 0);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3656:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr("nonce", buf, strlen(buf));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3685:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr("addr.older", pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3704:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr("nonce", buf, strlen(buf));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3813:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(tag, pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3822:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(tag, pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3832:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putstr(tag, la->name, strlen(la->name));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3991:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(tag, pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:3997:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(tag, pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4017:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr(tag, pch, strlen(pch));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4127:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putunqstr("nonce", buf, strlen(buf));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4230:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(kv[i].text),
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4238:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctl_putdata(kv->text, strlen(kv->text),
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4304:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(statstr);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4341:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(statstr);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_control.c:4521:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = strlen(tag);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_filegen.c:107:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(gen->dir) + strlen(gen->fname) + 65;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_filegen.c:107:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(gen->dir) + strlen(gen->fname) + 65;
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:665:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sizeof(tmpbuf) > strlen(host)) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:2082:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buflen = read(fd, buf, sizeof buf);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:2092:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buflen = read(fd, (char *)&rb->recv_buffer, i);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_io.c:3034:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cnt = read(reader->fd, buffer, sizeof(buffer));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:386:44: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rcheck = leapsec_validate((leapsec_reader)getc, ifp);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_leapsec.c:417:40: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!leapsec_load(pt, (leapsec_reader)getc, ifp)) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_refclock.c:721:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(fd, trash, sizeof(trash)) > 0 || errno == EINTR)
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_sandbox.c:358:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
SCMP_SYS(read),
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:56:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ENDSWITH(str, suff) (strcmp(str + strlen(str) - strlen(suff), suff)==0)
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:56:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ENDSWITH(str, suff) (strcmp(str + strlen(str) - strlen(suff), suff)==0)
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:145:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nnambuf = strlen(path);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:185:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc(stream->fpi)) != EOF && ch > SCHAR_MAX) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:377:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = fullpath + strlen(fullpath);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:439:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subpath) < PATH_MAX - 1) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:440:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ep = subpath + strlen(subpath);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:730:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:951:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (ERA_SUFFIX(yytext[strlen(yytext)-1])) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:952:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (yytext[strlen(yytext)-1] == 'g') {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:955:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (yytext[strlen(yytext)-1] == 'G') {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_scanner.c:958:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
yytext[strlen(yytext)-1] = '\0';
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_signd.c:84:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = read(fd, buf, len);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_timer.c:325:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)(-1 == write(1, msg, strlen(msg)));
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:249:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || (len = strlen(value)) == 0) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:272:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) >= sizeof(statsdir) - 1) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:281:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_l = strlen(value);
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:319:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || (len = strlen(value)) == 0) {
data/ntpsec-1.2.0+dfsg1/ntpd/ntp_util.c:806:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(keyfile);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:490:7: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
uv = umask(0);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:492:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(uv);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:494:3: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(022);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:738:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_sys_var(ntp_optarg, strlen(ntp_optarg) + 1, RW);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:742:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_sys_var(ntp_optarg, strlen(ntp_optarg) + 1,
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:896:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(cp);
data/ntpsec-1.2.0+dfsg1/ntpd/ntpd.c:901:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(cp);
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:490:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
label, strlen(label),
data/ntpsec-1.2.0+dfsg1/ntpd/nts_client.c:498:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
label, strlen(label),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_arbiter.c:316:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pp->lencode = (int)strlen(pp->a_lastcode);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:2820:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_ctl.parseformat.parse_count = (unsigned short) strlen(tmp_ctl.parseformat.parse_buffer);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3116:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tt += strlen(tt);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3121:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkascii(outstatus+strlen(outstatus), (int)(sizeof(outstatus)- strlen(outstatus) - 1),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3121:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkascii(outstatus+strlen(outstatus), (int)(sizeof(outstatus)- strlen(outstatus) - 1),
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3187:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((count = (int) strlen(item)) < (LEN_STATES - 40 - (tt - start)))
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3214:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_var(&out->kv_list, k->text, strlen(k->text)+1, k->flags);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3219:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out->lencode = (unsigned short) strlen(outstatus);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3852:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_var(&parse->kv, buffer, strlen(buffer)+1,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:3907:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
set_var(&parse->kv, buffer, strlen(buffer)+1, RO|DEF);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4119:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4143:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mkreadable(buffer1, sizeof(buffer1), gps_ascii_msg.s, strlen(gps_ascii_msg.s), (int)0);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4413:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int rtc = (int) write(parse->generic->io.fd, *iv, strlen(*iv));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4421:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (rtc != (int)strlen(*iv))
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_generic.c:4424:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parse->peer->procptr->refclkunit, rtc, (int)strlen(*iv));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:841:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t rlen = strlen(s_req_version);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_gpsd.c:1514:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:515:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy( (char*)&pp->refid, REFID, strlen(REFID) ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1697:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iLen = (int)strlen( ECHOKEISOKUKI_LT2000_COMMAND_REQUEST_SEND ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:1840:11: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int rc = sscanf ( pBuf, "%c%2s %2d/%2d/%2d %1d %2d:%2d:%2d",
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:2702:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0 ; i < strlen( sys_phone[0] ) ; i ++ ) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:3237:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iCmdLen = (int)strlen( pCmd ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4143:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iCmdLen = (int)strlen( pCmd ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4221:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iCmdLen = (int)strlen( sCmd ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4329:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iCmdLen = (int)strlen( pCmd ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4390:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iCmdLen = (int)strlen( pCmd ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4447:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iDataLen = (int)strlen( pData ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4448:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
iMarkLen = (int)strlen( pMark ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_jjy.c:4495:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen( printableControlChar[sInput[i] & 0xFF] ) ;
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:365:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DPRINT(1, ("modem: %d %s\n", (int)strlen(msg), msg));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:408:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sys_phone[up->retry])) < 0)
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:507:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd, pidbuf, strlen(pidbuf)) < 0)
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:551:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = write(pp->io.fd, modem_setup, strlen(modem_setup));
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:772:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
switch (strlen(str)) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:790:7: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(str,
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:817:7: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (sscanf(str, "%5lu %3d %2d%2d%2d %3s",
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_modem.c:922:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pp->lencode = (int)strlen(pp->a_lastcode);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_nmea.c:1306:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cmd);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:948:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fd, shmem_old, shmem_old_size);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1247:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = (int)strlen(line);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1318:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if ( 2 != sscanf(ca, "%lf %1s", &f1, units)) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1329:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if ( 2 != sscanf(ca, "%lf %1s", &f1, units)) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:1354:14: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if ( 2 != sscanf(ca, "%lf %1s", &f1, units)) {
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_oncore.c:4138:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
instance->max_len = max(strlen(msg), instance->max_len);
data/ntpsec-1.2.0+dfsg1/ntpd/refclock_truetime.c:488:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(cmd);
data/ntpsec-1.2.0+dfsg1/ntptime/ntptime.c:475:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = buf + strlen(buf);
data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c:47:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auth.key_size = (unsigned short)strlen(MD5key);
data/ntpsec-1.2.0+dfsg1/tests/libntp/macencrypt.c:85:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
auth.key_size = (unsigned short)strlen(CMACkey);
data/ntpsec-1.2.0+dfsg1/tests/ntpd/nts_cookie.c:45:27: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
TEST_ASSERT_EQUAL(false, equal);
ANALYSIS SUMMARY:
Hits = 903
Lines analyzed = 90703 in approximately 2.35 seconds (38589 lines/second)
Physical Source Lines of Code (SLOC) = 60728
Hits@level = [0] 623 [1] 197 [2] 555 [3] 26 [4] 125 [5] 0
Hits@level+ = [0+] 1526 [1+] 903 [2+] 706 [3+] 151 [4+] 125 [5+] 0
Hits/KSLOC@level+ = [0+] 25.1284 [1+] 14.8696 [2+] 11.6256 [3+] 2.4865 [4+] 2.05836 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.