Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.cc
Examining data/squid-4.13/src/DiskIO/Mmapped/MmappedIOStrategy.h
Examining data/squid-4.13/src/DiskIO/Mmapped/MmappedDiskIOModule.h
Examining data/squid-4.13/src/DiskIO/Mmapped/MmappedDiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.h
Examining data/squid-4.13/src/DiskIO/Mmapped/MmappedIOStrategy.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskFile.h
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreads.h
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskIOModule.h
Examining data/squid-4.13/src/DiskIO/DiskThreads/CommIO.h
Examining data/squid-4.13/src/DiskIO/DiskThreads/aiops_win32.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskFile.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsIOStrategy.h
Examining data/squid-4.13/src/DiskIO/DiskThreads/CommIO.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/async_io.cc
Examining data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsIOStrategy.cc
Examining data/squid-4.13/src/DiskIO/DiskFile.h
Examining data/squid-4.13/src/DiskIO/DiskIOStrategy.h
Examining data/squid-4.13/src/DiskIO/DiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/WriteRequest.cc
Examining data/squid-4.13/src/DiskIO/ReadRequest.cc
Examining data/squid-4.13/src/DiskIO/AIO/aio_win32.cc
Examining data/squid-4.13/src/DiskIO/AIO/AIODiskIOStrategy.h
Examining data/squid-4.13/src/DiskIO/AIO/AIODiskIOStrategy.cc
Examining data/squid-4.13/src/DiskIO/AIO/AIODiskFile.h
Examining data/squid-4.13/src/DiskIO/AIO/async_io.h
Examining data/squid-4.13/src/DiskIO/AIO/AIODiskIOModule.h
Examining data/squid-4.13/src/DiskIO/AIO/AIODiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/AIO/AIODiskFile.cc
Examining data/squid-4.13/src/DiskIO/AIO/aio_win32.h
Examining data/squid-4.13/src/DiskIO/ReadRequest.h
Examining data/squid-4.13/src/DiskIO/Blocking/BlockingIOStrategy.h
Examining data/squid-4.13/src/DiskIO/Blocking/BlockingFile.cc
Examining data/squid-4.13/src/DiskIO/Blocking/BlockingDiskIOModule.h
Examining data/squid-4.13/src/DiskIO/Blocking/BlockingDiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/Blocking/BlockingFile.h
Examining data/squid-4.13/src/DiskIO/Blocking/BlockingIOStrategy.cc
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskDaemonDiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskDaemonDiskIOModule.h
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc
Examining data/squid-4.13/src/DiskIO/DiskDaemon/diomsg.h
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.h
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.h
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.h
Examining data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc
Examining data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc
Examining data/squid-4.13/src/DiskIO/DiskIOModule.h
Examining data/squid-4.13/src/DiskIO/WriteRequest.h
Examining data/squid-4.13/src/DiskIO/IpcIo/IpcIoDiskIOModule.cc
Examining data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc
Examining data/squid-4.13/src/DiskIO/IpcIo/IpcIoIOStrategy.h
Examining data/squid-4.13/src/DiskIO/IpcIo/IpcIoIOStrategy.cc
Examining data/squid-4.13/src/DiskIO/IpcIo/IpcIoDiskIOModule.h
Examining data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.h
Examining data/squid-4.13/src/DiskIO/IORequestor.h
Examining data/squid-4.13/src/DelayBucket.cc
Examining data/squid-4.13/src/clientStream.h
Examining data/squid-4.13/src/ClientDelayConfig.h
Examining data/squid-4.13/src/CompletionDispatcher.h
Examining data/squid-4.13/src/StoreMetaVary.h
Examining data/squid-4.13/src/stat.cc
Examining data/squid-4.13/src/FadingCounter.h
Examining data/squid-4.13/src/StoreMetaURL.cc
Examining data/squid-4.13/src/tunnel.cc
Examining data/squid-4.13/src/Pipeline.cc
Examining data/squid-4.13/src/HttpHeaderFieldInfo.h
Examining data/squid-4.13/src/servers/FtpServer.cc
Examining data/squid-4.13/src/servers/forward.h
Examining data/squid-4.13/src/servers/Server.cc
Examining data/squid-4.13/src/servers/Http1Server.cc
Examining data/squid-4.13/src/servers/Http1Server.h
Examining data/squid-4.13/src/servers/FtpServer.h
Examining data/squid-4.13/src/servers/Server.h
Examining data/squid-4.13/src/tools.h
Examining data/squid-4.13/src/sbuf/List.h
Examining data/squid-4.13/src/sbuf/Stream.h
Examining data/squid-4.13/src/sbuf/DetailedStats.h
Examining data/squid-4.13/src/sbuf/Algorithms.h
Examining data/squid-4.13/src/sbuf/SBuf.h
Examining data/squid-4.13/src/sbuf/List.cc
Examining data/squid-4.13/src/sbuf/forward.h
Examining data/squid-4.13/src/sbuf/MemBlob.h
Examining data/squid-4.13/src/sbuf/Algorithms.cc
Examining data/squid-4.13/src/sbuf/Stats.cc
Examining data/squid-4.13/src/sbuf/Stats.h
Examining data/squid-4.13/src/sbuf/SBuf.cc
Examining data/squid-4.13/src/sbuf/MemBlob.cc
Examining data/squid-4.13/src/sbuf/StringConvert.h
Examining data/squid-4.13/src/sbuf/DetailedStats.cc
Examining data/squid-4.13/src/DescriptorSet.h
Examining data/squid-4.13/src/PeerPoolMgr.cc
Examining data/squid-4.13/src/StoreMetaUnpacker.cc
Examining data/squid-4.13/src/Transients.cc
Examining data/squid-4.13/src/StoreIOState.h
Examining data/squid-4.13/src/mime.h
Examining data/squid-4.13/src/EventLoop.cc
Examining data/squid-4.13/src/RefreshPattern.h
Examining data/squid-4.13/src/AclRegs.cc
Examining data/squid-4.13/src/fs/rock/RockIoState.cc
Examining data/squid-4.13/src/fs/rock/RockHeaderUpdater.h
Examining data/squid-4.13/src/fs/rock/RockStoreFileSystem.h
Examining data/squid-4.13/src/fs/rock/RockHeaderUpdater.cc
Examining data/squid-4.13/src/fs/rock/RockIoRequests.h
Examining data/squid-4.13/src/fs/rock/forward.h
Examining data/squid-4.13/src/fs/rock/RockStoreFileSystem.cc
Examining data/squid-4.13/src/fs/rock/RockDbCell.cc
Examining data/squid-4.13/src/fs/rock/RockRebuild.h
Examining data/squid-4.13/src/fs/rock/RockIoState.h
Examining data/squid-4.13/src/fs/rock/RockIoRequests.cc
Examining data/squid-4.13/src/fs/rock/RockDbCell.h
Examining data/squid-4.13/src/fs/rock/RockSwapDir.cc
Examining data/squid-4.13/src/fs/rock/RockRebuild.cc
Examining data/squid-4.13/src/fs/rock/RockSwapDir.h
Examining data/squid-4.13/src/fs/diskd/StoreFSdiskd.cc
Examining data/squid-4.13/src/fs/aufs/StoreFSaufs.cc
Examining data/squid-4.13/src/fs/Module.cc
Examining data/squid-4.13/src/fs/ufs/UFSSwapLogParser.cc
Examining data/squid-4.13/src/fs/ufs/UFSStrategy.h
Examining data/squid-4.13/src/fs/ufs/StoreFSufs.h
Examining data/squid-4.13/src/fs/ufs/StoreFSufs.cc
Examining data/squid-4.13/src/fs/ufs/UFSSwapDir.h
Examining data/squid-4.13/src/fs/ufs/RebuildState.h
Examining data/squid-4.13/src/fs/ufs/RebuildState.cc
Examining data/squid-4.13/src/fs/ufs/UFSStrategy.cc
Examining data/squid-4.13/src/fs/ufs/StoreSearchUFS.h
Examining data/squid-4.13/src/fs/ufs/UFSStoreState.h
Examining data/squid-4.13/src/fs/ufs/UFSSwapDir.cc
Examining data/squid-4.13/src/fs/ufs/StoreSearchUFS.cc
Examining data/squid-4.13/src/fs/ufs/UFSStoreState.cc
Examining data/squid-4.13/src/fs/ufs/UFSSwapLogParser.h
Examining data/squid-4.13/src/fs/Module.h
Examining data/squid-4.13/src/StoreFileSystem.h
Examining data/squid-4.13/src/CommandLine.cc
Examining data/squid-4.13/src/DelayIdComposite.h
Examining data/squid-4.13/src/clientStreamForward.h
Examining data/squid-4.13/src/icp_v2.cc
Examining data/squid-4.13/src/Parsing.cc
Examining data/squid-4.13/src/Store.h
Examining data/squid-4.13/src/RemovalPolicy.h
Examining data/squid-4.13/src/HttpMsg.h
Examining data/squid-4.13/src/LoadableModules.h
Examining data/squid-4.13/src/fs_io.cc
Examining data/squid-4.13/src/http/StatusLine.h
Examining data/squid-4.13/src/http/ContentLengthInterpreter.h
Examining data/squid-4.13/src/http/Stream.cc
Examining data/squid-4.13/src/http/url_rewriters/fake/fake.cc
Examining data/squid-4.13/src/http/Stream.h
Examining data/squid-4.13/src/http/RequestMethod.h
Examining data/squid-4.13/src/http/RegisteredHeaders.h
Examining data/squid-4.13/src/http/one/RequestParser.cc
Examining data/squid-4.13/src/http/one/Parser.h
Examining data/squid-4.13/src/http/one/Tokenizer.cc
Examining data/squid-4.13/src/http/one/TeChunkedParser.h
Examining data/squid-4.13/src/http/one/Parser.cc
Examining data/squid-4.13/src/http/one/Tokenizer.h
Examining data/squid-4.13/src/http/one/forward.h
Examining data/squid-4.13/src/http/one/ResponseParser.h
Examining data/squid-4.13/src/http/one/ResponseParser.cc
Examining data/squid-4.13/src/http/one/TeChunkedParser.cc
Examining data/squid-4.13/src/http/one/RequestParser.h
Examining data/squid-4.13/src/http/forward.h
Examining data/squid-4.13/src/http/RegisteredHeaders.cc
Examining data/squid-4.13/src/http/StateFlags.h
Examining data/squid-4.13/src/http/MethodType.cc
Examining data/squid-4.13/src/http/RequestMethod.cc
Examining data/squid-4.13/src/http/ProtocolVersion.h
Examining data/squid-4.13/src/http/ContentLengthInterpreter.cc
Examining data/squid-4.13/src/http/StatusCode.h
Examining data/squid-4.13/src/http/StatusLine.cc
Examining data/squid-4.13/src/http/StatusCode.cc
Examining data/squid-4.13/src/http/MethodType.h
Examining data/squid-4.13/src/IoStats.h
Examining data/squid-4.13/src/MasterXaction.cc
Examining data/squid-4.13/src/unlinkd.cc
Examining data/squid-4.13/src/defines.h
Examining data/squid-4.13/src/stat.h
Examining data/squid-4.13/src/store_rebuild.h
Examining data/squid-4.13/src/client_db.cc
Examining data/squid-4.13/src/Generic.h
Examining data/squid-4.13/src/snmp_core.cc
Examining data/squid-4.13/src/RequestFlags.cc
Examining data/squid-4.13/src/HttpRequest.cc
Examining data/squid-4.13/src/ip/tools.h
Examining data/squid-4.13/src/ip/Intercept.cc
Examining data/squid-4.13/src/ip/QosConfig.cc
Examining data/squid-4.13/src/ip/Intercept.h
Examining data/squid-4.13/src/ip/forward.h
Examining data/squid-4.13/src/ip/Address.h
Examining data/squid-4.13/src/ip/QosConfig.h
Examining data/squid-4.13/src/ip/Address.cc
Examining data/squid-4.13/src/ip/tools.cc
Examining data/squid-4.13/src/fde.h
Examining data/squid-4.13/src/HttpControlMsg.cc
Examining data/squid-4.13/src/CompositePoolNode.h
Examining data/squid-4.13/src/DelayUser.cc
Examining data/squid-4.13/src/peer_userhash.cc
Examining data/squid-4.13/src/HttpMsg.cc
Examining data/squid-4.13/src/errorpage.cc
Examining data/squid-4.13/src/ConfigOption.h
Examining data/squid-4.13/src/FwdState.cc
Examining data/squid-4.13/src/SquidIpc.h
Examining data/squid-4.13/src/ufsdump.cc
Examining data/squid-4.13/src/internal.h
Examining data/squid-4.13/src/DelayPools.h
Examining data/squid-4.13/src/store_key_md5.h
Examining data/squid-4.13/src/DelayConfig.h
Examining data/squid-4.13/src/ConfigOption.cc
Examining data/squid-4.13/src/DelayVector.cc
Examining data/squid-4.13/src/CompletionDispatcher.cc
Examining data/squid-4.13/src/int.h
Examining data/squid-4.13/src/swap_log_op.cc
Examining data/squid-4.13/src/HierarchyLogEntry.h
Examining data/squid-4.13/src/send-announce.cc
Examining data/squid-4.13/src/StrList.cc
Examining data/squid-4.13/src/StatHist.cc
Examining data/squid-4.13/src/BodyPipe.h
Examining data/squid-4.13/src/PeerPoolMgr.h
Examining data/squid-4.13/src/CacheDigest.h
Examining data/squid-4.13/src/helper.cc
Examining data/squid-4.13/src/peer_userhash.h
Examining data/squid-4.13/src/CollapsedForwarding.h
Examining data/squid-4.13/src/mem_node.h
Examining data/squid-4.13/src/enums.h
Examining data/squid-4.13/src/HttpHdrCc.cc
Examining data/squid-4.13/src/SquidString.h
Examining data/squid-4.13/src/SquidConfig.h
Examining data/squid-4.13/src/wccp2.cc
Examining data/squid-4.13/src/snmp_agent.h
Examining data/squid-4.13/src/ClientInfo.h
Examining data/squid-4.13/src/ipc_win32.cc
Examining data/squid-4.13/src/ClientRequestContext.h
Examining data/squid-4.13/src/StoreMetaURL.h
Examining data/squid-4.13/src/ExternalACL.h
Examining data/squid-4.13/src/CommCalls.h
Examining data/squid-4.13/src/refresh.cc
Examining data/squid-4.13/src/ExternalACLEntry.h
Examining data/squid-4.13/src/store_digest.cc
Examining data/squid-4.13/src/ETag.h
Examining data/squid-4.13/src/MessageSizes.h
Examining data/squid-4.13/src/dlink.h
Examining data/squid-4.13/src/win32.cc
Examining data/squid-4.13/src/security/NegotiationHistory.h
Examining data/squid-4.13/src/security/KeyData.h
Examining data/squid-4.13/src/security/KeyData.cc
Examining data/squid-4.13/src/security/ServerOptions.cc
Examining data/squid-4.13/src/security/NegotiationHistory.cc
Examining data/squid-4.13/src/security/CertError.h
Examining data/squid-4.13/src/security/PeerOptions.cc
Examining data/squid-4.13/src/security/BlindPeerConnector.cc
Examining data/squid-4.13/src/security/cert_generators/file/certificate_db.cc
Examining data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc
Examining data/squid-4.13/src/security/cert_generators/file/certificate_db.h
Examining data/squid-4.13/src/security/EncryptorAnswer.cc
Examining data/squid-4.13/src/security/PeerOptions.h
Examining data/squid-4.13/src/security/LockingPointer.h
Examining data/squid-4.13/src/security/PeerConnector.cc
Examining data/squid-4.13/src/security/Handshake.h
Examining data/squid-4.13/src/security/forward.h
Examining data/squid-4.13/src/security/ServerOptions.h
Examining data/squid-4.13/src/security/Session.h
Examining data/squid-4.13/src/security/Context.h
Examining data/squid-4.13/src/security/Session.cc
Examining data/squid-4.13/src/security/PeerConnector.h
Examining data/squid-4.13/src/security/BlindPeerConnector.h
Examining data/squid-4.13/src/security/Handshake.cc
Examining data/squid-4.13/src/security/EncryptorAnswer.h
Examining data/squid-4.13/src/StoreStats.h
Examining data/squid-4.13/src/snmp_agent.cc
Examining data/squid-4.13/src/icp_v3.cc
Examining data/squid-4.13/src/DelayTagged.cc
Examining data/squid-4.13/src/TimeOrTag.h
Examining data/squid-4.13/src/filemap.cc
Examining data/squid-4.13/src/fatal.cc
Examining data/squid-4.13/src/FileMap.h
Examining data/squid-4.13/src/CpuAffinitySet.h
Examining data/squid-4.13/src/HttpHeader.h
Examining data/squid-4.13/src/HttpHdrContRange.cc
Examining data/squid-4.13/src/HttpControlMsg.h
Examining data/squid-4.13/src/StatCounters.cc
Examining data/squid-4.13/src/DelayBucket.h
Examining data/squid-4.13/src/store_client.cc
Examining data/squid-4.13/src/CollapsedForwarding.cc
Examining data/squid-4.13/src/StoreClient.h
Examining data/squid-4.13/src/HttpHdrContRange.h
Examining data/squid-4.13/src/BodyPipe.cc
Examining data/squid-4.13/src/store_digest.h
Examining data/squid-4.13/src/DelaySpec.cc
Examining data/squid-4.13/src/fd.cc
Examining data/squid-4.13/src/dns/rfc2671.cc
Examining data/squid-4.13/src/dns/rfc1035.h
Examining data/squid-4.13/src/dns/LookupDetails.h
Examining data/squid-4.13/src/dns/forward.h
Examining data/squid-4.13/src/dns/rfc2671.h
Examining data/squid-4.13/src/dns/rfc3596.cc
Examining data/squid-4.13/src/dns/LookupDetails.cc
Examining data/squid-4.13/src/dns/rfc3596.h
Examining data/squid-4.13/src/dns/rfc1035.cc
Examining data/squid-4.13/src/pconn.h
Examining data/squid-4.13/src/mem/PoolChunked.h
Examining data/squid-4.13/src/mem/Pool.cc
Examining data/squid-4.13/src/mem/forward.h
Examining data/squid-4.13/src/mem/PoolMalloc.cc
Examining data/squid-4.13/src/mem/old_api.cc
Examining data/squid-4.13/src/mem/PoolMalloc.h
Examining data/squid-4.13/src/mem/Pool.h
Examining data/squid-4.13/src/mem/AllocatorProxy.h
Examining data/squid-4.13/src/mem/PoolChunked.cc
Examining data/squid-4.13/src/mem/AllocatorProxy.cc
Examining data/squid-4.13/src/mem/Meter.h
Examining data/squid-4.13/src/PeerDigest.h
Examining data/squid-4.13/src/StoreMetaSTDLFS.h
Examining data/squid-4.13/src/CommRead.h
Examining data/squid-4.13/src/errorpage.h
Examining data/squid-4.13/src/win32.h
Examining data/squid-4.13/src/peer_digest.cc
Examining data/squid-4.13/src/AccessLogEntry.cc
Examining data/squid-4.13/src/SBufStatsAction.h
Examining data/squid-4.13/src/FwdState.h
Examining data/squid-4.13/src/MemObject.cc
Examining data/squid-4.13/src/stmem.h
Examining data/squid-4.13/src/helper.h
Examining data/squid-4.13/src/StoreMetaSTD.h
Examining data/squid-4.13/src/StoreMetaSTDLFS.cc
Examining data/squid-4.13/src/cache_cf.cc
Examining data/squid-4.13/src/stmem.cc
Examining data/squid-4.13/src/XactionInitiator.h
Examining data/squid-4.13/src/DelayId.cc
Examining data/squid-4.13/src/protos.h
Examining data/squid-4.13/src/format/Quoting.cc
Examining data/squid-4.13/src/format/Format.cc
Examining data/squid-4.13/src/format/Token.cc
Examining data/squid-4.13/src/format/Config.h
Examining data/squid-4.13/src/format/TokenTableEntry.h
Examining data/squid-4.13/src/format/ByteCode.h
Examining data/squid-4.13/src/format/Format.h
Examining data/squid-4.13/src/format/Token.h
Examining data/squid-4.13/src/format/Config.cc
Examining data/squid-4.13/src/format/Quoting.h
Examining data/squid-4.13/src/carp.h
Examining data/squid-4.13/src/helper/ChildConfig.cc
Examining data/squid-4.13/src/helper/forward.h
Examining data/squid-4.13/src/helper/Reply.h
Examining data/squid-4.13/src/helper/protocol_defines.h
Examining data/squid-4.13/src/helper/Reply.cc
Examining data/squid-4.13/src/helper/ResultCode.h
Examining data/squid-4.13/src/helper/Request.h
Examining data/squid-4.13/src/helper/ChildConfig.h
Examining data/squid-4.13/src/snmp_core.h
Examining data/squid-4.13/src/LeakFinder.cc
Examining data/squid-4.13/src/fatal.h
Examining data/squid-4.13/src/StoreMetaVary.cc
Examining data/squid-4.13/src/http.h
Examining data/squid-4.13/src/htcp.h
Examining data/squid-4.13/src/Pipeline.h
Examining data/squid-4.13/src/store_swapin.cc
Examining data/squid-4.13/src/ipcache.h
Examining data/squid-4.13/src/CommandLine.h
Examining data/squid-4.13/src/DelayPool.cc
Examining data/squid-4.13/src/htcp.cc
Examining data/squid-4.13/src/client_db.h
Examining data/squid-4.13/src/ExternalACLEntry.cc
Examining data/squid-4.13/src/HttpBody.cc
Examining data/squid-4.13/src/LeakFinder.h
Examining data/squid-4.13/src/base/AsyncJob.cc
Examining data/squid-4.13/src/base/Packable.h
Examining data/squid-4.13/src/base/EnumIterator.h
Examining data/squid-4.13/src/base/Subscription.h
Examining data/squid-4.13/src/base/RefCount.h
Examining data/squid-4.13/src/base/CharacterSet.h
Examining data/squid-4.13/src/base/TextException.h
Examining data/squid-4.13/src/base/TextException.cc
Examining data/squid-4.13/src/base/Here.cc
Examining data/squid-4.13/src/base/CbcPointer.h
Examining data/squid-4.13/src/base/RegexPattern.h
Examining data/squid-4.13/src/base/CharacterSet.cc
Examining data/squid-4.13/src/base/File.cc
Examining data/squid-4.13/src/base/AsyncJobCalls.h
Examining data/squid-4.13/src/base/ByteCounter.h
Examining data/squid-4.13/src/base/LruMap.h
Examining data/squid-4.13/src/base/YesNoNone.h
Examining data/squid-4.13/src/base/AsyncJob.h
Examining data/squid-4.13/src/base/Here.h
Examining data/squid-4.13/src/base/AsyncCall.h
Examining data/squid-4.13/src/base/File.h
Examining data/squid-4.13/src/base/Lock.h
Examining data/squid-4.13/src/base/AsyncCall.cc
Examining data/squid-4.13/src/base/LookupTable.h
Examining data/squid-4.13/src/base/InstanceId.h
Examining data/squid-4.13/src/base/RunnersRegistry.h
Examining data/squid-4.13/src/base/RegexPattern.cc
Examining data/squid-4.13/src/base/AsyncCallQueue.h
Examining data/squid-4.13/src/base/AsyncCbdataCalls.h
Examining data/squid-4.13/src/base/RunnersRegistry.cc
Examining data/squid-4.13/src/base/PackableStream.h
Examining data/squid-4.13/src/base/HardFun.h
Examining data/squid-4.13/src/base/AsyncCallQueue.cc
Examining data/squid-4.13/src/base/CbDataList.h
Examining data/squid-4.13/src/CommonPool.h
Examining data/squid-4.13/src/XactionInitiator.cc
Examining data/squid-4.13/src/debug.cc
Examining data/squid-4.13/src/send-announce.h
Examining data/squid-4.13/src/CpuAffinity.h
Examining data/squid-4.13/src/whois.h
Examining data/squid-4.13/src/MasterXaction.h
Examining data/squid-4.13/src/time.cc
Examining data/squid-4.13/src/client_side_reply.cc
Examining data/squid-4.13/src/redirect.h
Examining data/squid-4.13/src/Parsing.h
Examining data/squid-4.13/src/LogTags.cc
Examining data/squid-4.13/src/anyp/UriScheme.h
Examining data/squid-4.13/src/anyp/PortCfg.h
Examining data/squid-4.13/src/anyp/ProtocolType.cc
Examining data/squid-4.13/src/anyp/Uri.cc
Examining data/squid-4.13/src/anyp/ProtocolType.h
Examining data/squid-4.13/src/anyp/PortCfg.cc
Examining data/squid-4.13/src/anyp/forward.h
Examining data/squid-4.13/src/anyp/TrafficMode.h
Examining data/squid-4.13/src/anyp/UriScheme.cc
Examining data/squid-4.13/src/anyp/ProtocolVersion.h
Examining data/squid-4.13/src/anyp/Uri.h
Examining data/squid-4.13/src/StoreMetaUnpacker.h
Examining data/squid-4.13/src/StoreMeta.cc
Examining data/squid-4.13/src/DelayPool.h
Examining data/squid-4.13/src/mime.cc
Examining data/squid-4.13/src/StatCounters.h
Examining data/squid-4.13/src/cache_manager.cc
Examining data/squid-4.13/src/Downloader.h
Examining data/squid-4.13/src/auth/AclProxyAuth.cc
Examining data/squid-4.13/src/auth/Acl.cc
Examining data/squid-4.13/src/auth/Acl.h
Examining data/squid-4.13/src/auth/Scheme.cc
Examining data/squid-4.13/src/auth/Type.h
Examining data/squid-4.13/src/auth/QueueNode.h
Examining data/squid-4.13/src/auth/AuthAclState.h
Examining data/squid-4.13/src/auth/State.h
Examining data/squid-4.13/src/auth/AclMaxUserIp.cc
Examining data/squid-4.13/src/auth/Gadgets.h
Examining data/squid-4.13/src/auth/AclProxyAuth.h
Examining data/squid-4.13/src/auth/CredentialState.h
Examining data/squid-4.13/src/auth/CredentialsCache.h
Examining data/squid-4.13/src/auth/User.cc
Examining data/squid-4.13/src/auth/State.cc
Examining data/squid-4.13/src/auth/Config.h
Examining data/squid-4.13/src/auth/AclMaxUserIp.h
Examining data/squid-4.13/src/auth/Scheme.h
Examining data/squid-4.13/src/auth/UserRequest.h
Examining data/squid-4.13/src/auth/CredentialsCache.cc
Examining data/squid-4.13/src/auth/Gadgets.cc
Examining data/squid-4.13/src/auth/negotiate/Scheme.cc
Examining data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc
Examining data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos.h
Examining data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc
Examining data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc
Examining data/squid-4.13/src/auth/negotiate/User.cc
Examining data/squid-4.13/src/auth/negotiate/Config.h
Examining data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc
Examining data/squid-4.13/src/auth/negotiate/Scheme.h
Examining data/squid-4.13/src/auth/negotiate/UserRequest.h
Examining data/squid-4.13/src/auth/negotiate/Config.cc
Examining data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc
Examining data/squid-4.13/src/auth/negotiate/UserRequest.cc
Examining data/squid-4.13/src/auth/negotiate/User.h
Examining data/squid-4.13/src/auth/Config.cc
Examining data/squid-4.13/src/auth/CredentialState.cc
Examining data/squid-4.13/src/auth/Type.cc
Examining data/squid-4.13/src/auth/digest/Scheme.cc
Examining data/squid-4.13/src/auth/digest/eDirectory/digest_common.h
Examining data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc
Examining data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.h
Examining data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc
Examining data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.h
Examining data/squid-4.13/src/auth/digest/eDirectory/digest_pw_auth.cc
Examining data/squid-4.13/src/auth/digest/User.cc
Examining data/squid-4.13/src/auth/digest/Config.h
Examining data/squid-4.13/src/auth/digest/Scheme.h
Examining data/squid-4.13/src/auth/digest/UserRequest.h
Examining data/squid-4.13/src/auth/digest/LDAP/digest_common.h
Examining data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc
Examining data/squid-4.13/src/auth/digest/LDAP/ldap_backend.h
Examining data/squid-4.13/src/auth/digest/LDAP/digest_pw_auth.cc
Examining data/squid-4.13/src/auth/digest/file/digest_common.h
Examining data/squid-4.13/src/auth/digest/file/text_backend.cc
Examining data/squid-4.13/src/auth/digest/file/text_backend.h
Examining data/squid-4.13/src/auth/digest/file/digest_file_auth.cc
Examining data/squid-4.13/src/auth/digest/Config.cc
Examining data/squid-4.13/src/auth/digest/UserRequest.cc
Examining data/squid-4.13/src/auth/digest/User.h
Examining data/squid-4.13/src/auth/UserRequest.cc
Examining data/squid-4.13/src/auth/User.h
Examining data/squid-4.13/src/auth/basic/Scheme.cc
Examining data/squid-4.13/src/auth/basic/NIS/nis_support.cc
Examining data/squid-4.13/src/auth/basic/NIS/nis_support.h
Examining data/squid-4.13/src/auth/basic/NIS/basic_nis_auth.cc
Examining data/squid-4.13/src/auth/basic/SMB_LM/valid.cc
Examining data/squid-4.13/src/auth/basic/SMB_LM/msntauth.cc
Examining data/squid-4.13/src/auth/basic/SMB_LM/valid.h
Examining data/squid-4.13/src/auth/basic/SMB_LM/msntauth.h
Examining data/squid-4.13/src/auth/basic/fake/fake.cc
Examining data/squid-4.13/src/auth/basic/User.cc
Examining data/squid-4.13/src/auth/basic/Config.h
Examining data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc
Examining data/squid-4.13/src/auth/basic/SSPI/valid.cc
Examining data/squid-4.13/src/auth/basic/SSPI/valid.h
Examining data/squid-4.13/src/auth/basic/getpwnam/basic_getpwnam_auth.cc
Examining data/squid-4.13/src/auth/basic/Scheme.h
Examining data/squid-4.13/src/auth/basic/UserRequest.h
Examining data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc
Examining data/squid-4.13/src/auth/basic/PAM/basic_pam_auth.cc
Examining data/squid-4.13/src/auth/basic/SASL/basic_sasl_auth.cc
Examining data/squid-4.13/src/auth/basic/Config.cc
Examining data/squid-4.13/src/auth/basic/SMB/basic_smb_auth.cc
Examining data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc
Examining data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc
Examining data/squid-4.13/src/auth/basic/NCSA/crypt_md5.h
Examining data/squid-4.13/src/auth/basic/UserRequest.cc
Examining data/squid-4.13/src/auth/basic/User.h
Examining data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc
Examining data/squid-4.13/src/auth/basic/RADIUS/radius-util.h
Examining data/squid-4.13/src/auth/basic/RADIUS/radius-util.cc
Examining data/squid-4.13/src/auth/basic/RADIUS/radius.h
Examining data/squid-4.13/src/auth/ntlm/Scheme.cc
Examining data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc
Examining data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc
Examining data/squid-4.13/src/auth/ntlm/User.cc
Examining data/squid-4.13/src/auth/ntlm/Config.h
Examining data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc
Examining data/squid-4.13/src/auth/ntlm/Scheme.h
Examining data/squid-4.13/src/auth/ntlm/UserRequest.h
Examining data/squid-4.13/src/auth/ntlm/Config.cc
Examining data/squid-4.13/src/auth/ntlm/UserRequest.cc
Examining data/squid-4.13/src/auth/ntlm/User.h
Examining data/squid-4.13/src/main.cc
Examining data/squid-4.13/src/LoadableModule.h
Examining data/squid-4.13/src/ClientDelayConfig.cc
Examining data/squid-4.13/src/ConfigParser.h
Examining data/squid-4.13/src/MemBuf.cc
Examining data/squid-4.13/src/unlinkd.h
Examining data/squid-4.13/src/tests/stub_whois.cc
Examining data/squid-4.13/src/tests/testCacheManager.cc
Examining data/squid-4.13/src/tests/stub_SBufDetailedStats.cc
Examining data/squid-4.13/src/tests/testSBufList.cc
Examining data/squid-4.13/src/tests/stub_fatal.cc
Examining data/squid-4.13/src/tests/testDiskIO.cc
Examining data/squid-4.13/src/tests/testHttp1Parser.h
Examining data/squid-4.13/src/tests/testTokenizer.h
Examining data/squid-4.13/src/tests/testEvent.h
Examining data/squid-4.13/src/tests/testACLMaxUserIP.cc
Examining data/squid-4.13/src/tests/stub_libicmp.cc
Examining data/squid-4.13/src/tests/stub_wordlist.cc
Examining data/squid-4.13/src/tests/testUfs.cc
Examining data/squid-4.13/src/tests/stub_MemBuf.cc
Examining data/squid-4.13/src/tests/stub_client_db.cc
Examining data/squid-4.13/src/tests/CapturingStoreEntry.h
Examining data/squid-4.13/src/tests/testStoreSupport.h
Examining data/squid-4.13/src/tests/testHttpReply.h
Examining data/squid-4.13/src/tests/testHttp1Parser.cc
Examining data/squid-4.13/src/tests/testPackableStream.h
Examining data/squid-4.13/src/tests/stub_ipc_Forwarder.cc
Examining data/squid-4.13/src/tests/testSBuf.h
Examining data/squid-4.13/src/tests/TestSwapDir.h
Examining data/squid-4.13/src/tests/testStore.cc
Examining data/squid-4.13/src/tests/stub_external_acl.cc
Examining data/squid-4.13/src/tests/stub_redirect.cc
Examining data/squid-4.13/src/tests/testUriScheme.h
Examining data/squid-4.13/src/tests/stub_tunnel.cc
Examining data/squid-4.13/src/tests/testYesNoNone.h
Examining data/squid-4.13/src/tests/testBoilerplate.cc
Examining data/squid-4.13/src/tests/testConfigParser.h
Examining data/squid-4.13/src/tests/testCacheManager.h
Examining data/squid-4.13/src/tests/testRock.cc
Examining data/squid-4.13/src/tests/stub_fd.cc
Examining data/squid-4.13/src/tests/testYesNoNone.cc
Examining data/squid-4.13/src/tests/stub_errorpage.cc
Examining data/squid-4.13/src/tests/stub_carp.cc
Examining data/squid-4.13/src/tests/stub_internal.cc
Examining data/squid-4.13/src/tests/stub_mime.cc
Examining data/squid-4.13/src/tests/testStatHist.cc
Examining data/squid-4.13/src/tests/testAddress.cc
Examining data/squid-4.13/src/tests/testPackableStream.cc
Examining data/squid-4.13/src/tests/stub_access_log.cc
Examining data/squid-4.13/src/tests/testEventLoop.h
Examining data/squid-4.13/src/tests/stub_ETag.cc
Examining data/squid-4.13/src/tests/stub_libauth_acls.cc
Examining data/squid-4.13/src/tests/stub_stat.cc
Examining data/squid-4.13/src/tests/testStoreSupport.cc
Examining data/squid-4.13/src/tests/stub_icp.cc
Examining data/squid-4.13/src/tests/stub_libmem.cc
Examining data/squid-4.13/src/tests/stub_stmem.cc
Examining data/squid-4.13/src/tests/testRFC1035.h
Examining data/squid-4.13/src/tests/stub_HttpRequest.cc
Examining data/squid-4.13/src/tests/testAddress.h
Examining data/squid-4.13/src/tests/testNetDb.cc
Examining data/squid-4.13/src/tests/stub_libformat.cc
Examining data/squid-4.13/src/tests/testString.h
Examining data/squid-4.13/src/tests/testEnumIterator.cc
Examining data/squid-4.13/src/tests/stub_HttpReply.cc
Examining data/squid-4.13/src/tests/testSBuf.cc
Examining data/squid-4.13/src/tests/stub_libmgr.cc
Examining data/squid-4.13/src/tests/stub_StoreMeta.cc
Examining data/squid-4.13/src/tests/SBufFindTest.h
Examining data/squid-4.13/src/tests/stub_libanyp.cc
Examining data/squid-4.13/src/tests/testCharacterSet.h
Examining data/squid-4.13/src/tests/testRock.h
Examining data/squid-4.13/src/tests/stub_SBuf.cc
Examining data/squid-4.13/src/tests/stub_EventLoop.cc
Examining data/squid-4.13/src/tests/stub_CacheDigest.cc
Examining data/squid-4.13/src/tests/stub_helper.cc
Examining data/squid-4.13/src/tests/stub_libsslsquid.cc
Examining data/squid-4.13/src/tests/testHttpRequestMethod.cc
Examining data/squid-4.13/src/tests/stub_neighbors.cc
Examining data/squid-4.13/src/tests/stub_Port.cc
Examining data/squid-4.13/src/tests/stub_libauth.cc
Examining data/squid-4.13/src/tests/testDiskIO.h
Examining data/squid-4.13/src/tests/testLookupTable.h
Examining data/squid-4.13/src/tests/stub_HelperChildConfig.cc
Examining data/squid-4.13/src/tests/testConfigParser.cc
Examining data/squid-4.13/src/tests/testStoreController.h
Examining data/squid-4.13/src/tests/testSBufList.h
Examining data/squid-4.13/src/tests/stub_time.cc
Examining data/squid-4.13/src/tests/stub_cbdata.cc
Examining data/squid-4.13/src/tests/testRefCount.cc
Examining data/squid-4.13/src/tests/stub_MemStore.cc
Examining data/squid-4.13/src/tests/stub_client_side_request.cc
Examining data/squid-4.13/src/tests/testString.cc
Examining data/squid-4.13/src/tests/testURL.cc
Examining data/squid-4.13/src/tests/testEnumIterator.h
Examining data/squid-4.13/src/tests/testEvent.cc
Examining data/squid-4.13/src/tests/testBoilerplate.h
Examining data/squid-4.13/src/tests/testHttpRequest.h
Examining data/squid-4.13/src/tests/stub_HttpControlMsg.cc
Examining data/squid-4.13/src/tests/stub_UdsOp.cc
Examining data/squid-4.13/src/tests/testRFC1035.cc
Examining data/squid-4.13/src/tests/testStore.h
Examining data/squid-4.13/src/tests/test_http_range.cc
Examining data/squid-4.13/src/tests/testHttpRequestMethod.h
Examining data/squid-4.13/src/tests/stub_comm.cc
Examining data/squid-4.13/src/tests/stub_libdiskio.cc
Examining data/squid-4.13/src/tests/stub_cache_cf.cc
Examining data/squid-4.13/src/tests/stub_StatHist.cc
Examining data/squid-4.13/src/tests/stub_cache_manager.cc
Examining data/squid-4.13/src/tests/stub_tools.cc
Examining data/squid-4.13/src/tests/stub_ipc.cc
Examining data/squid-4.13/src/tests/stub_store_swapout.cc
Examining data/squid-4.13/src/tests/stub_libcomm.cc
Examining data/squid-4.13/src/tests/testEventLoop.cc
Examining data/squid-4.13/src/tests/stub_CollapsedForwarding.cc
Examining data/squid-4.13/src/tests/testURL.h
Examining data/squid-4.13/src/tests/stub_MemObject.cc
Examining data/squid-4.13/src/tests/stub_pconn.cc
Examining data/squid-4.13/src/tests/testStoreController.cc
Examining data/squid-4.13/src/tests/stub_mem_node.cc
Examining data/squid-4.13/src/tests/testStatHist.h
Examining data/squid-4.13/src/tests/STUB.h
Examining data/squid-4.13/src/tests/testIcmp.cc
Examining data/squid-4.13/src/tests/stub_wccp2.cc
Examining data/squid-4.13/src/tests/stub_debug.cc
Examining data/squid-4.13/src/tests/testIcmp.h
Examining data/squid-4.13/src/tests/testStoreHashIndex.h
Examining data/squid-4.13/src/tests/testStoreHashIndex.cc
Examining data/squid-4.13/src/tests/testHttpReply.cc
Examining data/squid-4.13/src/tests/stub_store_rebuild.cc
Examining data/squid-4.13/src/tests/stub_store_client.cc
Examining data/squid-4.13/src/tests/SBufFindTest.cc
Examining data/squid-4.13/src/tests/stub_acl.cc
Examining data/squid-4.13/src/tests/testCharacterSet.cc
Examining data/squid-4.13/src/tests/testUfs.h
Examining data/squid-4.13/src/tests/testNetDb.h
Examining data/squid-4.13/src/tests/stub_ipc_TypedMsgHdr.cc
Examining data/squid-4.13/src/tests/stub_store_stats.cc
Examining data/squid-4.13/src/tests/testACLMaxUserIP.h
Examining data/squid-4.13/src/tests/stub_main_cc.cc
Examining data/squid-4.13/src/tests/stub_ipcache.cc
Examining data/squid-4.13/src/tests/stub_store_digest.cc
Examining data/squid-4.13/src/tests/stub_liblog.cc
Examining data/squid-4.13/src/tests/stub_SwapDir.cc
Examining data/squid-4.13/src/tests/testTokenizer.cc
Examining data/squid-4.13/src/tests/testHttpRequest.cc
Examining data/squid-4.13/src/tests/stub_libeui.cc
Examining data/squid-4.13/src/tests/stub_store.cc
Examining data/squid-4.13/src/tests/stub_DelayId.cc
Examining data/squid-4.13/src/tests/stub_event.cc
Examining data/squid-4.13/src/tests/testUriScheme.cc
Examining data/squid-4.13/src/tests/stub_libsecurity.cc
Examining data/squid-4.13/src/tests/TestSwapDir.cc
Examining data/squid-4.13/src/tests/stub_http.cc
Examining data/squid-4.13/src/tests/stub_client_side.cc
Examining data/squid-4.13/src/tests/testLookupTable.cc
Examining data/squid-4.13/src/tests/stub_CommIO.cc
Examining data/squid-4.13/src/eui/Eui48.h
Examining data/squid-4.13/src/eui/Eui64.h
Examining data/squid-4.13/src/eui/Config.h
Examining data/squid-4.13/src/eui/Eui48.cc
Examining data/squid-4.13/src/eui/Eui64.cc
Examining data/squid-4.13/src/eui/Config.cc
Examining data/squid-4.13/src/CacheManager.h
Examining data/squid-4.13/src/hier_code.h
Examining data/squid-4.13/src/mime_header.cc
Examining data/squid-4.13/src/SquidConfig.cc
Examining data/squid-4.13/src/SquidTime.h
Examining data/squid-4.13/src/neighbors.cc
Examining data/squid-4.13/src/ETag.cc
Examining data/squid-4.13/src/event.h
Examining data/squid-4.13/src/SBufStatsAction.cc
Examining data/squid-4.13/src/StoreSwapLogData.cc
Examining data/squid-4.13/src/comm.cc
Examining data/squid-4.13/src/wccp.h
Examining data/squid-4.13/src/external_acl.cc
Examining data/squid-4.13/src/unlinkd_daemon.cc
Examining data/squid-4.13/src/WinSvc.cc
Examining data/squid-4.13/src/LoadableModules.cc
Examining data/squid-4.13/src/HttpHeaderMask.h
Examining data/squid-4.13/src/CpuAffinity.cc
Examining data/squid-4.13/src/AsyncEngine.cc
Examining data/squid-4.13/src/repl_modules.h
Examining data/squid-4.13/src/StoreFileSystem.cc
Examining data/squid-4.13/src/esi/Assign.h
Examining data/squid-4.13/src/esi/Assign.cc
Examining data/squid-4.13/src/esi/Parser.h
Examining data/squid-4.13/src/esi/ExpatParser.h
Examining data/squid-4.13/src/esi/Segment.h
Examining data/squid-4.13/src/esi/Sequence.cc
Examining data/squid-4.13/src/esi/Include.cc
Examining data/squid-4.13/src/esi/Attempt.h
Examining data/squid-4.13/src/esi/Esi.h
Examining data/squid-4.13/src/esi/VarState.h
Examining data/squid-4.13/src/esi/Libxml2Parser.h
Examining data/squid-4.13/src/esi/Include.h
Examining data/squid-4.13/src/esi/VarState.cc
Examining data/squid-4.13/src/esi/Module.cc
Examining data/squid-4.13/src/esi/Parser.cc
Examining data/squid-4.13/src/esi/Element.h
Examining data/squid-4.13/src/esi/Sequence.h
Examining data/squid-4.13/src/esi/Context.h
Examining data/squid-4.13/src/esi/Segment.cc
Examining data/squid-4.13/src/esi/Libxml2Parser.cc
Examining data/squid-4.13/src/esi/Context.cc
Examining data/squid-4.13/src/esi/Module.h
Examining data/squid-4.13/src/esi/Expression.cc
Examining data/squid-4.13/src/esi/Expression.h
Examining data/squid-4.13/src/esi/Var.h
Examining data/squid-4.13/src/esi/Except.h
Examining data/squid-4.13/src/esi/Esi.cc
Examining data/squid-4.13/src/esi/ExpatParser.cc
Examining data/squid-4.13/src/esi/Literal.h
Examining data/squid-4.13/src/HttpHdrSc.h
Examining data/squid-4.13/src/cache_cf.h
Examining data/squid-4.13/src/SquidNew.cc
Examining data/squid-4.13/src/DelayVector.h
Examining data/squid-4.13/src/store_swapout.cc
Examining data/squid-4.13/src/cbdata.h
Examining data/squid-4.13/src/ftp/Parsing.cc
Examining data/squid-4.13/src/ftp/Parsing.h
Examining data/squid-4.13/src/ftp/Elements.cc
Examining data/squid-4.13/src/ftp/Elements.h
Examining data/squid-4.13/src/cbdata.cc
Examining data/squid-4.13/src/ipcache.cc
Examining data/squid-4.13/src/PeerSelectState.h
Examining data/squid-4.13/src/AsyncEngine.h
Examining data/squid-4.13/src/CachePeer.h
Examining data/squid-4.13/src/mgr/IntParam.cc
Examining data/squid-4.13/src/mgr/QueryParams.cc
Examining data/squid-4.13/src/mgr/CountersAction.cc
Examining data/squid-4.13/src/mgr/IntervalAction.h
Examining data/squid-4.13/src/mgr/Forwarder.cc
Examining data/squid-4.13/src/mgr/Forwarder.h
Examining data/squid-4.13/src/mgr/StoreIoAction.h
Examining data/squid-4.13/src/mgr/InfoAction.cc
Examining data/squid-4.13/src/mgr/QueryParam.h
Examining data/squid-4.13/src/mgr/ActionParams.cc
Examining data/squid-4.13/src/mgr/IoAction.cc
Examining data/squid-4.13/src/mgr/StringParam.cc
Examining data/squid-4.13/src/mgr/Filler.cc
Examining data/squid-4.13/src/mgr/Response.cc
Examining data/squid-4.13/src/mgr/ServiceTimesAction.h
Examining data/squid-4.13/src/mgr/Action.cc
Examining data/squid-4.13/src/mgr/IntParam.h
Examining data/squid-4.13/src/mgr/CountersAction.h
Examining data/squid-4.13/src/mgr/Command.cc
Examining data/squid-4.13/src/mgr/BasicActions.cc
Examining data/squid-4.13/src/mgr/ActionCreator.h
Examining data/squid-4.13/src/mgr/ActionWriter.h
Examining data/squid-4.13/src/mgr/forward.h
Examining data/squid-4.13/src/mgr/Registration.h
Examining data/squid-4.13/src/mgr/IoAction.h
Examining data/squid-4.13/src/mgr/Command.h
Examining data/squid-4.13/src/mgr/ActionPasswordList.cc
Examining data/squid-4.13/src/mgr/StoreToCommWriter.h
Examining data/squid-4.13/src/mgr/BasicActions.h
Examining data/squid-4.13/src/mgr/Request.cc
Examining data/squid-4.13/src/mgr/Response.h
Examining data/squid-4.13/src/mgr/IntervalAction.cc
Examining data/squid-4.13/src/mgr/StoreToCommWriter.cc
Examining data/squid-4.13/src/mgr/QueryParams.h
Examining data/squid-4.13/src/mgr/FunAction.h
Examining data/squid-4.13/src/mgr/InfoAction.h
Examining data/squid-4.13/src/mgr/Action.h
Examining data/squid-4.13/src/mgr/Registration.cc
Examining data/squid-4.13/src/mgr/StringParam.h
Examining data/squid-4.13/src/mgr/ActionWriter.cc
Examining data/squid-4.13/src/mgr/StoreIoAction.cc
Examining data/squid-4.13/src/mgr/ActionProfile.h
Examining data/squid-4.13/src/mgr/FunAction.cc
Examining data/squid-4.13/src/mgr/ServiceTimesAction.cc
Examining data/squid-4.13/src/mgr/ActionParams.h
Examining data/squid-4.13/src/mgr/Filler.h
Examining data/squid-4.13/src/mgr/Request.h
Examining data/squid-4.13/src/mgr/Inquirer.cc
Examining data/squid-4.13/src/mgr/ActionPasswordList.h
Examining data/squid-4.13/src/mgr/Inquirer.h
Examining data/squid-4.13/src/SnmpRequest.h
Examining data/squid-4.13/src/StoreStats.cc
Examining data/squid-4.13/src/peer_sourcehash.h
Examining data/squid-4.13/src/RemovalPolicy.cc
Examining data/squid-4.13/src/peer_proxy_negotiate_auth.h
Examining data/squid-4.13/src/client_side_request.cc
Examining data/squid-4.13/src/DelayUser.h
Examining data/squid-4.13/src/repl/lru/store_repl_lru.cc
Examining data/squid-4.13/src/repl/heap/store_heap_replacement.h
Examining data/squid-4.13/src/repl/heap/store_heap_replacement.cc
Examining data/squid-4.13/src/repl/heap/store_repl_heap.cc
Examining data/squid-4.13/src/DescriptorSet.cc
Examining data/squid-4.13/src/cf_gen.cc
Examining data/squid-4.13/src/ICP.h
Examining data/squid-4.13/src/StatHist.h
Examining data/squid-4.13/src/multicast.h
Examining data/squid-4.13/src/client_side.cc
Examining data/squid-4.13/src/store_log.cc
Examining data/squid-4.13/src/carp.cc
Examining data/squid-4.13/src/ssl/context_storage.cc
Examining data/squid-4.13/src/ssl/ErrorDetailManager.h
Examining data/squid-4.13/src/ssl/gadgets.cc
Examining data/squid-4.13/src/ssl/ServerBump.h
Examining data/squid-4.13/src/ssl/gadgets.h
Examining data/squid-4.13/src/ssl/cert_validate_message.cc
Examining data/squid-4.13/src/ssl/helper.cc
Examining data/squid-4.13/src/ssl/ErrorDetail.h
Examining data/squid-4.13/src/ssl/ErrorDetail.cc
Examining data/squid-4.13/src/ssl/helper.h
Examining data/squid-4.13/src/ssl/Config.h
Examining data/squid-4.13/src/ssl/crtd_message.cc
Examining data/squid-4.13/src/ssl/PeekingPeerConnector.h
Examining data/squid-4.13/src/ssl/ErrorDetailManager.cc
Examining data/squid-4.13/src/ssl/cert_validate_message.h
Examining data/squid-4.13/src/ssl/support.cc
Examining data/squid-4.13/src/ssl/Config.cc
Examining data/squid-4.13/src/ssl/context_storage.h
Examining data/squid-4.13/src/ssl/PeekingPeerConnector.cc
Examining data/squid-4.13/src/ssl/bio.h
Examining data/squid-4.13/src/ssl/ServerBump.cc
Examining data/squid-4.13/src/ssl/ProxyCerts.h
Examining data/squid-4.13/src/ssl/support.h
Examining data/squid-4.13/src/ssl/bio.cc
Examining data/squid-4.13/src/ssl/crtd_message.h
Examining data/squid-4.13/src/fs_io.h
Examining data/squid-4.13/src/Downloader.cc
Examining data/squid-4.13/src/store/LocalSearch.cc
Examining data/squid-4.13/src/store/Controlled.h
Examining data/squid-4.13/src/store/Disks.cc
Examining data/squid-4.13/src/store/forward.h
Examining data/squid-4.13/src/store/LocalSearch.h
Examining data/squid-4.13/src/store/Controller.h
Examining data/squid-4.13/src/store/Disks.h
Examining data/squid-4.13/src/store/Disk.cc
Examining data/squid-4.13/src/store/Storage.h
Examining data/squid-4.13/src/store/Controller.cc
Examining data/squid-4.13/src/store/Disk.h
Examining data/squid-4.13/src/store.cc
Examining data/squid-4.13/src/lookup_t.h
Examining data/squid-4.13/src/CachePeer.cc
Examining data/squid-4.13/src/clientStream.cc
Examining data/squid-4.13/src/DelayTagged.h
Examining data/squid-4.13/src/refresh.h
Examining data/squid-4.13/src/dlink.cc
Examining data/squid-4.13/src/SquidMath.h
Examining data/squid-4.13/src/event.cc
Examining data/squid-4.13/src/HttpHdrCc.h
Examining data/squid-4.13/src/client_side_request.h
Examining data/squid-4.13/src/comm.h
Examining data/squid-4.13/src/CpuAffinityMap.h
Examining data/squid-4.13/src/clients/FtpClient.h
Examining data/squid-4.13/src/clients/FtpRelay.cc
Examining data/squid-4.13/src/clients/Client.h
Examining data/squid-4.13/src/clients/forward.h
Examining data/squid-4.13/src/clients/Client.cc
Examining data/squid-4.13/src/clients/FtpGateway.cc
Examining data/squid-4.13/src/clients/FtpClient.cc
Examining data/squid-4.13/src/CommCalls.cc
Examining data/squid-4.13/src/HttpHeaderStat.h
Examining data/squid-4.13/src/icp_opcode.h
Examining data/squid-4.13/src/HttpHdrRange.cc
Examining data/squid-4.13/src/AuthReg.h
Examining data/squid-4.13/src/fqdncache.h
Examining data/squid-4.13/src/ident/AclIdent.cc
Examining data/squid-4.13/src/ident/AclIdent.h
Examining data/squid-4.13/src/ident/Config.h
Examining data/squid-4.13/src/ident/Ident.cc
Examining data/squid-4.13/src/ident/Ident.h
Examining data/squid-4.13/src/ConfigParser.cc
Examining data/squid-4.13/src/store_key_md5.cc
Examining data/squid-4.13/src/Instance.h
Examining data/squid-4.13/src/client_side.h
Examining data/squid-4.13/src/HttpBody.h
Examining data/squid-4.13/src/redirect.cc
Examining data/squid-4.13/src/SquidMath.cc
Examining data/squid-4.13/src/store_io.cc
Examining data/squid-4.13/src/HttpHeaderRange.h
Examining data/squid-4.13/src/mime_header.h
Examining data/squid-4.13/src/FadingCounter.cc
Examining data/squid-4.13/src/snmp/Forwarder.cc
Examining data/squid-4.13/src/snmp/Forwarder.h
Examining data/squid-4.13/src/snmp/Response.cc
Examining data/squid-4.13/src/snmp/forward.h
Examining data/squid-4.13/src/snmp/Session.h
Examining data/squid-4.13/src/snmp/Session.cc
Examining data/squid-4.13/src/snmp/Request.cc
Examining data/squid-4.13/src/snmp/Response.h
Examining data/squid-4.13/src/snmp/Var.cc
Examining data/squid-4.13/src/snmp/Var.h
Examining data/squid-4.13/src/snmp/Pdu.cc
Examining data/squid-4.13/src/snmp/Request.h
Examining data/squid-4.13/src/snmp/Inquirer.cc
Examining data/squid-4.13/src/snmp/Pdu.h
Examining data/squid-4.13/src/snmp/Inquirer.h
Examining data/squid-4.13/src/NeighborTypeDomainList.h
Examining data/squid-4.13/src/err_detail_type.h
Examining data/squid-4.13/src/StoreMetaMD5.cc
Examining data/squid-4.13/src/String.cc
Examining data/squid-4.13/src/Instance.cc
Examining data/squid-4.13/src/swap_log_op.h
Examining data/squid-4.13/src/EventLoop.h
Examining data/squid-4.13/src/adaptation/AccessCheck.cc
Examining data/squid-4.13/src/adaptation/Message.h
Examining data/squid-4.13/src/adaptation/AccessCheck.h
Examining data/squid-4.13/src/adaptation/ecap/Host.h
Examining data/squid-4.13/src/adaptation/ecap/XactionRep.cc
Examining data/squid-4.13/src/adaptation/ecap/Host.cc
Examining data/squid-4.13/src/adaptation/ecap/Registry.h
Examining data/squid-4.13/src/adaptation/ecap/ServiceRep.cc
Examining data/squid-4.13/src/adaptation/ecap/Config.h
Examining data/squid-4.13/src/adaptation/ecap/MessageRep.h
Examining data/squid-4.13/src/adaptation/ecap/Config.cc
Examining data/squid-4.13/src/adaptation/ecap/MessageRep.cc
Examining data/squid-4.13/src/adaptation/ecap/XactionRep.h
Examining data/squid-4.13/src/adaptation/ecap/ServiceRep.h
Examining data/squid-4.13/src/adaptation/Initiate.h
Examining data/squid-4.13/src/adaptation/AccessRule.cc
Examining data/squid-4.13/src/adaptation/Message.cc
Examining data/squid-4.13/src/adaptation/ServiceConfig.cc
Examining data/squid-4.13/src/adaptation/Iterator.cc
Examining data/squid-4.13/src/adaptation/Initiate.cc
Examining data/squid-4.13/src/adaptation/Config.h
Examining data/squid-4.13/src/adaptation/Answer.h
Examining data/squid-4.13/src/adaptation/icap/InOut.h
Examining data/squid-4.13/src/adaptation/icap/ModXact.h
Examining data/squid-4.13/src/adaptation/icap/icap_log.h
Examining data/squid-4.13/src/adaptation/icap/ModXact.cc
Examining data/squid-4.13/src/adaptation/icap/OptXact.h
Examining data/squid-4.13/src/adaptation/icap/ServiceRep.cc
Examining data/squid-4.13/src/adaptation/icap/Xaction.h
Examining data/squid-4.13/src/adaptation/icap/Xaction.cc
Examining data/squid-4.13/src/adaptation/icap/Config.h
Examining data/squid-4.13/src/adaptation/icap/Client.h
Examining data/squid-4.13/src/adaptation/icap/Elements.cc
Examining data/squid-4.13/src/adaptation/icap/History.cc
Examining data/squid-4.13/src/adaptation/icap/Options.h
Examining data/squid-4.13/src/adaptation/icap/OptXact.cc
Examining data/squid-4.13/src/adaptation/icap/Launcher.cc
Examining data/squid-4.13/src/adaptation/icap/Elements.h
Examining data/squid-4.13/src/adaptation/icap/icap_log.cc
Examining data/squid-4.13/src/adaptation/icap/Config.cc
Examining data/squid-4.13/src/adaptation/icap/Launcher.h
Examining data/squid-4.13/src/adaptation/icap/Client.cc
Examining data/squid-4.13/src/adaptation/icap/History.h
Examining data/squid-4.13/src/adaptation/icap/Options.cc
Examining data/squid-4.13/src/adaptation/icap/ServiceRep.h
Examining data/squid-4.13/src/adaptation/ServiceFilter.cc
Examining data/squid-4.13/src/adaptation/Service.h
Examining data/squid-4.13/src/adaptation/forward.h
Examining data/squid-4.13/src/adaptation/Elements.cc
Examining data/squid-4.13/src/adaptation/ServiceGroups.h
Examining data/squid-4.13/src/adaptation/DynamicGroupCfg.h
Examining data/squid-4.13/src/adaptation/History.cc
Examining data/squid-4.13/src/adaptation/DynamicGroupCfg.cc
Examining data/squid-4.13/src/adaptation/Iterator.h
Examining data/squid-4.13/src/adaptation/Elements.h
Examining data/squid-4.13/src/adaptation/Config.cc
Examining data/squid-4.13/src/adaptation/ServiceConfig.h
Examining data/squid-4.13/src/adaptation/History.h
Examining data/squid-4.13/src/adaptation/AccessRule.h
Examining data/squid-4.13/src/adaptation/Initiator.cc
Examining data/squid-4.13/src/adaptation/Answer.cc
Examining data/squid-4.13/src/adaptation/ServiceFilter.h
Examining data/squid-4.13/src/adaptation/Initiator.h
Examining data/squid-4.13/src/adaptation/ServiceGroups.cc
Examining data/squid-4.13/src/adaptation/Service.cc
Examining data/squid-4.13/src/peer_proxy_negotiate_auth.cc
Examining data/squid-4.13/src/icmp/net_db.cc
Examining data/squid-4.13/src/icmp/IcmpSquid.cc
Examining data/squid-4.13/src/icmp/IcmpConfig.h
Examining data/squid-4.13/src/icmp/Icmp6.cc
Examining data/squid-4.13/src/icmp/Icmp.cc
Examining data/squid-4.13/src/icmp/Icmp6.h
Examining data/squid-4.13/src/icmp/Icmp4.cc
Examining data/squid-4.13/src/icmp/IcmpSquid.h
Examining data/squid-4.13/src/icmp/IcmpPinger.cc
Examining data/squid-4.13/src/icmp/pinger.cc
Examining data/squid-4.13/src/icmp/Icmp4.h
Examining data/squid-4.13/src/icmp/Icmp.h
Examining data/squid-4.13/src/icmp/IcmpPinger.h
Examining data/squid-4.13/src/icmp/IcmpConfig.cc
Examining data/squid-4.13/src/icmp/net_db.h
Examining data/squid-4.13/src/StoreIOState.cc
Examining data/squid-4.13/src/store_swapmeta.cc
Examining data/squid-4.13/src/comm/UdpOpenDialer.h
Examining data/squid-4.13/src/comm/AcceptLimiter.cc
Examining data/squid-4.13/src/comm/ModSelectWin32.cc
Examining data/squid-4.13/src/comm/ModSelect.cc
Examining data/squid-4.13/src/comm/Connection.cc
Examining data/squid-4.13/src/comm/ModPoll.cc
Examining data/squid-4.13/src/comm/ConnOpener.h
Examining data/squid-4.13/src/comm/Loops.h
Examining data/squid-4.13/src/comm/forward.h
Examining data/squid-4.13/src/comm/Write.cc
Examining data/squid-4.13/src/comm/IoCallback.h
Examining data/squid-4.13/src/comm/ModKqueue.cc
Examining data/squid-4.13/src/comm/ModDevPoll.cc
Examining data/squid-4.13/src/comm/comm_internal.h
Examining data/squid-4.13/src/comm/Flag.h
Examining data/squid-4.13/src/comm/Write.h
Examining data/squid-4.13/src/comm/ConnOpener.cc
Examining data/squid-4.13/src/comm/Read.cc
Examining data/squid-4.13/src/comm/TcpAcceptor.cc
Examining data/squid-4.13/src/comm/Read.h
Examining data/squid-4.13/src/comm/AcceptLimiter.h
Examining data/squid-4.13/src/comm/Connection.h
Examining data/squid-4.13/src/comm/TcpAcceptor.h
Examining data/squid-4.13/src/comm/IoCallback.cc
Examining data/squid-4.13/src/comm/ModEpoll.cc
Examining data/squid-4.13/src/globals.h
Examining data/squid-4.13/src/ipc.cc
Examining data/squid-4.13/src/Debug.h
Examining data/squid-4.13/src/internal.cc
Examining data/squid-4.13/src/MemObject.h
Examining data/squid-4.13/src/MemStore.h
Examining data/squid-4.13/src/multicast.cc
Examining data/squid-4.13/src/HttpReply.h
Examining data/squid-4.13/src/AuthReg.cc
Examining data/squid-4.13/src/HttpHeader.cc
Examining data/squid-4.13/src/StoreSearch.h
Examining data/squid-4.13/src/store_swapin.h
Examining data/squid-4.13/src/HttpHeaderTools.cc
Examining data/squid-4.13/src/parser/Tokenizer.cc
Examining data/squid-4.13/src/parser/BinaryTokenizer.h
Examining data/squid-4.13/src/parser/Tokenizer.h
Examining data/squid-4.13/src/parser/BinaryTokenizer.cc
Examining data/squid-4.13/src/typedefs.h
Examining data/squid-4.13/src/delay_pools.cc
Examining data/squid-4.13/src/tools.cc
Examining data/squid-4.13/src/recv-announce.cc
Examining data/squid-4.13/src/DelaySpec.h
Examining data/squid-4.13/src/fqdncache.cc
Examining data/squid-4.13/src/StoreMetaMD5.h
Examining data/squid-4.13/src/StoreSwapLogData.h
Examining data/squid-4.13/src/peer_sourcehash.cc
Examining data/squid-4.13/src/DelayId.h
Examining data/squid-4.13/src/HttpHdrSc.cc
Examining data/squid-4.13/src/StoreIOBuffer.h
Examining data/squid-4.13/src/CacheDigest.cc
Examining data/squid-4.13/src/acl/SquidError.cc
Examining data/squid-4.13/src/acl/AdaptationService.h
Examining data/squid-4.13/src/acl/BoolOps.h
Examining data/squid-4.13/src/acl/SslError.h
Examining data/squid-4.13/src/acl/Acl.cc
Examining data/squid-4.13/src/acl/Acl.h
Examining data/squid-4.13/src/acl/UrlPath.cc
Examining data/squid-4.13/src/acl/MethodData.h
Examining data/squid-4.13/src/acl/RequestHeaderStrategy.h
Examining data/squid-4.13/src/acl/Time.h
Examining data/squid-4.13/src/acl/CertificateData.h
Examining data/squid-4.13/src/acl/InnerNode.h
Examining data/squid-4.13/src/acl/Tree.h
Examining data/squid-4.13/src/acl/Tag.h
Examining data/squid-4.13/src/acl/DestinationIp.cc
Examining data/squid-4.13/src/acl/HttpReqHeader.cc
Examining data/squid-4.13/src/acl/AclDenyInfoList.h
Examining data/squid-4.13/src/acl/DestinationDomain.h
Examining data/squid-4.13/src/acl/LocalPort.h
Examining data/squid-4.13/src/acl/CertificateData.cc
Examining data/squid-4.13/src/acl/NoteData.cc
Examining data/squid-4.13/src/acl/DestinationDomain.cc
Examining data/squid-4.13/src/acl/HttpRepHeader.h
Examining data/squid-4.13/src/acl/ExtUser.cc
Examining data/squid-4.13/src/acl/MaxConnection.h
Examining data/squid-4.13/src/acl/AllOf.cc
Examining data/squid-4.13/src/acl/SourceDomain.h
Examining data/squid-4.13/src/acl/Note.h
Examining data/squid-4.13/src/acl/IntRange.cc
Examining data/squid-4.13/src/acl/Random.h
Examining data/squid-4.13/src/acl/HasComponent.cc
Examining data/squid-4.13/src/acl/AtStepData.h
Examining data/squid-4.13/src/acl/Gadgets.h
Examining data/squid-4.13/src/acl/SslError.cc
Examining data/squid-4.13/src/acl/HttpHeaderData.cc
Examining data/squid-4.13/src/acl/Url.cc
Examining data/squid-4.13/src/acl/TimeData.h
Examining data/squid-4.13/src/acl/AdaptationService.cc
Examining data/squid-4.13/src/acl/AnyOf.h
Examining data/squid-4.13/src/acl/Checklist.h
Examining data/squid-4.13/src/acl/ConnMark.h
Examining data/squid-4.13/src/acl/Protocol.cc
Examining data/squid-4.13/src/acl/ExtUser.h
Examining data/squid-4.13/src/acl/Eui64.h
Examining data/squid-4.13/src/acl/AtStep.h
Examining data/squid-4.13/src/acl/UrlPort.h
Examining data/squid-4.13/src/acl/Ip.cc
Examining data/squid-4.13/src/acl/BoolOps.cc
Examining data/squid-4.13/src/acl/Arp.cc
Examining data/squid-4.13/src/acl/Strategy.h
Examining data/squid-4.13/src/acl/LocalPort.cc
Examining data/squid-4.13/src/acl/InnerNode.cc
Examining data/squid-4.13/src/acl/Method.cc
Examining data/squid-4.13/src/acl/UrlPort.cc
Examining data/squid-4.13/src/acl/SquidErrorData.h
Examining data/squid-4.13/src/acl/CharacterSetOption.h
Examining data/squid-4.13/src/acl/AtStepData.cc
Examining data/squid-4.13/src/acl/FilledChecklist.cc
Examining data/squid-4.13/src/acl/RegexData.cc
Examining data/squid-4.13/src/acl/ReplyHeaderStrategy.h
Examining data/squid-4.13/src/acl/AnyOf.cc
Examining data/squid-4.13/src/acl/FilledChecklist.h
Examining data/squid-4.13/src/acl/HttpRepHeader.cc
Examining data/squid-4.13/src/acl/DomainData.cc
Examining data/squid-4.13/src/acl/ServerCertificate.cc
Examining data/squid-4.13/src/acl/Url.h
Examining data/squid-4.13/src/acl/PeerName.cc
Examining data/squid-4.13/src/acl/ConnectionsEncrypted.h
Examining data/squid-4.13/src/acl/HierCode.h
Examining data/squid-4.13/src/acl/Method.h
Examining data/squid-4.13/src/acl/HttpHeaderData.h
Examining data/squid-4.13/src/acl/ServerName.h
Examining data/squid-4.13/src/acl/MyPortName.h
Examining data/squid-4.13/src/acl/SquidErrorData.cc
Examining data/squid-4.13/src/acl/forward.h
Examining data/squid-4.13/src/acl/external/session/ext_session_acl.cc
Examining data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc
Examining data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc
Examining data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc
Examining data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc
Examining data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_member.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_sasl.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_log.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_lserver.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support.h
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_netbios.cc
Examining data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc
Examining data/squid-4.13/src/acl/external/unix_group/check_group.cc
Examining data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc
Examining data/squid-4.13/src/acl/SourceIp.cc
Examining data/squid-4.13/src/acl/AclNameList.h
Examining data/squid-4.13/src/acl/LocalIp.cc
Examining data/squid-4.13/src/acl/Tree.cc
Examining data/squid-4.13/src/acl/Options.h
Examining data/squid-4.13/src/acl/Address.h
Examining data/squid-4.13/src/acl/StringData.h
Examining data/squid-4.13/src/acl/Certificate.h
Examining data/squid-4.13/src/acl/SourceAsn.h
Examining data/squid-4.13/src/acl/Ip.h
Examining data/squid-4.13/src/acl/Certificate.cc
Examining data/squid-4.13/src/acl/ServerCertificate.h
Examining data/squid-4.13/src/acl/HierCode.cc
Examining data/squid-4.13/src/acl/SourceIp.h
Examining data/squid-4.13/src/acl/Gadgets.cc
Examining data/squid-4.13/src/acl/DestinationIp.h
Examining data/squid-4.13/src/acl/Time.cc
Examining data/squid-4.13/src/acl/Strategised.h
Examining data/squid-4.13/src/acl/HttpStatus.h
Examining data/squid-4.13/src/acl/Eui64.cc
Examining data/squid-4.13/src/acl/AdaptationServiceData.h
Examining data/squid-4.13/src/acl/DomainData.h
Examining data/squid-4.13/src/acl/MethodData.cc
Examining data/squid-4.13/src/acl/Arp.h
Examining data/squid-4.13/src/acl/Data.h
Examining data/squid-4.13/src/acl/SquidError.h
Examining data/squid-4.13/src/acl/UrlPath.h
Examining data/squid-4.13/src/acl/ConnMark.cc
Examining data/squid-4.13/src/acl/Note.cc
Examining data/squid-4.13/src/acl/Protocol.h
Examining data/squid-4.13/src/acl/RegexData.h
Examining data/squid-4.13/src/acl/HasComponent.h
Examining data/squid-4.13/src/acl/StringData.cc
Examining data/squid-4.13/src/acl/LocalIp.h
Examining data/squid-4.13/src/acl/Address.cc
Examining data/squid-4.13/src/acl/HasComponentData.h
Examining data/squid-4.13/src/acl/ServerName.cc
Examining data/squid-4.13/src/acl/Asn.h
Examining data/squid-4.13/src/acl/DestinationAsn.h
Examining data/squid-4.13/src/acl/Options.cc
Examining data/squid-4.13/src/acl/AdaptationServiceData.cc
Examining data/squid-4.13/src/acl/SourceDomain.cc
Examining data/squid-4.13/src/acl/AclSizeLimit.cc
Examining data/squid-4.13/src/acl/NoteData.h
Examining data/squid-4.13/src/acl/UrlLogin.h
Examining data/squid-4.13/src/acl/Tag.cc
Examining data/squid-4.13/src/acl/Asn.cc
Examining data/squid-4.13/src/acl/RequestMimeType.h
Examining data/squid-4.13/src/acl/AllOf.h
Examining data/squid-4.13/src/acl/AtStep.cc
Examining data/squid-4.13/src/acl/ReplyMimeType.h
Examining data/squid-4.13/src/acl/UrlLogin.cc
Examining data/squid-4.13/src/acl/Checklist.cc
Examining data/squid-4.13/src/acl/AclSizeLimit.h
Examining data/squid-4.13/src/acl/HierCodeData.cc
Examining data/squid-4.13/src/acl/PeerName.h
Examining data/squid-4.13/src/acl/ConnectionsEncrypted.cc
Examining data/squid-4.13/src/acl/ProtocolData.cc
Examining data/squid-4.13/src/acl/ProtocolData.h
Examining data/squid-4.13/src/acl/MaxConnection.cc
Examining data/squid-4.13/src/acl/TimeData.cc
Examining data/squid-4.13/src/acl/UserData.h
Examining data/squid-4.13/src/acl/MyPortName.cc
Examining data/squid-4.13/src/acl/SslErrorData.h
Examining data/squid-4.13/src/acl/HasComponentData.cc
Examining data/squid-4.13/src/acl/Strategised.cc
Examining data/squid-4.13/src/acl/HttpReqHeader.h
Examining data/squid-4.13/src/acl/TransactionInitiator.cc
Examining data/squid-4.13/src/acl/IntRange.h
Examining data/squid-4.13/src/acl/HierCodeData.h
Examining data/squid-4.13/src/acl/Random.cc
Examining data/squid-4.13/src/acl/UserData.cc
Examining data/squid-4.13/src/acl/HttpStatus.cc
Examining data/squid-4.13/src/acl/SslErrorData.cc
Examining data/squid-4.13/src/acl/TransactionInitiator.h
Examining data/squid-4.13/src/AccessLogEntry.h
Examining data/squid-4.13/src/RequestFlags.h
Examining data/squid-4.13/src/store_log.h
Examining data/squid-4.13/src/http.cc
Examining data/squid-4.13/src/neighbors.h
Examining data/squid-4.13/src/MemStore.cc
Examining data/squid-4.13/src/HttpHeaderTools.h
Examining data/squid-4.13/src/StoreMeta.h
Examining data/squid-4.13/src/StrList.h
Examining data/squid-4.13/src/CpuAffinitySet.cc
Examining data/squid-4.13/src/WinSvc.h
Examining data/squid-4.13/src/urn.h
Examining data/squid-4.13/src/int.cc
Examining data/squid-4.13/src/HttpRequest.h
Examining data/squid-4.13/src/wccp.cc
Examining data/squid-4.13/src/peer_select.cc
Examining data/squid-4.13/src/wordlist.h
Examining data/squid-4.13/src/CpuAffinityMap.cc
Examining data/squid-4.13/src/HttpHdrScTarget.cc
Examining data/squid-4.13/src/Transients.h
Examining data/squid-4.13/src/client_side_reply.h
Examining data/squid-4.13/src/log/TcpLogger.h
Examining data/squid-4.13/src/log/FormatHttpdCombined.cc
Examining data/squid-4.13/src/log/FormatSquidReferer.cc
Examining data/squid-4.13/src/log/ModUdp.h
Examining data/squid-4.13/src/log/ModUdp.cc
Examining data/squid-4.13/src/log/ModDaemon.cc
Examining data/squid-4.13/src/log/Config.h
Examining data/squid-4.13/src/log/CustomLog.cc
Examining data/squid-4.13/src/log/File.cc
Examining data/squid-4.13/src/log/access_log.h
Examining data/squid-4.13/src/log/TcpLogger.cc
Examining data/squid-4.13/src/log/FormatSquidIcap.cc
Examining data/squid-4.13/src/log/ModDaemon.h
Examining data/squid-4.13/src/log/FormatSquidCustom.cc
Examining data/squid-4.13/src/log/ModSyslog.h
Examining data/squid-4.13/src/log/FormatSquidUseragent.cc
Examining data/squid-4.13/src/log/File.h
Examining data/squid-4.13/src/log/access_log.cc
Examining data/squid-4.13/src/log/file/log_file_daemon.cc
Examining data/squid-4.13/src/log/Config.cc
Examining data/squid-4.13/src/log/FormatHttpdCommon.cc
Examining data/squid-4.13/src/log/ModStdio.cc
Examining data/squid-4.13/src/log/ModStdio.h
Examining data/squid-4.13/src/log/FormatSquidNative.cc
Examining data/squid-4.13/src/log/ModSyslog.cc
Examining data/squid-4.13/src/log/CustomLog.h
Examining data/squid-4.13/src/log/Formats.h
Examining data/squid-4.13/src/err_type.h
Examining data/squid-4.13/src/urn.cc
Examining data/squid-4.13/src/ipc/StoreMap.h
Examining data/squid-4.13/src/ipc/Messages.h
Examining data/squid-4.13/src/ipc/FdNotes.cc
Examining data/squid-4.13/src/ipc/TypedMsgHdr.h
Examining data/squid-4.13/src/ipc/Forwarder.cc
Examining data/squid-4.13/src/ipc/Forwarder.h
Examining data/squid-4.13/src/ipc/MemMap.cc
Examining data/squid-4.13/src/ipc/Port.h
Examining data/squid-4.13/src/ipc/StrandCoords.h
Examining data/squid-4.13/src/ipc/FdNotes.h
Examining data/squid-4.13/src/ipc/mem/Segment.h
Examining data/squid-4.13/src/ipc/mem/Pages.h
Examining data/squid-4.13/src/ipc/mem/Pages.cc
Examining data/squid-4.13/src/ipc/mem/Page.cc
Examining data/squid-4.13/src/ipc/mem/PagePool.cc
Examining data/squid-4.13/src/ipc/mem/Page.h
Examining data/squid-4.13/src/ipc/mem/PageStack.cc
Examining data/squid-4.13/src/ipc/mem/FlexibleArray.h
Examining data/squid-4.13/src/ipc/mem/PagePool.h
Examining data/squid-4.13/src/ipc/mem/Segment.cc
Examining data/squid-4.13/src/ipc/mem/PageStack.h
Examining data/squid-4.13/src/ipc/mem/Pointer.h
Examining data/squid-4.13/src/ipc/StrandSearch.cc
Examining data/squid-4.13/src/ipc/ReadWriteLock.cc
Examining data/squid-4.13/src/ipc/UdsOp.cc
Examining data/squid-4.13/src/ipc/forward.h
Examining data/squid-4.13/src/ipc/Kids.h
Examining data/squid-4.13/src/ipc/StrandSearch.h
Examining data/squid-4.13/src/ipc/ReadWriteLock.h
Examining data/squid-4.13/src/ipc/Queue.cc
Examining data/squid-4.13/src/ipc/StartListening.cc
Examining data/squid-4.13/src/ipc/Queue.h
Examining data/squid-4.13/src/ipc/TypedMsgHdr.cc
Examining data/squid-4.13/src/ipc/MemMap.h
Examining data/squid-4.13/src/ipc/Response.h
Examining data/squid-4.13/src/ipc/StartListening.h
Examining data/squid-4.13/src/ipc/StrandCoord.h
Examining data/squid-4.13/src/ipc/StrandCoord.cc
Examining data/squid-4.13/src/ipc/Strand.h
Examining data/squid-4.13/src/ipc/Kid.cc
Examining data/squid-4.13/src/ipc/UdsOp.h
Examining data/squid-4.13/src/ipc/SharedListen.cc
Examining data/squid-4.13/src/ipc/Coordinator.cc
Examining data/squid-4.13/src/ipc/StoreMap.cc
Examining data/squid-4.13/src/ipc/Kid.h
Examining data/squid-4.13/src/ipc/SharedListen.h
Examining data/squid-4.13/src/ipc/Port.cc
Examining data/squid-4.13/src/ipc/Request.h
Examining data/squid-4.13/src/ipc/Kids.cc
Examining data/squid-4.13/src/ipc/Inquirer.cc
Examining data/squid-4.13/src/ipc/Strand.cc
Examining data/squid-4.13/src/ipc/Inquirer.h
Examining data/squid-4.13/src/ipc/Coordinator.h
Examining data/squid-4.13/src/StoreMetaObjSize.h
Examining data/squid-4.13/src/fd.h
Examining data/squid-4.13/src/PingData.h
Examining data/squid-4.13/src/MemBuf.h
Examining data/squid-4.13/src/DelayConfig.cc
Examining data/squid-4.13/src/HttpHeaderFieldStat.h
Examining data/squid-4.13/src/whois.cc
Examining data/squid-4.13/src/ProfStats.cc
Examining data/squid-4.13/src/dns_internal.cc
Examining data/squid-4.13/src/LoadableModule.cc
Examining data/squid-4.13/src/fde.cc
Examining data/squid-4.13/src/pconn.cc
Examining data/squid-4.13/src/HttpReply.cc
Examining data/squid-4.13/src/NullDelayId.h
Examining data/squid-4.13/src/mem_node.cc
Examining data/squid-4.13/src/store_rebuild.cc
Examining data/squid-4.13/src/Notes.cc
Examining data/squid-4.13/src/HttpHdrScTarget.h
Examining data/squid-4.13/src/Notes.h
Examining data/squid-4.13/src/LogTags.h
Examining data/squid-4.13/src/wccp2.h
Examining data/squid-4.13/src/StoreMetaSTD.cc
Examining data/squid-4.13/src/wordlist.cc
Examining data/squid-4.13/src/gopher.cc
Examining data/squid-4.13/src/gopher.h
Examining data/squid-4.13/libltdl/lt__strl.c
Examining data/squid-4.13/libltdl/libltdl/lt_dlloader.h
Examining data/squid-4.13/libltdl/libltdl/slist.h
Examining data/squid-4.13/libltdl/libltdl/lt_system.h
Examining data/squid-4.13/libltdl/libltdl/lt__alloc.h
Examining data/squid-4.13/libltdl/libltdl/lt__glibc.h
Examining data/squid-4.13/libltdl/libltdl/lt__private.h
Examining data/squid-4.13/libltdl/libltdl/lt__dirent.h
Examining data/squid-4.13/libltdl/libltdl/lt__strl.h
Examining data/squid-4.13/libltdl/libltdl/lt_error.h
Examining data/squid-4.13/libltdl/libltdl/lt__argz_.h
Examining data/squid-4.13/libltdl/slist.c
Examining data/squid-4.13/libltdl/ltdl.h
Examining data/squid-4.13/libltdl/ltdl.c
Examining data/squid-4.13/libltdl/lt__dirent.c
Examining data/squid-4.13/libltdl/loaders/shl_load.c
Examining data/squid-4.13/libltdl/loaders/load_add_on.c
Examining data/squid-4.13/libltdl/loaders/dld_link.c
Examining data/squid-4.13/libltdl/loaders/dyld.c
Examining data/squid-4.13/libltdl/loaders/dlopen.c
Examining data/squid-4.13/libltdl/loaders/loadlibrary.c
Examining data/squid-4.13/libltdl/loaders/preopen.c
Examining data/squid-4.13/libltdl/lt_dlloader.c
Examining data/squid-4.13/libltdl/lt__argz.c
Examining data/squid-4.13/libltdl/lt__alloc.c
Examining data/squid-4.13/libltdl/lt_error.c
Examining data/squid-4.13/test-suite/stub_fatal.cc
Examining data/squid-4.13/test-suite/stub_MemBuf.cc
Examining data/squid-4.13/test-suite/tcp-banger2.c
Examining data/squid-4.13/test-suite/stub_libmem.cc
Examining data/squid-4.13/test-suite/membanger.c
Examining data/squid-4.13/test-suite/debug.cc
Examining data/squid-4.13/test-suite/MemPoolTest.cc
Examining data/squid-4.13/test-suite/stub_SBuf.cc
Examining data/squid-4.13/test-suite/ESIExpressions.cc
Examining data/squid-4.13/test-suite/splay.cc
Examining data/squid-4.13/test-suite/mem_node_test.cc
Examining data/squid-4.13/test-suite/stub_cbdata.cc
Examining data/squid-4.13/test-suite/stub_tools.cc
Examining data/squid-4.13/test-suite/STUB.h
Examining data/squid-4.13/test-suite/VirtualDeleteOperator.cc
Examining data/squid-4.13/test-suite/stub_debug.cc
Examining data/squid-4.13/test-suite/test_tools.cc
Examining data/squid-4.13/test-suite/mem_hdr_test.cc
Examining data/squid-4.13/test-suite/syntheticoperators.cc
Examining data/squid-4.13/tools/cachemgr.cc
Examining data/squid-4.13/tools/Here.cc
Examining data/squid-4.13/tools/squidclient/Parameters.h
Examining data/squid-4.13/tools/squidclient/stub_libmem.cc
Examining data/squid-4.13/tools/squidclient/time.cc
Examining data/squid-4.13/tools/squidclient/Transport.cc
Examining data/squid-4.13/tools/squidclient/Ping.h
Examining data/squid-4.13/tools/squidclient/squidclient.cc
Examining data/squid-4.13/tools/squidclient/STUB.h
Examining data/squid-4.13/tools/squidclient/stub_debug.cc
Examining data/squid-4.13/tools/squidclient/Ping.cc
Examining data/squid-4.13/tools/squidclient/test_tools.cc
Examining data/squid-4.13/tools/squidclient/gssapi_support.cc
Examining data/squid-4.13/tools/squidclient/Transport.h
Examining data/squid-4.13/tools/squidclient/gssapi_support.h
Examining data/squid-4.13/tools/purge/squid-tlv.cc
Examining data/squid-4.13/tools/purge/convert.cc
Examining data/squid-4.13/tools/purge/socket.cc
Examining data/squid-4.13/tools/purge/purge.cc
Examining data/squid-4.13/tools/purge/signal.cc
Examining data/squid-4.13/tools/purge/conffile.cc
Examining data/squid-4.13/tools/purge/copyout.cc
Examining data/squid-4.13/tools/stub_libmem.cc
Examining data/squid-4.13/tools/CharacterSet.cc
Examining data/squid-4.13/tools/time.cc
Examining data/squid-4.13/tools/MemBuf.cc
Examining data/squid-4.13/tools/stub_cbdata.cc
Examining data/squid-4.13/tools/STUB.h
Examining data/squid-4.13/tools/stub_debug.cc
Examining data/squid-4.13/tools/test_tools.cc
Examining data/squid-4.13/compat/psignal.c
Examining data/squid-4.13/compat/statvfs.cc
Examining data/squid-4.13/compat/inet_ntop.h
Examining data/squid-4.13/compat/assert.h
Examining data/squid-4.13/compat/cmsg.h
Examining data/squid-4.13/compat/statvfs.h
Examining data/squid-4.13/compat/memrchr.cc
Examining data/squid-4.13/compat/openssl.h
Examining data/squid-4.13/compat/strnstr.cc
Examining data/squid-4.13/compat/strnrchr.h
Examining data/squid-4.13/compat/cppunit.h
Examining data/squid-4.13/compat/initgroups.h
Examining data/squid-4.13/compat/xstring.h
Examining data/squid-4.13/compat/assert.cc
Examining data/squid-4.13/compat/xalloc.h
Examining data/squid-4.13/compat/getaddrinfo.cc
Examining data/squid-4.13/compat/stdio.h
Examining data/squid-4.13/compat/tempnam.c
Examining data/squid-4.13/compat/strerror.c
Examining data/squid-4.13/compat/cpu.h
Examining data/squid-4.13/compat/GnuRegex.c
Examining data/squid-4.13/compat/xstrto.h
Examining data/squid-4.13/compat/types.h
Examining data/squid-4.13/compat/debug.cc
Examining data/squid-4.13/compat/xstrerror.h
Examining data/squid-4.13/compat/GnuRegex.h
Examining data/squid-4.13/compat/xis.h
Examining data/squid-4.13/compat/memrchr.h
Examining data/squid-4.13/compat/strtoll.c
Examining data/squid-4.13/compat/xstrerror.cc
Examining data/squid-4.13/compat/inet_pton.h
Examining data/squid-4.13/compat/fdsetsize.h
Examining data/squid-4.13/compat/compat.h
Examining data/squid-4.13/compat/strnrchr.c
Examining data/squid-4.13/compat/shm.cc
Examining data/squid-4.13/compat/xalloc.cc
Examining data/squid-4.13/compat/osdetect.h
Examining data/squid-4.13/compat/compat_shared.h
Examining data/squid-4.13/compat/xstrto.cc
Examining data/squid-4.13/compat/getaddrinfo.h
Examining data/squid-4.13/compat/getnameinfo.h
Examining data/squid-4.13/compat/stdvarargs.h
Examining data/squid-4.13/compat/eui64_aton.c
Examining data/squid-4.13/compat/mswindows.cc
Examining data/squid-4.13/compat/valgrind.h
Examining data/squid-4.13/compat/initgroups.c
Examining data/squid-4.13/compat/inet_pton.cc
Examining data/squid-4.13/compat/debug.h
Examining data/squid-4.13/compat/testPreCompiler.h
Examining data/squid-4.13/compat/xstring.cc
Examining data/squid-4.13/compat/shm.h
Examining data/squid-4.13/compat/testPreCompiler.cc
Examining data/squid-4.13/compat/eui64_aton.h
Examining data/squid-4.13/compat/tempnam.h
Examining data/squid-4.13/compat/strtoll.h
Examining data/squid-4.13/compat/psignal.h
Examining data/squid-4.13/compat/inet_ntop.cc
Examining data/squid-4.13/compat/os/freebsd.h
Examining data/squid-4.13/compat/os/sgi.h
Examining data/squid-4.13/compat/os/mswindows.h
Examining data/squid-4.13/compat/os/linux.h
Examining data/squid-4.13/compat/os/qnx.h
Examining data/squid-4.13/compat/os/hpux.h
Examining data/squid-4.13/compat/os/next.h
Examining data/squid-4.13/compat/os/openbsd.h
Examining data/squid-4.13/compat/os/solaris.h
Examining data/squid-4.13/compat/os/sunos.h
Examining data/squid-4.13/compat/os/dragonfly.h
Examining data/squid-4.13/compat/os/android.h
Examining data/squid-4.13/compat/os/opensolaris_10_netdb.h
Examining data/squid-4.13/compat/os/macosx.h
Examining data/squid-4.13/compat/os/aix.h
Examining data/squid-4.13/compat/os/netbsd.h
Examining data/squid-4.13/compat/os/os2.h
Examining data/squid-4.13/compat/getnameinfo.cc
Examining data/squid-4.13/compat/compat.cc
Examining data/squid-4.13/include/radix.h
Examining data/squid-4.13/include/snmp.h
Examining data/squid-4.13/include/rfc2181.h
Examining data/squid-4.13/include/snmp_session.h
Examining data/squid-4.13/include/snmp_debug.h
Examining data/squid-4.13/include/rfc2617.h
Examining data/squid-4.13/include/util.h
Examining data/squid-4.13/include/parse.h
Examining data/squid-4.13/include/snmp_vars.h
Examining data/squid-4.13/include/snmp_impl.h
Examining data/squid-4.13/include/leakcheck.h
Examining data/squid-4.13/include/snmp-internal.h
Examining data/squid-4.13/include/unitTestMain.h
Examining data/squid-4.13/include/snmp-mib.h
Examining data/squid-4.13/include/base64.h
Examining data/squid-4.13/include/sspwin32.h
Examining data/squid-4.13/include/xusleep.h
Examining data/squid-4.13/include/Range.h
Examining data/squid-4.13/include/snmp_client.h
Examining data/squid-4.13/include/asn1.h
Examining data/squid-4.13/include/charset.h
Examining data/squid-4.13/include/squid.h
Examining data/squid-4.13/include/version.h
Examining data/squid-4.13/include/snmp_pdu.h
Examining data/squid-4.13/include/snmp_api_util.h
Examining data/squid-4.13/include/md5.h
Examining data/squid-4.13/include/html_quote.h
Examining data/squid-4.13/include/splay.h
Examining data/squid-4.13/include/snmp_api.h
Examining data/squid-4.13/include/heap.h
Examining data/squid-4.13/include/getfullhostname.h
Examining data/squid-4.13/include/rfc1123.h
Examining data/squid-4.13/include/snmp_error.h
Examining data/squid-4.13/include/cache_snmp.h
Examining data/squid-4.13/include/snmp_coexist.h
Examining data/squid-4.13/include/snmp_util.h
Examining data/squid-4.13/include/hash.h
Examining data/squid-4.13/include/snmp_api_error.h
Examining data/squid-4.13/include/snmp_msg.h
Examining data/squid-4.13/include/rfc1738.h
Examining data/squid-4.13/lib/stub_memaccount.c
Examining data/squid-4.13/lib/snmplib/snmp_vars.c
Examining data/squid-4.13/lib/snmplib/snmp_api.c
Examining data/squid-4.13/lib/snmplib/snmp_msg.c
Examining data/squid-4.13/lib/snmplib/coexistance.c
Examining data/squid-4.13/lib/snmplib/asn1.c
Examining data/squid-4.13/lib/snmplib/parse.c
Examining data/squid-4.13/lib/snmplib/snmplib_debug.c
Examining data/squid-4.13/lib/snmplib/mib.c
Examining data/squid-4.13/lib/snmplib/snmp_api_error.c
Examining data/squid-4.13/lib/snmplib/snmp_error.c
Examining data/squid-4.13/lib/snmplib/snmp_pdu.c
Examining data/squid-4.13/lib/getfullhostname.c
Examining data/squid-4.13/lib/rfcnb/rfcnb-io.c
Examining data/squid-4.13/lib/rfcnb/rfcnb-util.h
Examining data/squid-4.13/lib/rfcnb/rfcnb-io.h
Examining data/squid-4.13/lib/rfcnb/byteorder.h
Examining data/squid-4.13/lib/rfcnb/session.c
Examining data/squid-4.13/lib/rfcnb/rfcnb-error.h
Examining data/squid-4.13/lib/rfcnb/std-includes.h
Examining data/squid-4.13/lib/rfcnb/rfcnb-util.c
Examining data/squid-4.13/lib/rfcnb/rfcnb.h
Examining data/squid-4.13/lib/rfcnb/rfcnb-priv.h
Examining data/squid-4.13/lib/rfcnb/rfcnb-common.h
Examining data/squid-4.13/lib/encrypt.c
Examining data/squid-4.13/lib/getopt.c
Examining data/squid-4.13/lib/xusleep.c
Examining data/squid-4.13/lib/profiler/Profiler.cc
Examining data/squid-4.13/lib/profiler/Profiler.h
Examining data/squid-4.13/lib/profiler/get_tick.h
Examining data/squid-4.13/lib/profiler/xprof_type.h
Examining data/squid-4.13/lib/charset.c
Examining data/squid-4.13/lib/radix.c
Examining data/squid-4.13/lib/md5.c
Examining data/squid-4.13/lib/libTrie/test/trie.cc
Examining data/squid-4.13/lib/libTrie/Trie.h
Examining data/squid-4.13/lib/libTrie/TrieNode.cc
Examining data/squid-4.13/lib/libTrie/TrieNode.h
Examining data/squid-4.13/lib/libTrie/Trie.cc
Examining data/squid-4.13/lib/libTrie/TrieCharTransform.h
Examining data/squid-4.13/lib/tests/testRFC1738.h
Examining data/squid-4.13/lib/tests/testRFC1738.cc
Examining data/squid-4.13/lib/util.c
Examining data/squid-4.13/lib/iso3307.c
Examining data/squid-4.13/lib/smblib/smbencrypt.c
Examining data/squid-4.13/lib/smblib/md4.h
Examining data/squid-4.13/lib/smblib/smbencrypt.h
Examining data/squid-4.13/lib/smblib/smblib.c
Examining data/squid-4.13/lib/smblib/smbdes.c
Examining data/squid-4.13/lib/smblib/md4.c
Examining data/squid-4.13/lib/smblib/smblib.h
Examining data/squid-4.13/lib/smblib/smbdes.h
Examining data/squid-4.13/lib/smblib/smblib-common.h
Examining data/squid-4.13/lib/smblib/smblib-priv.h
Examining data/squid-4.13/lib/smblib/smblib-util.c
Examining data/squid-4.13/lib/smblib/std-defines.h
Examining data/squid-4.13/lib/ntlmauth/support_endian.h
Examining data/squid-4.13/lib/ntlmauth/ntlmauth.h
Examining data/squid-4.13/lib/ntlmauth/ntlmauth.cc
Examining data/squid-4.13/lib/base64.c
Examining data/squid-4.13/lib/heap.c
Examining data/squid-4.13/lib/html_quote.c
Examining data/squid-4.13/lib/dirent.c
Examining data/squid-4.13/lib/rfc2617.c
Examining data/squid-4.13/lib/rfc1123.c
Examining data/squid-4.13/lib/Splay.cc
Examining data/squid-4.13/lib/sspwin32.cc
Examining data/squid-4.13/lib/rfc1738.c
Examining data/squid-4.13/lib/hash.cc
FINAL RESULTS:
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:626:9: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(User, UserName, UNLEN);
data/squid-4.13/compat/GnuRegex.c:447:36: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT1(x) if (debug) printf (x)
data/squid-4.13/compat/GnuRegex.c:448:41: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT2(x1, x2) if (debug) printf (x1, x2)
data/squid-4.13/compat/GnuRegex.c:449:45: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT3(x1, x2, x3) if (debug) printf (x1, x2, x3)
data/squid-4.13/compat/GnuRegex.c:450:49: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT4(x1, x2, x3, x4) if (debug) printf (x1, x2, x3, x4)
data/squid-4.13/compat/GnuRegex.c:4275:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(errbuf, msg);
data/squid-4.13/compat/compat_shared.h:261:52: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTF_FORMAT_ARG1 __attribute__ ((format (printf, 1, 2)))
data/squid-4.13/compat/compat_shared.h:264:52: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTF_FORMAT_ARG2 __attribute__ ((format (printf, 2, 3)))
data/squid-4.13/compat/compat_shared.h:267:52: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTF_FORMAT_ARG3 __attribute__ ((format (printf, 3, 4)))
data/squid-4.13/compat/debug.cc:25:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr,format,args);
data/squid-4.13/compat/debug.h:31:26: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,X); \
data/squid-4.13/compat/getaddrinfo.cc:287:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sai->ai_canonname, hp->h_name);
data/squid-4.13/compat/inet_ntop.cc:142:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if ((size_t)snprintf(tmp, min(sizeof(tmp),size), fmt, src[0], src[1], src[2], src[3]) >= size) {
data/squid-4.13/compat/inet_ntop.cc:146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst, tmp);
data/squid-4.13/compat/inet_ntop.cc:243:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst, tmp);
data/squid-4.13/compat/mswindows.cc:312:1: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(int priority, const char *fmt, ...)
data/squid-4.13/compat/mswindows.cc:323:15: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
str_len = vsnprintf(str, SYSLOG_MAX_MSG_SIZE-1, fmt, ap);
data/squid-4.13/compat/os/mswindows.h:105:9: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
#define mktemp _mktemp
data/squid-4.13/compat/os/mswindows.h:106:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/compat/os/mswindows.h:106:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/compat/os/mswindows.h:112:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/squid-4.13/compat/os/mswindows.h:132:9: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define popen _popen
data/squid-4.13/compat/os/mswindows.h:998:6: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
void syslog(int priority, const char *fmt, ...);
data/squid-4.13/compat/statvfs.cc:77:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Both statvfs() and statfs() system calls are missing.
data/squid-4.13/compat/tempnam.c:103:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(s, 0) != 0)
data/squid-4.13/lib/dirent.c:101:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nd->dd_name, szFullPath);
data/squid-4.13/lib/dirent.c:109:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nd->dd_name, SLASH);
data/squid-4.13/lib/dirent.c:112:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(nd->dd_name, SUFFIX);
data/squid-4.13/lib/dirent.c:187:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirp->dd_dir.d_name, dirp->dd_dta.name);
data/squid-4.13/lib/encrypt.c:240:1: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
crypt(const char *wort, const char *salt)
data/squid-4.13/lib/hash.cc:355:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(todelete, buf);
data/squid-4.13/lib/smblib/smblib-priv.h:538:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
UWORD access;
data/squid-4.13/lib/smblib/smblib-util.c:126:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(SMB_Attrib_Temp, (verbose?"Read Only ":"R"));
data/squid-4.13/lib/smblib/smblib-util.c:129:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(SMB_Attrib_Temp, (verbose?"Hidden ":"H"));
data/squid-4.13/lib/smblib/smblib-util.c:132:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(SMB_Attrib_Temp, (verbose?"System ":"S"));
data/squid-4.13/lib/smblib/smblib-util.c:135:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(SMB_Attrib_Temp, (verbose?"Volume ":"V"));
data/squid-4.13/lib/smblib/smblib-util.c:138:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(SMB_Attrib_Temp, (verbose?"Directory ":"D"));
data/squid-4.13/lib/smblib/smblib-util.c:141:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(SMB_Attrib_Temp, (verbose?"Archive ":"A"));
data/squid-4.13/lib/smblib/smblib-util.c:305:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p + 1, Prots[i]);
data/squid-4.13/lib/smblib/smblib-util.c:561:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p + 1, path);
data/squid-4.13/lib/smblib/smblib-util.c:564:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p + 1, password);
data/squid-4.13/lib/smblib/smblib-util.c:567:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p + 1, device);
data/squid-4.13/lib/smblib/smblib.c:134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME);
data/squid-4.13/lib/smblib/smblib.c:135:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE);
data/squid-4.13/lib/smblib/smblib.c:233:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(con -> PDomain, SMBLIB_DEFAULT_DOMAIN);
data/squid-4.13/lib/smblib/smblib.c:234:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(con -> OSName, SMBLIB_DEFAULT_OSNAME);
data/squid-4.13/lib/smblib/smblib.c:235:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(con -> LMType, SMBLIB_DEFAULT_LMTYPE);
data/squid-4.13/lib/smblib/smblib.c:416:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, UserName);
data/squid-4.13/lib/smblib/smblib.c:423:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, Con_Handle -> PDomain);
data/squid-4.13/lib/smblib/smblib.c:426:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, NtDomain);
data/squid-4.13/lib/smblib/smblib.c:432:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, Con_Handle -> OSName);
data/squid-4.13/lib/smblib/smblib.c:487:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, UserName);
data/squid-4.13/lib/smblib/smblib.c:493:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, Con_Handle -> PDomain);
data/squid-4.13/lib/smblib/smblib.c:498:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, Con_Handle -> OSName);
data/squid-4.13/lib/smblib/smblib.c:503:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, Con_Handle -> LMType);
data/squid-4.13/lib/snmplib/mib.c:300:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, subtree->label);
data/squid-4.13/lib/snmplib/parse.c:404:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tp->label, np->label);
data/squid-4.13/lib/snmplib/parse.c:589:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp, token);
data/squid-4.13/lib/snmplib/parse.c:783:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(syntax, token);
data/squid-4.13/lib/snmplib/parse.c:786:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(syntax, nexttoken);
data/squid-4.13/lib/snmplib/parse.c:789:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(syntax, nexttoken);
data/squid-4.13/lib/snmplib/parse.c:794:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(syntax, token);
data/squid-4.13/lib/snmplib/parse.c:813:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ep->label, token);
data/squid-4.13/lib/snmplib/parse.c:858:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(syntax, token);
data/squid-4.13/lib/snmplib/snmplib_debug.c:28:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, BUFSIZ, fmt, args);
data/squid-4.13/lib/snmplib/snmplib_debug.c:31:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/squid-4.13/lib/sspwin32.cc:107:9: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy (lpszDLL, _T(WINNT_SECURITY_DLL));
data/squid-4.13/lib/sspwin32.cc:109:9: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
lstrcpy (lpszDLL, _T(WIN2K_SECURITY_DLL));
data/squid-4.13/lib/util.c:91:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "%" PRId64, num);
data/squid-4.13/libltdl/libltdl/lt__private.h:117:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void * system; /* system specific data */
data/squid-4.13/libltdl/loaders/dlopen.c:229:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (attempt, "%s%s", filename, member);
data/squid-4.13/libltdl/loaders/loadlibrary.c:170:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wpath, filename);
data/squid-4.13/libltdl/ltdl.c:522:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (filename, "%.*s/%s", (int) dirname_len, dirname, dlname);
data/squid-4.13/libltdl/ltdl.c:718:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filename, dir_name);
data/squid-4.13/libltdl/ltdl.c:724:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filename +lendir, base_name);
data/squid-4.13/libltdl/ltdl.c:785:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
int notfound = access (filename, R_OK);
data/squid-4.13/libltdl/ltdl.c:922:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (name, "lib%s", p+2);
data/squid-4.13/libltdl/ltdl.c:1212:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(attempt, "%s%s", filename, ext);
data/squid-4.13/libltdl/ltdl.c:1307:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (archive_name, "%s%s.%s", libprefix, name + 3, libext);
data/squid-4.13/libltdl/ltdl.c:1311:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (archive_name, "%s.%s", name, libext);
data/squid-4.13/libltdl/ltdl.c:1820:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buf, dirnam);
data/squid-4.13/libltdl/ltdl.c:2063:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sym, handle->vtable->sym_prefix);
data/squid-4.13/libltdl/ltdl.c:2064:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sym, handle->info.name);
data/squid-4.13/libltdl/ltdl.c:2068:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sym, handle->info.name);
data/squid-4.13/libltdl/ltdl.c:2072:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sym, symbol);
data/squid-4.13/libltdl/ltdl.c:2090:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sym, handle->vtable->sym_prefix);
data/squid-4.13/libltdl/ltdl.c:2091:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sym, symbol);
data/squid-4.13/libltdl/ltdl.c:2095:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sym, symbol);
data/squid-4.13/src/CachePeer.cc:26:5: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access(NULL),
data/squid-4.13/src/CachePeer.cc:81:27: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
aclDestroyAccessList(&access);
data/squid-4.13/src/CachePeer.h:75:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
acl_access *access;
data/squid-4.13/src/ClientDelayConfig.cc:21:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
dump_acl_access(entry, nom, access);
data/squid-4.13/src/ClientDelayConfig.cc:31:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!pools[i].access) {
data/squid-4.13/src/ClientDelayConfig.cc:94:68: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
aclParseAccessLine("client_delay_access", parser, &pools[pool].access);
data/squid-4.13/src/ClientDelayConfig.cc:100:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
aclDestroyAccessList(&pools[i].access);
data/squid-4.13/src/ClientDelayConfig.h:26:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
: access(NULL), rate(0), highwatermark(0) {}
data/squid-4.13/src/ClientDelayConfig.h:28:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
acl_access *access;
data/squid-4.13/src/DelayConfig.cc:89:78: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
aclParseAccessLine("delay_access", parser, &DelayPools::delay_data[pool].access);
data/squid-4.13/src/DelayId.cc:82:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!DelayPools::delay_data[pool].access) {
data/squid-4.13/src/DelayId.cc:88:60: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ACLFilledChecklist ch(DelayPools::delay_data[pool].access, r, NULL);
data/squid-4.13/src/DelayPool.cc:20:39: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
DelayPool::DelayPool() : pool (NULL), access (NULL)
data/squid-4.13/src/DelayPool.cc:30:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access)
data/squid-4.13/src/DelayPool.cc:31:31: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
aclDestroyAccessList(&access);
data/squid-4.13/src/DelayPool.cc:53:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
dump_acl_access(entry, nom, access);
data/squid-4.13/src/DelayPool.h:38:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
acl_access *access;
data/squid-4.13/src/MemBuf.cc:278:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
sz = vsnprintf(buf + size, free_space, fmt, ap);
data/squid-4.13/src/WinSvc.cc:657:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(REGKEY, service);
data/squid-4.13/src/WinSvc.cc:710:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(REGKEY, service);
data/squid-4.13/src/WinSvc.cc:731:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(REGKEY, service);
data/squid-4.13/src/WinSvc.cc:740:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(szPath, sizeof(szPath), "%s %s:" SQUIDSBUFPH, ServicePath, _WIN_SQUID_SERVICE_OPTION, SQUIDSBUFPRINT(service_name));
data/squid-4.13/src/WinSvc.cc:903:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stderr_path, argv[0]);
data/squid-4.13/src/WinSvc.cc:917:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(REGKEY, service);
data/squid-4.13/src/acl/Ip.cc:322:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(t, SCAN_ACL1_4, addr1, addr2, mask) == 3) {
data/squid-4.13/src/acl/Ip.cc:325:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL2_4, addr1, addr2, &c) >= 2) {
data/squid-4.13/src/acl/Ip.cc:329:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL3_4, addr1, mask) == 2) {
data/squid-4.13/src/acl/Ip.cc:333:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL4_4, addr1,&c) == 2) {
data/squid-4.13/src/acl/Ip.cc:340:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL1_6, addr1, addr2, mask) == 3) {
data/squid-4.13/src/acl/Ip.cc:343:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL2_6, addr1, addr2, &c) >= 2) {
data/squid-4.13/src/acl/Ip.cc:347:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL3_6, addr1, mask) == 2) {
data/squid-4.13/src/acl/Ip.cc:351:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
} else if (sscanf(t, SCAN_ACL4_6, addr1, mask) == 2) {
data/squid-4.13/src/acl/Ip.cc:357:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
} else if (sscanf(t, "%[^/]/%s", addr1, mask) == 2) {
data/squid-4.13/src/acl/Ip.cc:360:16: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
} else if (sscanf(t, "%s", addr1) == 1) {
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:274:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(wc, bstr);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:291:5: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
wcscat(wc, Base_DN);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:365:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(User_Groups[User_Groups_Count - 1], Group);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:499:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Group, userdomain);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:57:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:57:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:300:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": FATAL: Unknown search scope '%s'\n", value);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:310:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": FATAL: -E unsupported with this LDAP library\n");
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:330:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": FATAL: Unknown alias dereference method '%s'\n", value);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:389:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": FATAL: Unknown command line option '%c'\n", option);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:458:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": FATAL: TLS (-Z) not supported on this platform.\n");
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:583:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": WARNING: %s to binddn '%s'\n", broken, ldap_err2string(rc));
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:807:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: Can not read secret file %s\n", filename);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:811:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: Secret file %s is empty\n", filename);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:823:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: can not allocate memory\n");
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:236:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
x = vsnprintf(dbuf, sz, msg, ap);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:844:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst, hexc);
data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc:127:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current_entry->username, username);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support.h:124:26: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,X); \
data/squid-4.13/src/acl/external/kerberos_ldap_group/support.h:129:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,X); \
data/squid-4.13/src/acl/external/kerberos_ldap_group/support.h:133:22: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,X); \
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:297:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
ul = strcat(ul, upd);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:349:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, up);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:351:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, hp1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:353:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, hp2);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:356:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, hp1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:358:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, hp2);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:363:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, up);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:365:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, hp1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:373:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, up);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:375:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, hp2);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:386:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(search_exp, se_len, filter, ldap_filter_esc);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:558:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(ssl_cacertfile, R_OK) == 0) {
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:580:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(ssl_cacertdir, R_OK) == 0) {
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1226:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(search_exp, se_len, filter, ldap_filter_esc);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1361:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(search_exp, se_len, filter, ldap_filter_esc);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1471:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(search_exp, se_len, filter, ldap_filter_esc);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_log.cc:70:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_log.cc:79:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_log.cc:88:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:276:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(service, domain);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:295:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(service, domain);
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:105:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (logfile, format, args);
data/squid-4.13/src/adaptation/Config.cc:303:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(nom, 64, "%s " SQUIDSTRINGPH, name, SQUIDSTRINGPRINT((*i)->groupId));
data/squid-4.13/src/anyp/Uri.cc:636:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), SQUIDSBUFPH, SQUIDSBUFPRINT(url));
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:107:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:107:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:426:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: Unknown search scope '%s'\n", value);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:436:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: -E unsupported with this LDAP library\n");
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:456:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: Unknown alias dereference method '%s'\n", value);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:509:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: Unknown command line option '%c'\n", option);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:573:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: TLS (-Z) not supported on this platform.\n");
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:692:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": WARNING, could not bind to binddn '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:697:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(filter, sizeof(filter), searchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:707:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": WARNING, LDAP search error '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:711:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": WARNING, SSL error %d (%s)\n", sslerr, ldapssl_err2string(sslerr));
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:726:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR, could not get user DN for '%s'\n", userid);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:780:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Can not read secret file %s\n", filename);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:784:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Secret file %s is empty\n", filename);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:796:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:799:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(passwd, buf);
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:129:28: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
(crypted = crypt(passwd, salted)) && stored_pass == crypted) {
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:134:47: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (passwordLength <= 8 && (crypted = crypt(passwd, salted)) && stored_pass == crypted) {
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:138:46: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (passwordLength > 8 && (crypted = crypt(passwd, salted)) && stored_pass == crypted) {
data/squid-4.13/src/auth/basic/NIS/basic_nis_auth.cc:81:24: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if ((crypted = crypt(passwd, nispasswd)) && strcmp(nispasswd, crypted) == 0) {
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:236:19: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
srv = sscanf(line, "server %s", server);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:238:19: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
crt = sscanf(line, "secret %s", secretkey);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:240:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "identifier %s", identifier);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:242:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "service %s", svc_name);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:244:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "port %s", svc_name);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:349:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) md5buf, secretkey);
data/squid-4.13/src/auth/basic/SMB/basic_smb_auth.cc:218:18: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((p = popen(shcmd, "w")) == NULL) {
data/squid-4.13/src/auth/basic/SMB_LM/msntauth.cc:142:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
n = sscanf(wstr, "%s %[^\n]", username, password);
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:158:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(wstr, "%s %s", username, password); /* Extract parameters */
data/squid-4.13/src/auth/basic/SSPI/valid.cc:145:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(User, NTDomain);
data/squid-4.13/src/auth/basic/SSPI/valid.cc:146:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(NTDomain, Default_NTDomain);
data/squid-4.13/src/auth/basic/SSPI/valid.cc:148:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(User, domain_qualify + 1);
data/squid-4.13/src/auth/basic/SSPI/valid.cc:159:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DomainUser, User);
data/squid-4.13/src/auth/basic/SSPI/valid.cc:161:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DomainUser, NTDomain);
data/squid-4.13/src/auth/basic/SSPI/valid.cc:163:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(DomainUser, User);
data/squid-4.13/src/auth/basic/SSPI/valid.h:88:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,X); }
data/squid-4.13/src/auth/basic/SSPI/valid.h:98:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/src/auth/basic/getpwnam/basic_getpwnam_auth.cc:62:25: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypted = crypt(passwd, pwd->pw_passwd);
data/squid-4.13/src/auth/basic/getpwnam/basic_getpwnam_auth.cc:80:25: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
char *crypted = crypt(passwd, pwd->sp_pwdp);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:22:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:22:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:215:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(filter, sizeof(filter), usersearchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:228:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, LDAP search error '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:232:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": WARNING, SSL error %d (%s)\n", sslerr, ldapssl_err2string(sslerr));
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:235:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, LDAP search error, trying to recover'%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:290:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, LDAP error '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:320:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: TLS (-Z) not supported on this platform.\n");
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:390:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, could not bind to binddn '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:475:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown search scope '%s'\n", value);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:485:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: -E unsupported with this LDAP library\n");
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:505:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown alias dereference method '%s'\n", value);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:558:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown command line option '%c'\n", option);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:626:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Can not read secret file %s\n", filename);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:630:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Secret file %s is empty\n", filename);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:642:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:38:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:38:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:20:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:20:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:217:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(filter, sizeof(filter), usersearchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:230:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, LDAP search error '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:234:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": WARNING, SSL error %d (%s)\n", sslerr, ldapssl_err2string(sslerr));
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:237:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, LDAP search error, trying to recover'%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:316:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, LDAP error '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:346:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME ": ERROR: TLS (-Z) not supported on this platform.\n");
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:414:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " WARNING, could not bind to binddn '%s'\n", ldap_err2string(rc));
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:498:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown search scope '%s'\n", value);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:508:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: -E unsupported with this LDAP library\n");
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:528:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown alias dereference method '%s'\n", value);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:584:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown command line option '%c'\n", option);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:652:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Can not read secret file %s\n", filename);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:656:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: Secret file %s is empty\n", filename);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:668:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:68:53: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:70:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:71:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:74:59: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:75:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND3(X,Y,Z) debug("sending '" X "' to squid\n",Y,Z); printf(X "\n",Y,Z);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:418:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(ktp, R_OK)) {
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:450:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(rcache_dir, W_OK)) {
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:516:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rcache_type_env, rcache_type);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:525:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rcache_dir_env, rcache_dir);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:534:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(keytab_name_env, keytab_name);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:567:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(memory_keytab_name_env, memory_keytab_name);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:124:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(src,dst);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:136:20: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
return strcat(src,dst);
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:238:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff,tbuff);
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:374:9: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(kargs[0], kargs);
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:410:9: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(nargs[0], nargs);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:57:53: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:59:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:60:62: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:63:15: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND2 printf
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:64:15: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND3 printf
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:410:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d, argv[j]);
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:55:54: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND(X) {debug("sending '%s' to squid\n",X); printf(X "\n");}
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:57:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND2(X,Y...) {debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);}
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:58:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND3(X,Y...) {debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);}
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:59:63: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND4(X,Y...) {debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);}
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:62:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND2(X,Y) {debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);}
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:63:64: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND3(X,Y,Z) {debug("sending '" X "' to squid\n",Y,Z); printf(X "\n",Y,Z);}
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:64:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define SEND4(X,Y,Z,W) {debug("sending '" X "' to squid\n",Y,Z,W); printf(X "\n",Y,Z,W);}
data/squid-4.13/src/cache_cf.cc:241:56: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void parse_on_unsupported_protocol(acl_access **access);
data/squid-4.13/src/cache_cf.cc:242:91: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void dump_on_unsupported_protocol(StoreEntry *entry, const char *name, acl_access *access);
data/squid-4.13/src/cache_cf.cc:243:55: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
static void free_on_unsupported_protocol(acl_access **access);
data/squid-4.13/src/cache_cf.cc:431:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen(file_name + 1, "r");
data/squid-4.13/src/cache_cf.cc:507:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp_line + tmp_line_len, append);
data/squid-4.13/src/cache_cf.cc:1852:33: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ParseAclWithAction(acl_access **access, const allow_t &action, const char *desc, ACL *acl = nullptr)
data/squid-4.13/src/cache_cf.cc:1854:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
assert(access);
data/squid-4.13/src/cache_cf.cc:1856:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!*access) {
data/squid-4.13/src/cache_cf.cc:1859:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(*access)->context(name.c_str(), config_input_line);
data/squid-4.13/src/cache_cf.cc:1865:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(*access)->add(rule, action);
data/squid-4.13/src/cache_cf.cc:1991:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (p->access) {
data/squid-4.13/src/cache_cf.cc:1993:46: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
dump_acl_access(entry, xname, p->access);
data/squid-4.13/src/cache_cf.cc:2431:61: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
aclParseAccessLine(directive.c_str(), LegacyParser, &p->access);
data/squid-4.13/src/cache_cf.cc:4914:44: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
parse_on_unsupported_protocol(acl_access **access)
data/squid-4.13/src/cache_cf.cc:4934:24: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ParseAclWithAction(access, action, "on_unsupported_protocol");
data/squid-4.13/src/cache_cf.cc:4938:79: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
dump_on_unsupported_protocol(StoreEntry *entry, const char *name, acl_access *access)
data/squid-4.13/src/cache_cf.cc:4945:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access) {
data/squid-4.13/src/cache_cf.cc:4954:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
free_on_unsupported_protocol(acl_access **access)
data/squid-4.13/src/cache_cf.cc:4956:21: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
free_acl_access(access);
data/squid-4.13/src/cache_manager.cc:173:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
t = sscanf(url, "cache_object://%[^/]/%[^@?]%n@%[^?]?%s", host, request, &pos, password, params);
data/squid-4.13/src/cache_manager.cc:175:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
t = sscanf(url, "cache_object://%[^/]/%[^?]%n?%s", host, request, &pos, params);
data/squid-4.13/src/cache_manager.cc:178:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
t = sscanf(url, "http://%[^/]/squid-internal-mgr/%[^?]%n?%s", host, request, &pos, params);
data/squid-4.13/src/cache_manager.cc:181:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
t = sscanf(url, "https://%[^/]/squid-internal-mgr/%[^?]%n?%s", host, request, &pos, params);
data/squid-4.13/src/client_side.cc:1163:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(uri, url_sz, SQUIDSBUFPH "://" SQUIDSBUFPH SQUIDSBUFPH, SQUIDSBUFPRINT(scheme), SQUIDSBUFPRINT(host), SQUIDSBUFPRINT(url));
data/squid-4.13/src/client_side.cc:1176:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(uri, url_sz, SQUIDSBUFPH "://%s%s" SQUIDSBUFPH,
data/squid-4.13/src/client_side.cc:1187:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(uri, url_sz, SQUIDSBUFPH "://%s:%d" SQUIDSBUFPH,
data/squid-4.13/src/client_side.cc:1205:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(uri, url_sz, SQUIDSBUFPH "://%s" SQUIDSBUFPH,
data/squid-4.13/src/client_side.cc:1235:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(uri, url_sz, SQUIDSBUFPH "://" SQUIDSBUFPH ":%d" SQUIDSBUFPH,
data/squid-4.13/src/client_side.cc:1262:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(uri, url_sz, SQUIDSBUFPH "://%s:%d" SQUIDSBUFPH,
data/squid-4.13/src/client_side.cc:2470:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (pools[pool].access) {
data/squid-4.13/src/client_side.cc:2471:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ch.changeAcl(pools[pool].access);
data/squid-4.13/src/client_side_reply.cc:1434:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(age, sizeof(age), "%" PRId64, static_cast<int64_t>(squid_curtime - http->storeEntry()->timestamp));
data/squid-4.13/src/client_side_request.cc:347:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(http->uri, url); // XXX: polluting http->uri before parser validation
data/squid-4.13/src/clients/FtpGateway.cc:2665:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, 4096, fmt, args);
data/squid-4.13/src/debug.cc:193:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(debug_log, format, args);
data/squid-4.13/src/debug.cc:206:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/src/debug.cc:226:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(tmpbuf, BUFSIZ, format, args);
data/squid-4.13/src/dns_internal.cc:624:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newkeyname, REG_TCPIP_PARA_INTERFACES);
data/squid-4.13/src/dns_internal.cc:626:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newkeyname, keyname);
data/squid-4.13/src/dns_internal.cc:1260:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->name, q->orig);
data/squid-4.13/src/dns_internal.cc:1266:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(q->name, searchpath[q->domain].domain);
data/squid-4.13/src/dns_internal.cc:1767:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->orig, name);
data/squid-4.13/src/dns_internal.cc:1768:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->name, q->orig);
data/squid-4.13/src/dns_internal.cc:1773:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(q->name, searchpath[q->domain].domain);
data/squid-4.13/src/fatal.cc:62:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(fatal_str, sizeof(fatal_str), fmt, args);
data/squid-4.13/src/ipc.cc:416:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(prog, (char *const *) args);
data/squid-4.13/src/ipc_win32.cc:388:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1, params->prog);
data/squid-4.13/src/ipc_win32.cc:560:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf1 + 4096, params->prog);
data/squid-4.13/src/ipc_win32.cc:564:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf1, str);
data/squid-4.13/src/ipc_win32.cc:571:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf1, args[x]);
data/squid-4.13/src/log/File.cc:120:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
s = vsnprintf(buf, 8192, fmt, args);
data/squid-4.13/src/main.cc:1772:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(script, squid_start_script, (char *)NULL);
data/squid-4.13/src/main.cc:2010:23: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
(void)execvp(masterCommand.arg0(), kidCommand.argv());
data/squid-4.13/src/mime.cc:374:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (snprintf(path, sizeof(path)-1, "%s/" SQUIDSBUFPH, Config.icons.directory, SQUIDSBUFPRINT(icon_)) < 0) {
data/squid-4.13/src/neighbors.cc:167:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ACLFilledChecklist checklist(p->access, request, NULL);
data/squid-4.13/src/sbuf/SBuf.cc:262:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
sz = vsnprintf(space, spaceSize(), fmt, ap);
data/squid-4.13/src/sbuf/SBuf.cc:275:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
sz = vsnprintf(space, spaceSize(), fmt, vargs);
data/squid-4.13/src/send-announce.cc:62:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sndbuf, tbuf);
data/squid-4.13/src/send-announce.cc:68:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sndbuf, tbuf);
data/squid-4.13/src/send-announce.cc:72:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sndbuf, tbuf);
data/squid-4.13/src/send-announce.cc:78:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(sndbuf, tbuf);
data/squid-4.13/src/ssl/support.cc:70:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
in = popen(cmdline, "r");
data/squid-4.13/src/store.cc:878:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if ((x = vsnprintf(buf, sizeof(buf), fmt, ap)) < 0) {
data/squid-4.13/src/store.cc:891:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int y = vsnprintf(buf2, x+1, fmt, vargs);
data/squid-4.13/src/tests/stub_debug.cc:94:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/src/tests/testRock.cc:57:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (0 > system ("rm -rf " TESTDIR))
data/squid-4.13/src/tests/testRock.cc:114:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (0 > system ("rm -rf " TESTDIR))
data/squid-4.13/src/tests/testSBuf.cc:422:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rb,fox2);
data/squid-4.13/src/tests/testUfs.cc:92:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (0 > system ("rm -rf " TESTDIR))
data/squid-4.13/src/tests/testUfs.cc:213:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (0 > system ("rm -rf " TESTDIR))
data/squid-4.13/src/tests/testUfs.cc:224:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (0 > system ("rm -rf " TESTDIR))
data/squid-4.13/src/tests/testUfs.cc:253:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (0 > system ("rm -rf " TESTDIR))
data/squid-4.13/src/tools.cc:100:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(msg, 1024, DEAD_MSG, version_string, version_string);
data/squid-4.13/src/tools.cc:148:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(command)) {} /* XXX should avoid system(3) */
data/squid-4.13/src/urn.cc:140:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(local_urlres, 4096, "http://%s/uri-res/N2L?" SQUIDSBUFPH, host, SQUIDSBUFPRINT(query));
data/squid-4.13/src/whois.cc:72:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, l, SQUIDSBUFPH "\r\n", SQUIDSBUFPRINT(str_print));
data/squid-4.13/test-suite/membanger.c:153:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mi->orig_ptr, p);
data/squid-4.13/test-suite/membanger.c:174:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mi->orig_ptr, p);
data/squid-4.13/test-suite/membanger.c:186:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(abuf, p);
data/squid-4.13/test-suite/membanger.c:200:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mi->orig_ptr, abuf);
data/squid-4.13/test-suite/stub_debug.cc:94:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/test-suite/tcp-banger2.c:318:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbuf, urlin);
data/squid-4.13/test-suite/tcp-banger2.c:339:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r->method, method);
data/squid-4.13/test-suite/tcp-banger2.c:340:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r->requestbodyfile, file);
data/squid-4.13/test-suite/tcp-banger2.c:361:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, buf);
data/squid-4.13/test-suite/tcp-banger2.c:368:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, buf);
data/squid-4.13/test-suite/tcp-banger2.c:378:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, buf);
data/squid-4.13/test-suite/tcp-banger2.c:399:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, buf);
data/squid-4.13/test-suite/tcp-banger2.c:404:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, custom_header);
data/squid-4.13/test-suite/tcp-banger2.c:528:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(custom_header, optarg);
data/squid-4.13/tools/MemBuf.cc:278:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
sz = vsnprintf(buf + size, free_space, fmt, ap);
data/squid-4.13/tools/purge/copyout.cc:138:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( filename, copydir );
data/squid-4.13/tools/purge/copyout.cc:141:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( filename, ptr+3 );
data/squid-4.13/tools/purge/copyout.cc:147:48: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if ( filename[strlen(filename)-1] == '/' ) strcat( filename, index );
data/squid-4.13/tools/purge/purge.cc:226:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( result, start );
data/squid-4.13/tools/purge/purge.cc:228:50: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
while ( (s=va_arg(ap,const char*)) != NULL ) strcat( result, s );
data/squid-4.13/tools/purge/purge.cc:342:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf( buffer, bufsize, schablone, url );
data/squid-4.13/tools/squidclient/squidclient.cc:202:20: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
password = getpass((destination + " password: ").c_str());
data/squid-4.13/tools/squidclient/stub_debug.cc:94:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/tools/stub_debug.cc:94:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/squid-4.13/compat/mswindows.cc:53:1: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
chroot(const char *dirname)
data/squid-4.13/compat/os/mswindows.h:111:9: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
#define tempnam _tempnam
data/squid-4.13/compat/os/mswindows.h:898:18: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
SQUIDCEXTERN int chroot(const char *dirname);
data/squid-4.13/compat/tempnam.c:119:1: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
tempnam(const char *dir, const char *pfx)
data/squid-4.13/compat/tempnam.c:130:17: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
while ((t = tempnam(NULL, NULL))) {
data/squid-4.13/compat/tempnam.h:31:14: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
extern char *tempnam(const char *, const char *);
data/squid-4.13/include/snmp_api_util.h:88:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random rand
data/squid-4.13/include/snmp_api_util.h:89:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom srand
data/squid-4.13/include/snmp_api_util.h:89:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom srand
data/squid-4.13/lib/getopt.c:62:1: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt(nargc, nargv, ostr)
data/squid-4.13/lib/sspwin32.cc:111:15: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary(lpszDLL);
data/squid-4.13/libltdl/loaders/loadlibrary.c:199:14: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
module = LoadLibrary (wpath);
data/squid-4.13/libltdl/ltdl.c:1361:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
search_path = getenv (LTDL_SEARCHPATH_VAR);
data/squid-4.13/libltdl/ltdl.c:1369:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
search_path = getenv (LT_MODULE_PATH_VAR);
data/squid-4.13/libltdl/ltdl.c:1469:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
&& !find_handle (getenv (LTDL_SEARCHPATH_VAR), base_name,
data/squid-4.13/libltdl/ltdl.c:1472:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
&& !find_handle (getenv (LT_MODULE_PATH_VAR), base_name,
data/squid-4.13/libltdl/ltdl.c:1925:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
is_done = foreach_dirinpath (getenv(LTDL_SEARCHPATH_VAR), 0,
data/squid-4.13/libltdl/ltdl.c:1932:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
is_done = foreach_dirinpath (getenv(LT_MODULE_PATH_VAR), 0,
data/squid-4.13/src/CommandLine.cc:103:13: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
optId = getopt_long(argc(), argv(), shortOptions_, longOptions(), nullptr);
data/squid-4.13/src/WinSvc.cc:425:26: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
IPHLPAPIHandle = LoadLibrary("IPHLPAPI");
data/squid-4.13/src/acl/Random.cc:74:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/squid-4.13/src/acl/Random.cc:115:93: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
debugs(28, 3, "ACL Random: " << name << " " << pattern << " test: " << data << " > " << random << " = " << ((data > random)?"MATCH":"NO MATCH") );
data/squid-4.13/src/acl/Random.cc:115:121: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
debugs(28, 3, "ACL Random: " << name << " " << pattern << " test: " << data << " > " << random << " = " << ((data > random)?"MATCH":"NO MATCH") );
data/squid-4.13/src/acl/Random.cc:116:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return (data > random)?1:0;
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:739:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "D:Gcdh"))) {
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:475:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "D:GPcdh"))) {
data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc:230:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "df:h")) != -1) {
data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc:207:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "diasng:D:N:P:S:u:U:t:T:p:l:b:m:h"))) {
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:554:34: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ssl_cacertfile = xstrdup(getenv("TLS_CACERTFILE"));
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:576:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ssl_cacertdir = xstrdup(getenv("TLS_CACERTDIR"));
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:622:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ssl_certdbpath = getenv("SSL_CERTDBPATH");
data/squid-4.13/src/acl/external/session/ext_session_acl.cc:168:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "t:T:b:a?")) != -1) {
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:416:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "dp:l:b:h")) != -1) {
data/squid-4.13/src/acl/external/unix_group/check_group.cc:159:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "dsrpg:")) != -1) {
data/squid-4.13/src/auth/basic/PAM/basic_pam_auth.cc:178:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int ch = getopt(argc, argv, "1n:t:or");
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:482:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "h:p:f:w:i:t:")) != -1) {
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:80:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "dhA:D:O:"))) {
data/squid-4.13/src/auth/basic/fake/fake.cc:73:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "hd"))) {
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:104:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "hdv"))) {
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:376:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "dirs:k:c:t:"))) {
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:537:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
keytab_name_env = getenv("KRB5_KTNAME");
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:383:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "bfld"))) {
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:381:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "hdvA:D:"))) {
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:97:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "hdvS"))) {
data/squid-4.13/src/debug.cc:147:17: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(dbg_mutex);
data/squid-4.13/src/debug.cc:151:5: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(dbg_mutex);
data/squid-4.13/src/http/url_rewriters/fake/fake.cc:73:25: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (opt = getopt(argc, argv, "hd"))) {
data/squid-4.13/src/icmp/pinger.cc:124:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((t = getenv("SQUID_DEBUG")))
data/squid-4.13/src/log/ModStdio.cc:111:12: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
assert(realpath);
data/squid-4.13/src/log/ModStdio.cc:115:14: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (stat(realpath, &sb) == 0)
data/squid-4.13/src/log/ModStdio.cc:123:19: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
SBuf basePath(realpath);
data/squid-4.13/src/log/ModStdio.cc:148:24: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
ll->fd = file_open(realpath, O_WRONLY | O_CREAT | O_TEXT);
data/squid-4.13/src/main.cc:1107:13: [3] (misc) chroot:
chroot can be very helpful, but is hard to use correctly (CWE-250, CWE-22).
Make sure the program immediately chdir("/"), closes file descriptors, and
drops root privileges, and that all necessary files (and no more!) are in
the new root.
if (chroot(Config.chroot_dir) != 0) {
data/squid-4.13/src/mem/Pool.cc:87:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *cfg = getenv("MEMPOOLS");
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:258:21: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dchvs:M:b:")) != -1) {
data/squid-4.13/src/tools.cc:130:21: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((filename = tempnam(NULL, APP_SHORTNAME)) == NULL ||
data/squid-4.13/test-suite/membanger.c:97:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "f:i:M:l:m:r:N")) != -1) {
data/squid-4.13/test-suite/membanger.c:131:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
argv[0], getenv("USER"), argv[0]);
data/squid-4.13/test-suite/tcp-banger2.c:365:21: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (opt_ims && (lrand48() & 0x03) == 0) {
data/squid-4.13/test-suite/tcp-banger2.c:366:27: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
w = time(NULL) - (lrand48() & 0x3FFFF);
data/squid-4.13/test-suite/tcp-banger2.c:380:23: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (opt_range && (lrand48() & 0x03) == 0) {
data/squid-4.13/test-suite/tcp-banger2.c:384:30: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
while (((len = (int) lrand48()) & 0x03) == 0 || !count) {
data/squid-4.13/test-suite/tcp-banger2.c:385:38: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
const int offset = (int) lrand48();
data/squid-4.13/test-suite/tcp-banger2.c:388:21: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
switch (lrand48() & 0x03) {
data/squid-4.13/test-suite/tcp-banger2.c:492:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ap:h:H:n:icrl:L:t:")) != -1) {
data/squid-4.13/tools/cachemgr.cc:592:21: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
char *tmpfile = tempnam(NULL, "tmp0000");
data/squid-4.13/tools/cachemgr.cc:909:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("SCRIPT_NAME")) != NULL)
data/squid-4.13/tools/cachemgr.cc:947:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("REQUEST_METHOD")) == NULL)
data/squid-4.13/tools/cachemgr.cc:953:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("CONTENT_LENGTH")) == NULL)
data/squid-4.13/tools/cachemgr.cc:993:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((s = getenv("QUERY_STRING")) == NULL)
data/squid-4.13/tools/purge/purge.cc:645:23: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ( (option = getopt( argc, argv, "ac:C:d:E:e:F:f:Hnp:P:sv" )) != -1 ) {
data/squid-4.13/tools/squidclient/Ping.cc:185:17: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, shortOpStr, pingOptions, &optIndex)) != -1) {
data/squid-4.13/tools/squidclient/Transport.cc:127:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
} while ((c = getopt_long(argc, argv, shortOpStr, longOptions, &optIndex)) != -1);
data/squid-4.13/tools/squidclient/squidclient.cc:282:21: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt_long(argc, argv, shortOpStr, basicOptions, &optIndex)) != -1) {
data/squid-4.13/compat/GnuRegex.c:72:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char re_syntax_table[CHAR_SET_SIZE];
data/squid-4.13/compat/GnuRegex.c:210:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (destination, source, osize), \
data/squid-4.13/compat/GnuRegex.c:1296:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[CHAR_CLASS_MAX_LENGTH + 1];
data/squid-4.13/compat/GnuRegex.c:1992:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
range_start = ((unsigned char *) p)[-2];
data/squid-4.13/compat/GnuRegex.c:1993:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
range_end = ((unsigned char *) p)[0];
data/squid-4.13/compat/cmsg.h:39:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmsg_data[16]; /* dummy */
data/squid-4.13/compat/cmsg.h:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sun_path[256]; /* pathname */
data/squid-4.13/compat/compat_shared.h:238:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d,s,n) bcopy((s),(d),(n))
data/squid-4.13/compat/compat_shared.h:238:23: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d,s,n) bcopy((s),(d),(n))
data/squid-4.13/compat/compat_shared.h:240:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d,s,n) memmove((d),(s),(n))
data/squid-4.13/compat/compat_shared.h:245:24: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove(d,s,n) bcopy((s),(d),(n))
data/squid-4.13/compat/getaddrinfo.cc:89:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret, info, sizeof (struct addrinfo));
data/squid-4.13/compat/getaddrinfo.cc:95:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret->ai_addr, addr, addrlen);
data/squid-4.13/compat/getaddrinfo.cc:247:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&((struct sockaddr_in *) &sa)->sin_addr,
data/squid-4.13/compat/getaddrinfo.cc:256:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&((struct sockaddr_in6 *) &sa)->sin6_addr,
data/squid-4.13/compat/getnameinfo.cc:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numserv[512];
data/squid-4.13/compat/getnameinfo.cc:346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numaddr[512];
data/squid-4.13/compat/getnameinfo.cc:357:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonebuf[SQUIDHOSTNAMELEN];
data/squid-4.13/compat/getnameinfo.cc:369:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(host + numaddrlen + 1, zonebuf,
data/squid-4.13/compat/inet_ntop.cc:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof("255.255.255.255")+1];
data/squid-4.13/compat/inet_ntop.cc:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"], *tp;
data/squid-4.13/compat/inet_pton.cc:169:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_INADDRSZ);
data/squid-4.13/compat/inet_pton.cc:268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_IN6ADDRSZ);
data/squid-4.13/compat/mswindows.cc:64:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ProcessName, "unknown");
data/squid-4.13/compat/mswindows.cc:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MyProcessName[MAX_PATH];
data/squid-4.13/compat/mswindows.cc:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ProcessNameToCheck[MAX_PATH];
data/squid-4.13/compat/mswindows.cc:165:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pathname, O_RDWR);
data/squid-4.13/compat/os/mswindows.h:441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_so_type[sizeof(int)];
data/squid-4.13/compat/os/mswindows.h:469:1: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(const char *filename, int oflag, int pmode = 0)
data/squid-4.13/compat/os/mswindows.h:478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_so_type[sizeof(int)];
data/squid-4.13/compat/os/mswindows.h:491:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l_so_type[sizeof(int)];
data/squid-4.13/compat/os/mswindows.h:862:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define open _open /* Needed in win32lib.c */
data/squid-4.13/compat/statvfs.cc:25:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drive[4];
data/squid-4.13/compat/stdio.h:37:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#if defined(fopen)
data/squid-4.13/compat/stdio.h:38:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef fopen
data/squid-4.13/compat/stdio.h:39:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inline FILE * fopen(const char *f, const char *m) { return fopen64(f,m); }
data/squid-4.13/compat/stdio.h:49:13: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
#if defined(tmpfile)
data/squid-4.13/compat/stdio.h:50:8: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
#undef tmpfile
data/squid-4.13/compat/stdio.h:51:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
inline FILE * tmpfile(void) { return tmpfile64(); }
data/squid-4.13/compat/tempnam.c:69:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[L_tmpnam + 1];
data/squid-4.13/compat/xalloc.cc:67:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&malloc_histo, &malloc_sizes, sizeof(malloc_sizes));
data/squid-4.13/compat/xalloc.cc:88:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[128];
data/squid-4.13/compat/xalloc.cc:119:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[128];
data/squid-4.13/compat/xalloc.cc:150:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[128];
data/squid-4.13/compat/xstrerror.cc:85:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char xstrerror_buf[BUFSIZ];
data/squid-4.13/compat/xstring.cc:31:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, s, sz);
data/squid-4.13/include/parse.h:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[64]; /* This node's textual name */
data/squid-4.13/include/rfc2617.h:31:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char HASH[HASHLEN];
data/squid-4.13/include/rfc2617.h:33:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char HASHHEX[HASHHEXLEN + 1];
data/squid-4.13/lib/base64.c:56:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const signed char base64_decode_table[0x100] =
data/squid-4.13/lib/base64.c:211:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char base64_encode_table[64] =
data/squid-4.13/lib/encrypt.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char schluessel[16][KS];
data/squid-4.13/lib/encrypt.c:92:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char E[KS];
data/squid-4.13/lib/encrypt.c:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[KS];
data/squid-4.13/lib/encrypt.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*schl)[KS] = decr ? schluessel + 15 : schluessel;
data/squid-4.13/lib/encrypt.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[BS];
data/squid-4.13/lib/encrypt.c:215:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[IS];
data/squid-4.13/lib/encrypt.c:221:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(E, E0, KS);
data/squid-4.13/lib/encrypt.c:242:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retkey[14];
data/squid-4.13/lib/encrypt.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[BS + 2];
data/squid-4.13/lib/getfullhostname.c:38:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[RFC2181_MAXHOSTNAMELEN + 1];
data/squid-4.13/lib/heap.c:527:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nodes, heap->nodes, max * sizeof(heap_node *));
data/squid-4.13/lib/heap.c:557:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heap->nodes, nodes, max * sizeof(heap_node *));
data/squid-4.13/lib/html_quote.c:87:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dec_encoded[7];
data/squid-4.13/lib/md5.c:102:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *) ctx->in + 64 - t, buf, len);
data/squid-4.13/lib/md5.c:106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint8_t *) ctx->in + 64 - t, buf, t);
data/squid-4.13/lib/md5.c:114:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, 64);
data/squid-4.13/lib/md5.c:122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, len);
data/squid-4.13/lib/md5.c:130:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
SquidMD5Final(unsigned char digest[16], struct SquidMD5Context *ctx)
data/squid-4.13/lib/md5.c:157:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, ctx->buf, 16);
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:99:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[NTLM_MAX_FIELD_LENGTH];
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(payload + l, toadd, toadd_length);
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:206:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->hdr.signature, "NTLMSSP", 8); /* set the signature */
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:217:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ch->challenge, challenge_nonce, challenge_nonce_len);
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:255:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(domain, rv.str, rv.l);
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:266:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user, rv.str, rv.l);
data/squid-4.13/lib/ntlmauth/ntlmauth.h:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[8]; /**< "NTLMSSP" */
data/squid-4.13/lib/ntlmauth/ntlmauth.h:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[256]; /**< String data */
data/squid-4.13/lib/ntlmauth/ntlmauth.h:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[256]; /**< String data */
data/squid-4.13/lib/ntlmauth/ntlmauth.h:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[256 * 6]; /**< String data */
data/squid-4.13/lib/radix.c:453:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addmask_key + 1, rn_ones + 1, skip - 1);
data/squid-4.13/lib/radix.c:455:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addmask_key + skip, netmask + skip, mlen - skip);
data/squid-4.13/lib/radix.c:480:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, addmask_key, mlen);
data/squid-4.13/lib/rfc1123.c:32:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *month_names[12] = {
data/squid-4.13/lib/rfc1123.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[3];
data/squid-4.13/lib/rfc1123.c:87:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tm.tm_mday = atoi(day);
data/squid-4.13/lib/rfc1123.c:91:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tm.tm_year = atoi(year);
data/squid-4.13/lib/rfc1123.c:103:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tm.tm_min = atoi(t);
data/squid-4.13/lib/rfc1123.c:106:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tm.tm_sec = atoi(t + 1);
data/squid-4.13/lib/rfc1123.c:113:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[64];
data/squid-4.13/lib/rfc1123.c:204:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/lib/rfcnb/byteorder.h:49:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define CVAL(buf,pos) (((unsigned char *)(buf))[pos])
data/squid-4.13/lib/rfcnb/rfcnb-io.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100]; /* Read into here */
data/squid-4.13/lib/rfcnb/rfcnb-io.c:280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[RFCNB_Pkt_Hdr_Len]; /* Local space for the header */
data/squid-4.13/lib/rfcnb/rfcnb-io.c:351:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkt->data, hdr, read_len); /*Copy data */
data/squid-4.13/lib/rfcnb/rfcnb-io.c:370:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pkt->data, hdr, sizeof(hdr));
data/squid-4.13/lib/rfcnb/rfcnb-priv.h:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char RFCNB_Hdr[4]; /* The header is 4 bytes long with */
data/squid-4.13/lib/rfcnb/rfcnb-priv.h:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char called_name[33];
data/squid-4.13/lib/rfcnb/rfcnb-priv.h:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char calling_name[33];
data/squid-4.13/lib/rfcnb/rfcnb-util.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c1, c2, outbuf1[33];
data/squid-4.13/lib/rfcnb/rfcnb-util.c:157:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Hex_List[17] = "0123456789ABCDEF";
data/squid-4.13/lib/rfcnb/rfcnb-util.c:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[17];
data/squid-4.13/lib/rfcnb/rfcnb-util.c:357:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) Dest_IP, (void *) hp->h_addr_list[0], sizeof(struct in_addr));
data/squid-4.13/lib/rfcnb/rfcnb-util.c:362:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) Dest_IP, (void *) &addr, sizeof(struct in_addr));
data/squid-4.13/lib/rfcnb/rfcnb-util.c:398:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &Socket.sin_addr, (char *) &Dest_IP, sizeof(Dest_IP));
data/squid-4.13/lib/rfcnb/rfcnb-util.c:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resp[16];
data/squid-4.13/lib/rfcnb/rfcnb-util.c:519:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Dest_IP, (resp + RFCNB_Pkt_IP_Offset), sizeof(struct in_addr));
data/squid-4.13/lib/rfcnb/session.c:123:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &(redir_addr->ip_addr), (char *) &Dest_IP, sizeof(Dest_IP));
data/squid-4.13/lib/smblib/md4.c:178:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[128];
data/squid-4.13/lib/smblib/md4.c:197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, in, n);
data/squid-4.13/lib/smblib/smbdes.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[64];
data/squid-4.13/lib/smblib/smbdes.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pk1[56];
data/squid-4.13/lib/smblib/smbdes.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[28];
data/squid-4.13/lib/smblib/smbdes.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[28];
data/squid-4.13/lib/smblib/smbdes.c:224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd[56];
data/squid-4.13/lib/smblib/smbdes.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ki[16][48];
data/squid-4.13/lib/smblib/smbdes.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pd1[64];
data/squid-4.13/lib/smblib/smbdes.c:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l[32], r[32];
data/squid-4.13/lib/smblib/smbdes.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rl[64];
data/squid-4.13/lib/smblib/smbdes.c:253:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char er[48];
data/squid-4.13/lib/smblib/smbdes.c:254:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char erk[48];
data/squid-4.13/lib/smblib/smbdes.c:255:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[8][6];
data/squid-4.13/lib/smblib/smbdes.c:256:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cb[32];
data/squid-4.13/lib/smblib/smbdes.c:257:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcb[32];
data/squid-4.13/lib/smblib/smbdes.c:258:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char r2[32];
data/squid-4.13/lib/smblib/smbdes.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outb[64];
data/squid-4.13/lib/smblib/smbdes.c:320:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inb[64];
data/squid-4.13/lib/smblib/smbdes.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyb[64];
data/squid-4.13/lib/smblib/smbdes.c:322:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key2[8];
data/squid-4.13/lib/smblib/smbdes.c:347:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
data/squid-4.13/lib/smblib/smbdes.c:363:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/squid-4.13/lib/smblib/smbdes.c:372:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/squid-4.13/lib/smblib/smbdes.c:373:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char key2[8];
data/squid-4.13/lib/smblib/smbencrypt.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passwd[130];
data/squid-4.13/lib/smblib/smblib-common.h:195:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resume_key[21]; /* Don't touch this */
data/squid-4.13/lib/smblib/smblib-common.h:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13]; /* The name of the file */
data/squid-4.13/lib/smblib/smblib-common.h:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[129];
data/squid-4.13/lib/smblib/smblib-common.h:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_type[20];
data/squid-4.13/lib/smblib/smblib-common.h:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service[80], username[80], password[80], desthost[80], sock_options[80];
data/squid-4.13/lib/smblib/smblib-common.h:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[80], myname[80];
data/squid-4.13/lib/smblib/smblib-common.h:253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Encrypt_Key[80], Domain[80], PDomain[80], OSName[80], LMType[40];
data/squid-4.13/lib/smblib/smblib-common.h:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Svr_OS[80], Svr_LMType[80], Svr_PDom[80];
data/squid-4.13/lib/smblib/smblib-priv.h:534:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256]; /* We should malloc this ... */
data/squid-4.13/lib/smblib/smblib-util.c:94:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char SMB_Time_Temp[48];
data/squid-4.13/lib/smblib/smblib-util.c:121:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char SMB_Attrib_Temp[128];
data/squid-4.13/lib/smblib/smblib-util.c:400:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Con_Handle->Encrypt_Key, p, 8);
data/squid-4.13/lib/smblib/smblib-util.c:423:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Con_Handle->Encrypt_Key, p, 8);
data/squid-4.13/lib/smblib/smblib-util.c:810:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prot_msg[1024];
data/squid-4.13/lib/smblib/smblib.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char called[80], calling[80], *address;
data/squid-4.13/lib/smblib/smblib.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80], called[80], calling[80];
data/squid-4.13/lib/smblib/smblib.c:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, pword[128];
data/squid-4.13/lib/smblib/smblib.c:353:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pword, PassWord, 24);
data/squid-4.13/lib/smblib/smblib.c:412:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pword, pass_len);
data/squid-4.13/lib/smblib/smblib.c:483:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, pword, pass_len);
data/squid-4.13/lib/snmplib/asn1.c:416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) string, (char *) bufp, (int) asn_length);
data/squid-4.13/lib/snmplib/asn1.c:455:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) data, (char *) string, strlength);
data/squid-4.13/lib/snmplib/asn1.c:593:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) (length), (char *) data + 1, (int) lengthbyte);
data/squid-4.13/lib/snmplib/asn1.c:823:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) data, (char *) buf, asnlength);
data/squid-4.13/lib/snmplib/asn1.c:937:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) string, (char *) bufp, (int) asn_length);
data/squid-4.13/lib/snmplib/asn1.c:978:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) data, (char *) string, strlength);
data/squid-4.13/lib/snmplib/mib.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], *to = buf;
data/squid-4.13/lib/snmplib/mib.c:268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/lib/snmplib/mib.c:307:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%u.", *objid++);
data/squid-4.13/lib/snmplib/parse.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[64]; /* This node's (unique) textual name */
data/squid-4.13/lib/snmplib/parse.c:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parent[64]; /* The parent's textual name */
data/squid-4.13/lib/snmplib/parse.c:444:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tp->label, "iso");
data/squid-4.13/lib/snmplib/parse.c:569:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[128];
data/squid-4.13/lib/snmplib/parse.c:595:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
SubOid->subid = atoi(token);
data/squid-4.13/lib/snmplib/parse.c:609:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
SubOid->subid = atoi(token);
data/squid-4.13/lib/snmplib/parse.c:650:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[64];
data/squid-4.13/lib/snmplib/parse.c:739:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[64];
data/squid-4.13/lib/snmplib/parse.c:761:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[64];
data/squid-4.13/lib/snmplib/parse.c:764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char syntax[64];
data/squid-4.13/lib/snmplib/parse.c:766:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nexttoken[64];
data/squid-4.13/lib/snmplib/parse.c:826:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ep->value = atoi(token);
data/squid-4.13/lib/snmplib/parse.c:996:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[64];
data/squid-4.13/lib/snmplib/parse.c:997:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/squid-4.13/lib/snmplib/parse.c:1088:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mbuf[256];
data/squid-4.13/lib/snmplib/parse.c:1091:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/squid-4.13/lib/snmplib/snmp_api_error.c:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *api_errors[17] = {
data/squid-4.13/lib/snmplib/snmp_error.c:40:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *error_string[25] = {
data/squid-4.13/lib/snmplib/snmp_pdu.c:159:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) Dest, (char *) Src, sizeof(struct snmp_pdu));
data/squid-4.13/lib/snmplib/snmp_pdu.c:526:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) PDU->enterprise, (char *) objid,
data/squid-4.13/lib/snmplib/snmp_vars.c:148:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) New->name, (char *) Name, Len * sizeof(oid));
data/squid-4.13/lib/snmplib/snmp_vars.c:186:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) Dest, (char *) Src, sizeof(struct variable_list));
data/squid-4.13/lib/snmplib/snmp_vars.c:198:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) Dest->name, (char *) Src->name,
data/squid-4.13/lib/snmplib/snmp_vars.c:214:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) Dest->val.string, (char *) Src->val.string, Src->val_len);
data/squid-4.13/lib/snmplib/snmp_vars.c:540:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) Var->val.objid, (char *) TmpBuf, Var->val_len);
data/squid-4.13/lib/snmplib/snmplib_debug.c:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/lib/sspwin32.cc:86:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR lpszDLL[MAX_PATH];
data/squid-4.13/lib/sspwin32.cc:473:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pClientBuf, PNegotiateBuf, NegotiateLen);
data/squid-4.13/lib/sspwin32.cc:494:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char encoded[8192];
data/squid-4.13/lib/sspwin32.cc:512:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pClientBuf, PAutenticateBuf, AutenticateLen);
data/squid-4.13/lib/sspwin32.cc:540:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pClientBuf, PNegotiateBuf, NegotiateLen);
data/squid-4.13/lib/sspwin32.cc:560:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char encoded[8192];
data/squid-4.13/lib/sspwin32.cc:576:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pClientBuf, PAutenticateBuf, AutenticateLen);
data/squid-4.13/lib/sspwin32.cc:595:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char encoded[8192];
data/squid-4.13/lib/util.c:81:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[24]; /* 2^64 = 18446744073709551616 */
data/squid-4.13/lib/util.c:90:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[24]; /* 2^64 = 18446744073709551616 */
data/squid-4.13/lib/util.c:130:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char GbBuf[32];
data/squid-4.13/libltdl/libltdl/lt__dirent.h:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[LT_FILENAME_MAX];
data/squid-4.13/libltdl/loaders/dyld.c:326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char saveError[256] = "Symbol not found";
data/squid-4.13/libltdl/loaders/loadlibrary.c:139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wpath[MAX_PATH];
data/squid-4.13/libltdl/lt__alloc.c:87:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy (newmem, mem, n);
data/squid-4.13/libltdl/lt__argz.c:69:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (argz + *pargz_len, buf, buf_len);
data/squid-4.13/libltdl/lt__argz.c:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (before, entry, entry_len);
data/squid-4.13/libltdl/lt__dirent.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_spec[LT_FILENAME_MAX];
data/squid-4.13/libltdl/lt_error.c:36:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char error_strings[LT_ERROR_MAX][LT_ERROR_LEN_MAX + 1] =
data/squid-4.13/libltdl/ltdl.c:756:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((*pfile = fopen (filename, LT_READTEXT_MODE)))
data/squid-4.13/libltdl/ltdl.c:1023:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, &str[1], (end - str) - 1);
data/squid-4.13/libltdl/ltdl.c:1383:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen (attempt, LT_READTEXT_MODE);
data/squid-4.13/libltdl/ltdl.c:2016:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lsym[LT_SYMBOL_LENGTH];
data/squid-4.13/libltdl/ltdl.c:2071:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(sym, "_LTX_");
data/squid-4.13/src/CacheDigest.cc:74:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cl->mask, mask, mask_size);
data/squid-4.13/src/CollapsedForwarding.cc:150:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open();
data/squid-4.13/src/CollapsedForwarding.cc:166:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void CollapsedForwardingRr::open()
data/squid-4.13/src/ConfigParser.cc:70:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char undoToken[CONFIG_LINE_LIMIT];
data/squid-4.13/src/ConfigParser.cc:91:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[CONFIG_LINE_LIMIT];
data/squid-4.13/src/ConfigParser.cc:113:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((wordFile = fopen(fn, "r")) == NULL) {
data/squid-4.13/src/ConfigParser.cc:536:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((wordFile = fopen(path, "r")) == NULL) {
data/squid-4.13/src/ConfigParser.h:174:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parseBuffer[CONFIG_LINE_LIMIT]; ///< Temporary buffer to store data to parse
data/squid-4.13/src/DiskIO/AIO/AIODiskFile.cc:55:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
AIODiskFile::open(int flags, mode_t, RefCount<IORequestor> callback)
data/squid-4.13/src/DiskIO/AIO/AIODiskFile.cc:82:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(flags, mode, callback);
data/squid-4.13/src/DiskIO/AIO/AIODiskFile.h:32:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t mode, RefCount<IORequestor> callback);
data/squid-4.13/src/DiskIO/Blocking/BlockingFile.cc:39:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
BlockingFile::open(int flags, mode_t, RefCount<IORequestor> callback)
data/squid-4.13/src/DiskIO/Blocking/BlockingFile.cc:65:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(flags, mode, callback);
data/squid-4.13/src/DiskIO/Blocking/BlockingFile.h:26:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t mode, RefCount<IORequestor> callback);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc:89:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data.open_ops = diskd_stats.open.ops;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc:90:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data.open_success = diskd_stats.open.success;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc:91:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data.open_fail = diskd_stats.open.fail;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:53:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DiskdFile::open(int flags, mode_t, RefCount<IORequestor> callback)
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:80:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
++diskd_stats.open.ops;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:251:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
++diskd_stats.open.fail;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:254:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
++diskd_stats.open.success;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:284:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sbuf, aRequest->buf, aRequest->len);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.h:31:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t aMode, RefCount<IORequestor> callback);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc:143:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[5];
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skey1[32];
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skey2[32];
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skey3[32];
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc:439:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
magic1 = atoi(value);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.cc:478:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
magic2 = atoi(value);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.h:116:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open, create, close, unlink, read, write;
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:61:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(buf, r->offset, 0600);
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[512];
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:319:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
key = atoi(argv[1]);
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:327:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
key = atoi(argv[2]);
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:335:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
key = atoi(argv[3]);
data/squid-4.13/src/DiskIO/DiskFile.h:44:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t mode, RefCount<IORequestor> callback) = 0;
data/squid-4.13/src/DiskIO/DiskThreads/CommIO.cc:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskFile.cc:43:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DiskThreadsDiskFile::open(int flags, mode_t mode, RefCount<IORequestor> callback)
data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskFile.h:26:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t mode, RefCount<IORequestor> callback);
data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc:575:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(requestp->statp, requestp->tmpstatp, sizeof(struct stat));
data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc:671:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
requestp->ret = open(requestp->path, requestp->oflag, requestp->mode);
data/squid-4.13/src/DiskIO/DiskThreads/aiops_win32.cc:651:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(requestp->statp, requestp->tmpstatp, sizeof(struct stat));
data/squid-4.13/src/DiskIO/DiskThreads/aiops_win32.cc:747:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
requestp->ret = open(requestp->path, requestp->oflag, requestp->mode);
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:99:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
IpcIoFile::open(int flags, mode_t mode, RefCount<IORequestor> callback)
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:177:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(flags, mode, callback);
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:247:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(readRequest->buf, buf, response->len);
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:362:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, pending->writeRequest->buf, ipcIo.len); // optimize away
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.h:72:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t mode, RefCount<IORequestor> callback);
data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.cc:72:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
MmappedFile::open(int flags, mode_t, RefCount<IORequestor> callback)
data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.cc:105:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(flags, mode, callback);
data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.cc:164:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aRequest->buf, buf, aRequest->len);
data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.h:23:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open(int flags, mode_t mode, RefCount<IORequestor> callback);
data/squid-4.13/src/Downloader.cc:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char requestBuffer[HTTP_REQBUF_SZ];
data/squid-4.13/src/HierarchyLogEntry.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[SQUIDHOSTNAMELEN];
data/squid-4.13/src/HierarchyLogEntry.h:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd_host[SQUIDHOSTNAMELEN]; /* the host of selected by cd peer */
data/squid-4.13/src/HttpHeader.cc:1117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/squid-4.13/src/HttpHeaderMask.h:13:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char HttpHeaderMask[12];
data/squid-4.13/src/HttpHeaderTools.cc:125:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*value = atoi(start);
data/squid-4.13/src/LogTags.cc:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/squid-4.13/src/MemBuf.cc:228:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(space(), newContent, sz);
data/squid-4.13/src/MemObject.cc:36:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char digest[16];
data/squid-4.13/src/MemStore.cc:149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<char*>(PagePointer(page)) + sliceOffset, buf + bufWritten,
data/squid-4.13/src/PeerDigest.h:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SM_PAGE_SIZE];
data/squid-4.13/src/ProfStats.cc:61:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hist, head, sizeof(xprof_stats_data));
data/squid-4.13/src/StatHist.cc:52:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bins,src.bins,capacity_*sizeof(*bins));
data/squid-4.13/src/StatHist.h:137:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bins,src.bins,capacity_*sizeof(*bins));
data/squid-4.13/src/StoreMeta.cc:135:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result->value, value, len);
data/squid-4.13/src/StoreMetaUnpacker.cc:58:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr_len, &buf[1], sizeof(int));
data/squid-4.13/src/StoreMetaUnpacker.cc:83:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&length, &buf[position], sizeof(int));
data/squid-4.13/src/StoreSwapLogData.h:174:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[SQUID_MD5_DIGEST_LENGTH] = {};
data/squid-4.13/src/StrList.cc:23:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/squid-4.13/src/StrList.cc:84:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char delim[3][8] = {
data/squid-4.13/src/String.cc:110:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_, str, len);
data/squid-4.13/src/String.cc:178:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(snew.buf_, rawBuf(), len_);
data/squid-4.13/src/String.cc:181:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(snew.buf_ + len_, str, len);
data/squid-4.13/src/String.cc:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myString[2];
data/squid-4.13/src/WinSvc.cc:83:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char REGKEY[256] = SOFTWARE "\\" VENDOR "\\" SOFTWARENAME "\\";
data/squid-4.13/src/WinSvc.cc:485:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[512];
data/squid-4.13/src/WinSvc.cc:723:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ServicePath[512];
data/squid-4.13/src/WinSvc.cc:724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szPath[512];
data/squid-4.13/src/WinSvc.cc:901:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stderr_path[256];
data/squid-4.13/src/WinSvc.cc:904:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(stderr_path,".log");
data/squid-4.13/src/acl/Acl.h:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ACL_NAME_SZ];
data/squid-4.13/src/acl/AclNameList.h:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ACL_NAME_SZ];
data/squid-4.13/src/acl/Arp.cc:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/src/acl/Arp.cc:133:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[48];
data/squid-4.13/src/acl/Asn.cc:82:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reqbuf[AS_REQBUF_SZ];
data/squid-4.13/src/acl/Asn.cc:397:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bitl = atoi(t + 1);
data/squid-4.13/src/acl/Asn.cc:497:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/acl/Asn.cc:565:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
q = new CbDataList<int> (atoi(t));
data/squid-4.13/src/acl/Eui64.cc:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/src/acl/Eui64.cc:111:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[48];
data/squid-4.13/src/acl/FilledChecklist.h:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rfc931[USER_IDENT_SZ];
data/squid-4.13/src/acl/HttpStatus.cc:98:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi(t);
data/squid-4.13/src/acl/HttpStatus.cc:105:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return new acl_httpstatus_data(status, atoi(t));
data/squid-4.13/src/acl/Ip.cc:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpbuf[ bufsz ];
data/squid-4.13/src/acl/Ip.cc:133:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_n1[3*(MAX_IPSTRLEN+1)];
data/squid-4.13/src/acl/Ip.cc:134:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_n2[3*(MAX_IPSTRLEN+1)];
data/squid-4.13/src/acl/MaxConnection.cc:59:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
limit = (atoi (t));
data/squid-4.13/src/acl/Random.cc:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufa[256], bufb[256];
data/squid-4.13/src/acl/Random.h:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[256]; // pattern from config file. Used to generate 'data'
data/squid-4.13/src/acl/RegexData.cc:118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[256];
data/squid-4.13/src/acl/RegexData.cc:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char largeRE[BUFSIZ];
data/squid-4.13/src/acl/ServerName.cc:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cn[1024];
data/squid-4.13/src/acl/TimeData.cc:57:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tm, localtime(&when), sizeof(struct tm));
data/squid-4.13/src/acl/UrlLogin.cc:26:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[MAX_URL]; // should be big enough for a single URI segment
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:144:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*ppByte, pTemp, cElements);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpSID[SECURITY_MAX_SID_SIZE * 2];
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:193:18: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
wcsize = MultiByteToWideChar(CP_ACP, 0, tmpSID, -1, wc, 0);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:195:9: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, tmpSID, -1, wc, wcsize);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:288:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wc, L"LDAP://");
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:290:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wc, L"GC://");
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:486:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Group[GNLEN + 1];
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:506:18: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
wcsize = MultiByteToWideChar(CP_ACP, 0, Group, -1, wc, 0);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:508:9: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, Group, -1, wc, wcsize);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:606:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NTDomain[DNLEN + UNLEN + 2];
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:609:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char User[DNLEN + UNLEN + 2];
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:777:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *groups[512];
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:315:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(value);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:318:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timelimit = atoi(value);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:347:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(value);
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:354:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(value)) {
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:802:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:806:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(filename, "r"))) {
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NTDomain[DNLEN + UNLEN + 2];
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char User[UNLEN + 1];
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:513:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:516:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *groups[512];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basedn[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dn[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passwd[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_filter[EDUI_MAXLEN]; /* Base search_filter that gets copied to edui_ldap_t */
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basedn[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dn[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passwd[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_filter[EDUI_MAXLEN]; /* search_group gets appended here by GroupLDAP */
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search_ip[EDUI_MAXLEN]; /* Could be IPv4 or IPv6, set by ConvertIP */
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userid[EDUI_MAXLEN]; /* Resulting userid */
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog[EDUI_MAXLEN], dbuf[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:282:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Out_Str, In_Str, i);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:335:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Out_Obj, In_Obj, i);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:840:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexc[4];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:967:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufa[EDUI_MAXLEN], bufb[EDUI_MAXLEN], bufc[EDUI_MAXLEN], bufd[EDUI_MAXLEN], bufg[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1054:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ft[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufa[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufb[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1143:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bufa, l->val[i]->bv_val, j);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1163:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(bufb);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufa[EDUI_MAXLEN], bufb[EDUI_MAXLEN], *p = NULL;
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1359:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufc[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sfmod[EDUI_MAXLEN];
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1426:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
edui_conf.ver = atoi(argv[i]);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1440:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
edui_conf.persist_timeout = atoi(argv[i]);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1472:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
edui_conf.port = atoi(argv[i]);
data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[DICT_BUFFER_SIZE]; /* the buffer for the lines read
data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HELPER_INPUT_BUFFER];
data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc:252:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *FH = fopen(filename, "r");
data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char err_code[17];
data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6400];
data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc:260:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
margs.mdepth = atoi(optarg);
data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc:496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6400];
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[KT_PATH_MAX], *p;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:244:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bp, "dc=");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:248:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bp, ",dc=");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:277:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ldf, "\\2a");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:280:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ldf, "\\28");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:283:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ldf, "\\29");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:286:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ldf, "\\5c");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:689:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) xmalloc(values[il]->bv_len + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:690:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr_value[max_attr], values[il]->bv_val,
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:768:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) xmalloc(values[il]->bv_len + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:769:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr_value[max_attr], values[il]->bv_val,
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1144:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(p);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1393:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint32_t gid = atoi(attr_value[0]);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_log.cc:45:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:198:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[1024];
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:271:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(service, "_ldaps._tcp.");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:274:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(service, "_ldap._tcp.");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:294:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(service, "_ldap._tcp.");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:355:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NS_MAXDNAME];
data/squid-4.13/src/acl/external/session/ext_session_acl.cc:76:29: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (db_env->open(db_env, db_path, DB_CREATE | DB_INIT_MPOOL | DB_INIT_LOCK , 0666)) {
data/squid-4.13/src/acl/external/session/ext_session_acl.cc:87:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (db->open(db, NULL, "session", NULL, DB_BTREE, DB_CREATE, 0666)) {
data/squid-4.13/src/acl/external/session/ext_session_acl.cc:95:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (db->open(db, NULL, db_path, NULL, DB_BTREE, DB_CREATE, 0666)) {
data/squid-4.13/src/acl/external/session/ext_session_acl.cc:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[HELPER_INPUT_BUFFER];
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:92:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logfile = fopen(logfilename, "a");
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuffer[TQ_BUFFERSIZE];
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuffer[TQ_BUFFERSIZE];
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[TQ_BUFFERSIZE]; /* the buffer for the lines read
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:268:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FH = fopen(filename, "r");
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[TQ_BUFFERSIZE];
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[HELPER_INPUT_BUFFER];
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:428:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pauseLength = atoi(optarg);
data/squid-4.13/src/acl/external/unix_group/check_group.cc:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/adaptation/ecap/XactionRep.cc:139:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN] = "";
data/squid-4.13/src/adaptation/icap/ModXact.cc:1344:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/adaptation/icap/ModXact.cc:1371:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base64buf[base64_encode_len(MAX_LOGIN_SZ)];
data/squid-4.13/src/adaptation/icap/ModXact.cc:1531:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base64buf[base64_encode_len(MAX_LOGIN_SZ)];
data/squid-4.13/src/adaptation/icap/Options.cc:150:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(s.termedBuf());
data/squid-4.13/src/anyp/Uri.cc:116:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ip[MAX_IPSTRLEN];
data/squid-4.13/src/anyp/Uri.cc:424:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
foundPort = atoi(t);
data/squid-4.13/src/anyp/Uri.h:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_[SQUIDHOSTNAMELEN]; ///< string representation of the URI authority name or IP
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:441:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(value);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:444:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timelimit = atoi(value);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:476:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(value);
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:483:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(value)) {
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:664:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dn[1024];
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:676:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[16384];
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:677:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escaped_login[1024];
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:774:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:779:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(filename, "r"))) {
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:54:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(passwdfile, "r");
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:58:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char passwd[120], *p;
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:60:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char final[16];
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:185:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char digest[16];
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:188:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sum[33];
data/squid-4.13/src/auth/basic/NIS/basic_nis_auth.cc:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/src/auth/basic/PAM/basic_pam_auth.cc:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/PAM/basic_pam_auth.cc:186:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl = atoi(optarg);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:108:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char vector[AUTH_VECTOR_LEN];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:109:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char secretkey[MAXPASS + 1] = "";
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:110:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char server[MAXLINE] = "";
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:111:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char identifier[MAXLINE] = "";
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char svc_name[MAXLINE] = "radius";
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:170:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reply_digest[AUTH_VECTOR_LEN];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:171:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char calc_digest[AUTH_VECTOR_LEN];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:187:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reply_digest, auth->vector, AUTH_VECTOR_LEN);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:188:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth->vector, vector, AUTH_VECTOR_LEN);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:190:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + length, secretkey, secretlen);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXLINE];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:230:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cf = fopen(cfname, "r")) == NULL) {
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[3];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passbuf[MAXPASS];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:303:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(auth->vector, vector, AUTH_VECTOR_LEN);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:318:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, username, length);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:330:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(passbuf, passwd, length);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:346:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cbc, auth->vector, AUTH_VECTOR_LEN);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:350:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md5buf + secretlen, cbc, AUTH_VECTOR_LEN);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:367:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &ui, 4);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:377:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &ui, 4);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:387:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, identifier, len);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:397:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &ui, 4);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:473:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[MAXPWNAM];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passwd[MAXPASS];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:476:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:507:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retries = atoi(optarg);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:543:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
svc_port = atoi(svc_name);
data/squid-4.13/src/auth/basic/RADIUS/radius-util.cc:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6];
data/squid-4.13/src/auth/basic/RADIUS/radius-util.cc:129:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_byte = atoi(buf);
data/squid-4.13/src/auth/basic/SASL/basic_sasl_auth.cc:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/SMB/basic_smb_auth.cc:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/SMB/basic_smb_auth.cc:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/SMB_LM/msntauth.cc:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[256];
data/squid-4.13/src/auth/basic/SMB_LM/msntauth.cc:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[256];
data/squid-4.13/src/auth/basic/SMB_LM/msntauth.cc:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wstr[256];
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char NTGroup[256];
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wstr[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[256];
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[256];
data/squid-4.13/src/auth/basic/SSPI/valid.cc:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Default_NTDomain[DNLEN+1] = NTV_DEFAULT_DOMAIN;
data/squid-4.13/src/auth/basic/SSPI/valid.cc:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NTDomain[256];
data/squid-4.13/src/auth/basic/SSPI/valid.cc:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DomainUser[256];
data/squid-4.13/src/auth/basic/SSPI/valid.cc:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char User[256];
data/squid-4.13/src/auth/basic/SSPI/valid.h:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char Default_NTDomain[DNLEN+1];
data/squid-4.13/src/auth/basic/UserRequest.cc:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/UserRequest.cc:132:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char usern[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/UserRequest.cc:133:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pass[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/basic/getpwnam/basic_getpwnam_auth.cc:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/digest/Config.cc:340:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9])
data/squid-4.13/src/auth/digest/Config.h:57:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9]);
data/squid-4.13/src/auth/digest/LDAP/digest_pw_auth.cc:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[8192];
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char searchbase[8192];
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:212:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escaped_login[1024];
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:490:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(value);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:493:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timelimit = atoi(value);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:522:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(value);
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:529:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(value)) {
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:621:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:625:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(filename, "r"))) {
data/squid-4.13/src/auth/digest/UserRequest.cc:289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/squid-4.13/src/auth/digest/UserRequest.cc:302:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userstr[1024];
data/squid-4.13/src/auth/digest/UserRequest.h:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nc[9]; /* = "00000001" */
data/squid-4.13/src/auth/digest/eDirectory/digest_pw_auth.cc:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:251:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(retData, retOctStr, retOctStrLen);
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:393:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pwd, &pwdBuf[1], pwdBufLen-1); /* skip digest tag and include null */
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:463:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pwd, pwdBuf, pwdBufLen);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[8192];
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char searchbase[8192];
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:214:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escaped_login[1024];
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:513:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
connect_timeout = atoi(value);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:516:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timelimit = atoi(value);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:545:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(value);
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:552:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(value)) {
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:647:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:651:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(f = fopen(filename, "r"))) {
data/squid-4.13/src/auth/digest/file/digest_file_auth.cc:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/digest/file/text_backend.cc:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/squid-4.13/src/auth/digest/file/text_backend.cc:81:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(passwordFile, "r");
data/squid-4.13/src/auth/digest/file/text_backend.cc:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helper_command[3];
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:154:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cred[SSP_MAX_CRED_LEN + 1];
data/squid-4.13/src/auth/negotiate/UserRequest.cc:73:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/negotiate/UserRequest.cc:123:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos.h:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[1024];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:146:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ktname[MAXPATHLEN+sizeof("MEMORY:")+1];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ad_groups[MAX_PAC_GROUP_SIZE];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_keytab[MAXPATHLEN];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:515:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rcache_type_env, "KRB5RCACHETYPE=");
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:524:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rcache_dir_env, "KRB5RCACHEDIR=");
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:533:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(keytab_name_env, "KRB5_KTNAME=");
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:566:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(memory_keytab_name_env, "KRB5_KTNAME=");
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:770:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user, output_token.value, output_token.length);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:845:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user, output_token.value, output_token.length);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:893:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:99:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:123:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:232:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(argv[2]);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:234:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Token = (const char *) squid_kerb_proxy_auth(argv[1]);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:240:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Token = (const char *) squid_kerb_proxy_auth(argv[1]);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:186:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)Rids[l],(void *)&p[bpos],4);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:208:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dli[256];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:228:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)ag,(const void*)&p[bpos],1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:229:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&ag[1],(const void*)&p[bpos+1],1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:231:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&ag[2],(const void*)&p[bpos+2],6+nauth*4);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:232:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&ag[length],(const void*)Rids[l],4);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:300:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char es[256];
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:319:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)ag,(const void*)&p[bpos],length);
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:73:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuff[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_AUTHTOKEN_LEN+2];
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:321:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nargs,argv+nstart+1,(nend-nstart)*sizeof(char *));
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:333:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(kargs,argv+kstart+1,(kend-kstart)*sizeof(char *));
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:355:19: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
if (( fpid = vfork()) < 0 ) {
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:391:19: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
if (( fpid = vfork()) < 0 ) {
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:92:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char challenge[NTLM_NONCE_LEN];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:93:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char lmencoded_empty_pass[ENCODED_PASS_LEN],
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:97:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char credentials[MAX_USERNAME_LEN+MAX_DOMAIN_LEN+2]; /* we can afford to waste */
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:98:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char my_domain[100], my_domain_controller[100];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:99:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char errstr[1001];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:101:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_messages_buffer[NTLM_BLOB_BUFFER_SIZE];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:107:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smb_error_buffer[1000];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(challenge, handle->Encrypt_Key, NTLM_NONCE_LEN);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:198:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char b64buf[HELPER_INPUT_BUFFER-10]; /* 10 for other line fields, delimiters and terminator */
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass[MAX_PASSWD_LEN+1];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:245:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(domain, tmp.str, tmp.l);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:262:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user, tmp.str, tmp.l);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:288:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pass, tmp.str, tmp.l);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NTLM_BLOB_BUFFER_SIZE];
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:500:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded[NTLM_BLOB_BUFFER_SIZE];
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char credentials[DNLEN+UNLEN+2]; /* we can afford to waste */
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:434:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helper_command[3];
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[DNLEN+1];
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[UNLEN+1];
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:446:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (memcpy(local_nego.hdr.signature, "NTLMSSP", 8) != 0) {
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:448:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(local_nego.hdr.signature, "NTLMSSP", 8); /* set the signature */
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:490:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(decoded, &local_nego, sizeof(local_nego));
data/squid-4.13/src/auth/ntlm/UserRequest.cc:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/ntlm/UserRequest.cc:122:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_AUTHTOKEN_LEN];
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[NTLM_MAX_FIELD_LENGTH], domain[NTLM_MAX_FIELD_LENGTH];
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helper_command[3];
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:176:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonce[NTLM_NONCE_LEN];
data/squid-4.13/src/base/File.cc:140:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(cfg);
data/squid-4.13/src/base/File.cc:170:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File::open(const FileOpeningConfig &cfg)
data/squid-4.13/src/base/File.cc:184:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd_ = ::open(filename, cfg.openFlags, cfg.openMode);
data/squid-4.13/src/base/File.h:102:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const FileOpeningConfig &cfg);
data/squid-4.13/src/cache_cf.cc:320:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str + substrIdx, newSubstr, newSubstrLen);
data/squid-4.13/src/cache_cf.cc:434:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file_name, "r");
data/squid-4.13/src/cache_cf.cc:468:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char new_file_name[1024];
data/squid-4.13/src/cache_cf.cc:1383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/cache_cf.cc:1420:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/cache_cf.cc:2775:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[256];
data/squid-4.13/src/cache_cf.cc:3346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/cache_cf.cc:3799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/cache_cf.cc:3910:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[BUFSIZ];
data/squid-4.13/src/cache_cf.cc:4561:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/squid-4.13/src/cache_cf.cc:4563:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "ssl_bump deny all");
data/squid-4.13/src/cache_cf.cc:4568:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "ssl_bump allow all");
data/squid-4.13/src/cf_gen.cc:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_LINE];
data/squid-4.13/src/cf_gen.cc:203:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp.open(type_depend, std::ifstream::in);
data/squid-4.13/src/cf_gen.cc:230:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp.open(input_filename, std::ifstream::in);
data/squid-4.13/src/cf_gen.cc:451:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout.open(conf_filename,std::ostream::out);
data/squid-4.13/src/cf_gen.cc:462:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout.open(conf_filename_short,std::ostream::out);
data/squid-4.13/src/cf_gen.cc:763:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/squid-4.13/src/client_db.cc:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_IPSTRLEN];
data/squid-4.13/src/client_db.cc:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_IPSTRLEN];
data/squid-4.13/src/client_db.cc:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_IPSTRLEN];
data/squid-4.13/src/client_db.cc:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_IPSTRLEN];
data/squid-4.13/src/client_db.cc:442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_IPSTRLEN];
data/squid-4.13/src/client_db.cc:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_IPSTRLEN];
data/squid-4.13/src/client_db.cc:515:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:1093:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ipbuf[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:1168:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vportStr[32];
data/squid-4.13/src/client_side.cc:1257:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ipbuf[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:2019:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipu, extra.rawContent(), sizeof(pax));
data/squid-4.13/src/client_side.cc:2804:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ip[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:3385:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ip[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:3397:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ip[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:3430:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ip[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:3976:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stmp[MAX_IPSTRLEN];
data/squid-4.13/src/client_side.cc:3977:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[FD_DESC_SZ];
data/squid-4.13/src/client_side.cc:4030:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1];
data/squid-4.13/src/client_side_reply.cc:1433:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char age[64];
data/squid-4.13/src/client_side_reply.cc:2195:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, result.data, result.length);
data/squid-4.13/src/client_side_reply.h:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[HTTP_REQBUF_SZ]; ///< a temporary buffer if we need working storage
data/squid-4.13/src/client_side_request.cc:1245:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = static_cast<Http::StatusCode>(atoi(result));
data/squid-4.13/src/clients/FtpClient.cc:155:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char addrBuf[MAX_IPSTRLEN];
data/squid-4.13/src/clients/FtpClient.cc:615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/clients/FtpClient.cc:1132:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctrl.replycode = atoi(list->key);
data/squid-4.13/src/clients/FtpGateway.cc:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[MAX_URL];
data/squid-4.13/src/clients/FtpGateway.cc:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[MAX_URL];
data/squid-4.13/src/clients/FtpGateway.cc:193:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cbuf[CTRL_BUFLEN];
data/squid-4.13/src/clients/FtpGateway.cc:541:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tbuf[128];
data/squid-4.13/src/clients/FtpGateway.cc:701:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->size = atoi(ct + 1);
data/squid-4.13/src/clients/FtpGateway.cc:1884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/clients/FtpGateway.cc:2663:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[4096];
data/squid-4.13/src/comm.cc:90:54: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fd >= 0 && fd_table && fd_table[fd].flags.open != 0;
data/squid-4.13/src/comm.cc:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SQUID_TCP_SO_RCVBUF];
data/squid-4.13/src/comm.cc:170:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!F->flags.open) {
data/squid-4.13/src/comm.cc:550:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open);
data/squid-4.13/src/comm.cc:563:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open);
data/squid-4.13/src/comm.cc:778:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(fd_table[fd].flags.open);
data/squid-4.13/src/comm.cc:871:57: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (shutting_down || reconfiguring) && (!F->flags.open || F->type == FD_FILE))
data/squid-4.13/src/comm.cc:1525:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!F->flags.open)
data/squid-4.13/src/comm.cc:1549:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!F->flags.open)
data/squid-4.13/src/comm/ConnOpener.cc:295:41: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(fd_table[temporaryFd_].flags.open);
data/squid-4.13/src/comm/ConnOpener.cc:327:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Must(fd_table[conn_->fd].flags.open);
data/squid-4.13/src/comm/Connection.h:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rfc931[USER_IDENT_SZ];
data/squid-4.13/src/comm/ModDevPoll.cc:199:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devpoll_fd = open("/dev/poll", O_RDWR);
data/squid-4.13/src/comm/ModDevPoll.cc:234:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!F->flags.open) {
data/squid-4.13/src/comm/ModEpoll.cc:123:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!F->flags.open) {
data/squid-4.13/src/comm/ModKqueue.cc:171:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open || (!handler && !client_data && !timeout));
data/squid-4.13/src/comm/ModPoll.cc:128:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open || (!handler && !client_data && !timeout));
data/squid-4.13/src/comm/ModPoll.cc:539:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (F->flags.open)
data/squid-4.13/src/comm/ModSelect.cc:127:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open || (!handler && !client_data && !timeout));
data/squid-4.13/src/comm/ModSelect.cc:369:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&readfds, &global_readfds,
data/squid-4.13/src/comm/ModSelect.cc:372:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&writefds, &global_writefds,
data/squid-4.13/src/comm/ModSelectWin32.cc:121:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open || (!handler && !client_data && !timeout));
data/squid-4.13/src/comm/ModSelectWin32.cc:360:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&readfds, &global_readfds, sizeof(global_readfds));
data/squid-4.13/src/comm/ModSelectWin32.cc:362:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&writefds, &global_writefds, sizeof(global_writefds));
data/squid-4.13/src/comm/ModSelectWin32.cc:364:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&errfds, &global_writefds, sizeof(global_writefds));
data/squid-4.13/src/comm/ModSelectWin32.cc:377:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd_table[fd].flags.open) {
data/squid-4.13/src/comm/ModSelectWin32.cc:468:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd_table[fd].flags.open) {
data/squid-4.13/src/comm/ModSelectWin32.cc:532:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd_table[fd].flags.open) {
data/squid-4.13/src/comm/ModSelectWin32.cc:552:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd_table[fd].flags.open) {
data/squid-4.13/src/comm/TcpAcceptor.cc:129:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ipbuf[MAX_IPSTRLEN] = {'\0'};
data/squid-4.13/src/comm/TcpAcceptor.cc:173:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seconds = atoi(Config.accept_filter + 5);
data/squid-4.13/src/comm/Write.cc:38:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(fd_table[conn->fd].flags.open);
data/squid-4.13/src/debug.cc:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[BUFSIZ];
data/squid-4.13/src/debug.cc:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[BUFSIZ];
data/squid-4.13/src/debug.cc:243:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Debug::rotateNumber = atoi(arg);
data/squid-4.13/src/debug.cc:249:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s = atoi(arg);
data/squid-4.13/src/debug.cc:253:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
l = atoi(arg);
data/squid-4.13/src/debug.cc:289:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (auto log = fopen(logfilename, "a+")) {
data/squid-4.13/src/debug.cc:514:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[MAXPATHLEN];
data/squid-4.13/src/debug.cc:517:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[MAXPATHLEN];
data/squid-4.13/src/debug.cc:575:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128]; // arbitrary size, big enough for the below timestamp strings.
data/squid-4.13/src/debug.cc:581:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[sizeof(buf)-4];
data/squid-4.13/src/debug.cc:603:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[16];
data/squid-4.13/src/debug.cc:710:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *Ctx_Descrs[CTX_MAX_LEVEL + 1];
data/squid-4.13/src/dns/rfc1035.cc:67:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:78:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:81:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:84:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:87:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, label, len);
data/squid-4.13/src/dns/rfc1035.cc:163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:301:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name + no, buf + (*off), len);
data/squid-4.13/src/dns/rfc1035.cc:345:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:348:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:351:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &i, sizeof(i));
data/squid-4.13/src/dns/rfc1035.cc:354:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:356:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &(RR->rdata), RR->rdlength);
data/squid-4.13/src/dns/rfc1035.cc:442:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RR->rdata, buf + (*off), rdlength);
data/squid-4.13/src/dns/rfc1035.cc:527:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&s, buf + *off, 2);
data/squid-4.13/src/dns/rfc1035.cc:530:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&s, buf + *off, 2);
data/squid-4.13/src/dns/rfc1035.cc:708:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rev[32];
data/squid-4.13/src/dns/rfc1035.cc:749:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &s, sizeof(s));
data/squid-4.13/src/dns/rfc1035.cc:757:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[SQUID_DNS_BUFSZ];
data/squid-4.13/src/dns/rfc1035.cc:758:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SQUID_DNS_BUFSZ];
data/squid-4.13/src/dns/rfc1035.cc:759:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[SQUID_DNS_BUFSZ];
data/squid-4.13/src/dns/rfc1035.cc:778:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
S.sin_port = htons(atoi(argv[2]));
data/squid-4.13/src/dns/rfc1035.cc:824:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipa_str[sizeof(a)];
data/squid-4.13/src/dns/rfc1035.cc:825:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a, answers[i].rdata, 4);
data/squid-4.13/src/dns/rfc1035.cc:828:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr[128];
data/squid-4.13/src/dns/rfc1035.h:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[RFC1035_MAXHOSTNAMESZ];
data/squid-4.13/src/dns/rfc1035.h:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[RFC1035_MAXHOSTNAMESZ];
data/squid-4.13/src/dns/rfc3596.cc:128:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rev[RFC1035_MAXHOSTNAMESZ];
data/squid-4.13/src/dns/rfc3596.cc:144:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rev[RFC1035_MAXHOSTNAMESZ];
data/squid-4.13/src/dns/rfc3596.cc:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[PACKET_BUFSZ];
data/squid-4.13/src/dns/rfc3596.cc:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PACKET_BUFSZ];
data/squid-4.13/src/dns/rfc3596.cc:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[PACKET_BUFSZ];
data/squid-4.13/src/dns/rfc3596.cc:199:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
edns_max = atoi(argv[var++]);
data/squid-4.13/src/dns/rfc3596.cc:223:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((struct sockaddr_in6 *)S)->sin6_port = htons(atoi(argv[var+1]));
data/squid-4.13/src/dns/rfc3596.cc:236:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((struct sockaddr_in *)S)->sin_port = htons(atoi(argv[var+1]));
data/squid-4.13/src/dns/rfc3596.cc:307:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/squid-4.13/src/dns/rfc3596.cc:308:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a, answers[i].rdata, 4);
data/squid-4.13/src/dns/rfc3596.cc:313:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[INET6_ADDRSTRLEN];
data/squid-4.13/src/dns/rfc3596.cc:314:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a, answers[i].rdata, 16);
data/squid-4.13/src/dns/rfc3596.cc:317:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr[RFC1035_MAXHOSTNAMESZ];
data/squid-4.13/src/dns/rfc3596.cc:321:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr[RFC1035_MAXHOSTNAMESZ];
data/squid-4.13/src/dns_internal.cc:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RESOLV_BUFSZ];
data/squid-4.13/src/dns_internal.cc:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NS_MAXDNAME + 1];
data/squid-4.13/src/dns_internal.cc:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig[NS_MAXDNAME + 1];
data/squid-4.13/src/dns_internal.cc:229:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[NS_MAXDNAME];
data/squid-4.13/src/dns_internal.cc:383:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(searchpath, oldptr, oldalloc * sizeof(*searchpath));
data/squid-4.13/src/dns_internal.cc:421:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(_PATH_RESCONF, "r");
data/squid-4.13/src/dns_internal.cc:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RESOLV_BUFSZ];
data/squid-4.13/src/dns_internal.cc:476:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ndots = atoi(t + 6);
data/squid-4.13/src/dns_internal.cc:725:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/dns_internal.cc:865:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN] = "";
data/squid-4.13/src/dns_internal.cc:932:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/dns_internal.cc:1107:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, message->answer, (sizeof(rfc1035_rr)*n) );
data/squid-4.13/src/dns_internal.cc:1108:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result+n, q2->message->answer, (sizeof(rfc1035_rr)*q2->ancount) );
data/squid-4.13/src/dns_internal.cc:1110:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, q2->message->answer, (sizeof(rfc1035_rr)*q2->ancount) );
data/squid-4.13/src/dns_internal.cc:1111:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result+q2->ancount, message->answer, (sizeof(rfc1035_rr)*n) );
data/squid-4.13/src/dns_internal.cc:1320:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rbuf[SQUID_UDP_SO_RCVBUF];
data/squid-4.13/src/dns_internal.cc:1800:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[MAX_IPSTRLEN];
data/squid-4.13/src/errorpage.cc:264:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/squid-4.13/src/errorpage.cc:298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/squid-4.13/src/errorpage.cc:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/squid-4.13/src/errorpage.cc:425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[256];
data/squid-4.13/src/errorpage.cc:460:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
info->page_redirect = static_cast<Http::StatusCode>(atoi(page_name));
data/squid-4.13/src/errorpage.cc:702:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/errorpage.cc:775:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/esi/Esi.cc:589:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(next->readBuffer.data, &outbound->buf[outbound_offset], len);
data/squid-4.13/src/esi/Esi.cc:746:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&context->incoming->buf[context->incoming->len], receivedData.data, len);
data/squid-4.13/src/esi/Esi.cc:757:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(context->incoming->buf, &receivedData.data[len], receivedData.length - len);
data/squid-4.13/src/esi/Esi.cc:958:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localbuf [HTTP_REQBUF_SZ];
data/squid-4.13/src/esi/Esi.cc:1085:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localbuf [HTTP_REQBUF_SZ];
data/squid-4.13/src/esi/Esi.cc:1161:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[1024];
data/squid-4.13/src/esi/Esi.cc:1173:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localbuf [HTTP_REQBUF_SZ];
data/squid-4.13/src/esi/Esi.cc:1220:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[1024];
data/squid-4.13/src/esi/Libxml2Parser.cc:72:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/squid-4.13/src/esi/Segment.cc:92:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rv[pos], temp->buf, temp->len);
data/squid-4.13/src/esi/Segment.cc:141:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[len], appendBuffer, toCopy);
data/squid-4.13/src/esi/Segment.h:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HTTP_REQBUF_SZ];
data/squid-4.13/src/esi/VarState.cc:812:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[1024];
data/squid-4.13/src/esi/VarState.cc:816:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tempstr, "Accept-Language ");
data/squid-4.13/src/esi/VarState.cc:819:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tempstr, "Cookie ");
data/squid-4.13/src/esi/VarState.cc:822:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tempstr, "Host ");
data/squid-4.13/src/esi/VarState.cc:825:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tempstr, "Referer ");
data/squid-4.13/src/esi/VarState.cc:828:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tempstr, "User-Agent ");
data/squid-4.13/src/eui/Eui48.cc:142:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ifbuffer[sizeof(struct ifreq) * 64];
data/squid-4.13/src/eui/Eui48.cc:418:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arpReq.arp_ha.sa_data, LLADDR(sdl), sdl->sdl_alen);
data/squid-4.13/src/eui/Eui48.cc:484:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arpReq.arp_ha.sa_data, NetTable->table[i].bPhysAddr, NetTable->table[i].dwPhysAddrLen);
data/squid-4.13/src/eui/Eui48.h:32:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
Eui48(const Eui48 &t) { memcpy(this, &t, sizeof(Eui48)); }
data/squid-4.13/src/eui/Eui48.h:42:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eui, src, len);
data/squid-4.13/src/eui/Eui48.h:73:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eui[SZ_EUI48_BUF];
data/squid-4.13/src/eui/Eui64.cc:66:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eui, &(tmp.s6_addr[8]), SZ_EUI64_BUF);
data/squid-4.13/src/eui/Eui64.h:48:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eui, src, len);
data/squid-4.13/src/eui/Eui64.h:85:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eui[SZ_EUI64_BUF];
data/squid-4.13/src/external_acl.cc:199:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->ttl = atoi(token + 4);
data/squid-4.13/src/external_acl.cc:201:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->negative_ttl = atoi(token + 13);
data/squid-4.13/src/external_acl.cc:203:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->children.n_max = atoi(token + 9);
data/squid-4.13/src/external_acl.cc:206:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->children.n_max = atoi(token + 13);
data/squid-4.13/src/external_acl.cc:208:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->children.n_startup = atoi(token + 17);
data/squid-4.13/src/external_acl.cc:210:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->children.n_idle = atoi(token + 14);
data/squid-4.13/src/external_acl.cc:212:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->children.concurrency = atoi(token + 12);
data/squid-4.13/src/external_acl.cc:214:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->children.queue_size = atoi(token + 11);
data/squid-4.13/src/external_acl.cc:217:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->cache_size = atoi(token + 6);
data/squid-4.13/src/external_acl.cc:219:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a->grace = atoi(token + 6);
data/squid-4.13/src/fatal.cc:61:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fatal_str[BUFSIZ];
data/squid-4.13/src/fd.cc:77:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while (Biggest_FD >= 0 && !fd_table[Biggest_FD].flags.open)
data/squid-4.13/src/fd.cc:87:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open);
data/squid-4.13/src/fd.cc:192:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (F->flags.open) {
data/squid-4.13/src/fd.cc:197:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(!F->flags.open);
data/squid-4.13/src/fd.cc:284:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!F->flags.open)
data/squid-4.13/src/fde.cc:33:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!flags.open)
data/squid-4.13/src/fde.cc:89:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_IPSTRLEN+7]; // 7 = length of ':port' strings
data/squid-4.13/src/fde.h:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[MAX_IPSTRLEN]; /* dotted decimal address of peer */
data/squid-4.13/src/fde.h:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[FD_DESC_SZ];
data/squid-4.13/src/fde.h:82:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open;
data/squid-4.13/src/filemap.cc:56:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap, old_map, old_sz);
data/squid-4.13/src/format/Format.cc:112:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argbuf[256];
data/squid-4.13/src/format/Format.cc:279:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, str, l);
data/squid-4.13/src/format/Format.cc:360:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[1024];
data/squid-4.13/src/format/Format.cc:1405:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char quotedOut[2 * sizeof(tmp)];
data/squid-4.13/src/fqdncache.cc:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[FQDN_MAX_NAMES + 1];
data/squid-4.13/src/fqdncache.cc:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_IPSTRLEN];
data/squid-4.13/src/fqdncache.cc:483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_IPSTRLEN];
data/squid-4.13/src/fs/rock/RockIoState.cc:294:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(theBuf.mem, &header, sizeof(DbCellHeader));
data/squid-4.13/src/fs/rock/RockIoState.cc:301:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wBuf, theBuf.mem, theBuf.size);
data/squid-4.13/src/fs/rock/RockRebuild.cc:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrBuf[SwapDir::HeaderSize];
data/squid-4.13/src/fs/rock/RockSwapDir.cc:245:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const int swap = open(filePath, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0600);
data/squid-4.13/src/fs/rock/RockSwapDir.cc:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block[1024];
data/squid-4.13/src/fs/rock/RockSwapDir.cc:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[HeaderSize];
data/squid-4.13/src/fs/rock/RockSwapDir.cc:309:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
theFile->open(O_RDWR, 0644, this);
data/squid-4.13/src/fs/ufs/RebuildState.h:56:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[MAXPATHLEN];
data/squid-4.13/src/fs/ufs/RebuildState.h:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullfilename[MAXPATHLEN*2];
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:263:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(read_buf, buf, len);
data/squid-4.13/src/fs/ufs/UFSStrategy.cc:57:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Fs::Ufs::UFSStrategy::open(SwapDir * SD, StoreEntry * e, StoreIOState::STFNCB *,
data/squid-4.13/src/fs/ufs/UFSStrategy.cc:84:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myFile->open (sio->mode, 0644, state);
data/squid-4.13/src/fs/ufs/UFSStrategy.h:36:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
StoreIOState::Pointer open(SwapDir *, StoreEntry *, StoreIOState::STFNCB *,
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:91:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&s.key, e.key, SQUID_MD5_DIGEST_LENGTH);
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:93:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outbuf + outbuf_offset, &s, ss);
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:551:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return IO->open (this, &e, file_callback, aCallback, callback_data);
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:691:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pathtmp[MAXPATHLEN];
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:904:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(swaplog_path.c_str(), "rb");
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:955:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->outbuf, &header, sizeof(StoreSwapLogHeader));
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:1300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->key, e.key, SQUID_MD5_DIGEST_LENGTH);
data/squid-4.13/src/fs/ufs/UFSSwapLogParser.cc:38:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[SQUID_MD5_DIGEST_LENGTH];
data/squid-4.13/src/fs/ufs/UFSSwapLogParser.cc:62:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(swapData.key, readData.key, SQUID_MD5_DIGEST_LENGTH);
data/squid-4.13/src/fs_io.cc:56:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, mode, 0644);
data/squid-4.13/src/fs_io.cc:82:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open);
data/squid-4.13/src/fs_io.cc:170:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wq->buf + wq->len, q->buf + q->buf_offset, len);
data/squid-4.13/src/fs_io.cc:356:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
assert(F->flags.open);
data/squid-4.13/src/ftp/Parsing.cc:31:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ipBuf[1024];
data/squid-4.13/src/ftp/Parsing.cc:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[MAX_IPSTRLEN];
data/squid-4.13/src/globals.h:21:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char tmp_error_buf[ERROR_BUF_SZ];
data/squid-4.13/src/globals.h:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ThisCache[RFC2181_MAXHOSTNAMELEN << 1];
data/squid-4.13/src/globals.h:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ThisCache2[RFC2181_MAXHOSTNAMELEN << 1];
data/squid-4.13/src/globals.h:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char config_input_line[BUFSIZ];
data/squid-4.13/src/gopher.cc:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[MAX_URL];
data/squid-4.13/src/gopher.cc:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replybuf[BUFSIZ];
data/squid-4.13/src/gopher.cc:452:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gopherState->buf + gopherState->len, pos, llen);
data/squid-4.13/src/gopher.cc:458:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, gopherState->buf, gopherState->len);
data/squid-4.13/src/gopher.cc:459:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line + gopherState->len, pos, llen);
data/squid-4.13/src/gopher.cc:463:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, pos, llen);
data/squid-4.13/src/gopher.cc:638:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
code = atoi(s_code);
data/squid-4.13/src/gopher.cc:640:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
recno = atoi(s_recno);
data/squid-4.13/src/gopher.cc:664:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
code = atoi(s_code);
data/squid-4.13/src/helper.cc:131:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[HELPER_MAX_ARGS+1]; // save space for a NULL terminator
data/squid-4.13/src/helper.cc:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fd_note_buf[FD_DESC_SZ];
data/squid-4.13/src/helper.cc:259:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[HELPER_MAX_ARGS+1]; // save space for a NULL terminator
data/squid-4.13/src/helper.cc:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fd_note_buf[FD_DESC_SZ];
data/squid-4.13/src/htcp.cc:268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[80];
data/squid-4.13/src/htcp.cc:300:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &auth, copy_sz);
data/squid-4.13/src/htcp.cc:318:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, &length, 2);
data/squid-4.13/src/htcp.cc:326:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + off, s, len);
data/squid-4.13/src/htcp.cc:434:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &reason, 2);
data/squid-4.13/src/htcp.cc:500:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &hdr, hdr_sz);
data/squid-4.13/src/htcp.cc:509:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &hdrSquid, hdr_sz);
data/squid-4.13/src/htcp.cc:557:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &hdr, hdr_sz);
data/squid-4.13/src/htcp.cc:784:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pkt[8192];
data/squid-4.13/src/htcp.cc:836:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cto_buf[SQUIDHOSTNAMELEN+128];
data/squid-4.13/src/htcp.cc:873:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pkt[8192];
data/squid-4.13/src/htcp.cc:1222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&htcpHdr, buf, sizeof(htcpHeader));
data/squid-4.13/src/htcp.cc:1326:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[8192];
data/squid-4.13/src/htcp.cc:1428:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pkt[8192];
data/squid-4.13/src/htcp.cc:1430:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[32];
data/squid-4.13/src/htcp.cc:1476:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char pkt[8192];
data/squid-4.13/src/htcp.cc:1478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[32];
data/squid-4.13/src/http.cc:1690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loginbuf[base64_encode_len(MAX_LOGIN_SZ)];
data/squid-4.13/src/http.cc:1875:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[base64_encode_len(MAX_URL*2)]; // should be big enough for a single URI segment
data/squid-4.13/src/http/StatusLine.cc:118:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status_ = static_cast<Http::StatusCode>(atoi(++start));
data/squid-4.13/src/http/Stream.h:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reqbuf[HTTP_REQBUF_SZ];
data/squid-4.13/src/http/url_rewriters/fake/fake.cc:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HELPER_INPUT_BUFFER];
data/squid-4.13/src/icmp/Icmp.h:31:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[PINGER_PAYLOAD_SZ];
data/squid-4.13/src/icmp/Icmp.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[PINGER_PAYLOAD_SZ];
data/squid-4.13/src/icmp/Icmp.h:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char payload[MAX_PAYLOAD];
data/squid-4.13/src/icmp/Icmp4.cc:48:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[50];
data/squid-4.13/src/icmp/Icmp4.cc:117:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&echo->tv, ¤t_time, sizeof(struct timeval));
data/squid-4.13/src/icmp/Icmp4.cc:125:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(echo->payload, payload, len);
data/squid-4.13/src/icmp/Icmp4.cc:240:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tv, &echo->tv, sizeof(struct timeval));
data/squid-4.13/src/icmp/Icmp6.cc:83:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[50];
data/squid-4.13/src/icmp/Icmp6.cc:152:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&echo->tv, ¤t_time, sizeof(struct timeval));
data/squid-4.13/src/icmp/Icmp6.cc:160:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(echo->payload, payload, len);
data/squid-4.13/src/icmp/Icmp6.cc:301:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tv, &echo->tv, sizeof(struct timeval));
data/squid-4.13/src/icmp/IcmpPinger.cc:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(wpi)];
data/squid-4.13/src/icmp/IcmpSquid.cc:87:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pecho.payload, payload, len);
data/squid-4.13/src/icmp/IcmpSquid.cc:192:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[2];
data/squid-4.13/src/icmp/net_db.cc:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NETDB_REQBUF_SZ];
data/squid-4.13/src/icmp/net_db.cc:609:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
N.pings_sent = atoi(q);
data/squid-4.13/src/icmp/net_db.cc:614:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
N.pings_recv = atoi(q);
data/squid-4.13/src/icmp/net_db.cc:637:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
N.next_ping_time = (time_t) atoi(q);
data/squid-4.13/src/icmp/net_db.cc:642:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
N.last_use_time = (time_t) atoi(q);
data/squid-4.13/src/icmp/net_db.cc:646:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n, &N, sizeof(netdbEntry));
data/squid-4.13/src/icmp/net_db.cc:801:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&line_addr, p + o, sizeof(struct in_addr));
data/squid-4.13/src/icmp/net_db.cc:808:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&j, p + o, sizeof(int));
data/squid-4.13/src/icmp/net_db.cc:815:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&j, p + o, sizeof(int));
data/squid-4.13/src/icmp/net_db.cc:1233:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[i], &line_addr, sizeof(struct in_addr));
data/squid-4.13/src/icmp/net_db.cc:1242:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[i], &j, sizeof(int));
data/squid-4.13/src/icmp/net_db.cc:1251:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[i], &j, sizeof(int));
data/squid-4.13/src/icmp/net_db.h:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char network[MAX_IPSTRLEN];
data/squid-4.13/src/icp_v2.cc:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this, buf, sizeof(icp_common_t));
data/squid-4.13/src/icp_v2.cc:273:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(urloffset, url, strlen(url));
data/squid-4.13/src/ident/Ident.cc:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[IDENT_BUFSIZE];
data/squid-4.13/src/ident/Ident.cc:240:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key1[IDENT_KEY_SZ];
data/squid-4.13/src/ident/Ident.cc:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key2[IDENT_KEY_SZ];
data/squid-4.13/src/ident/Ident.cc:242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[IDENT_KEY_SZ*2+2]; // key1 + ',' + key2 + terminator
data/squid-4.13/src/internal.cc:87:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lc_host[SQUIDHOSTNAMELEN];
data/squid-4.13/src/ip/Address.cc:292:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Ip::Address::getReverseString6(char buf[MAX_IPSTRLEN], const struct in6_addr &dat) const
data/squid-4.13/src/ip/Address.cc:319:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Ip::Address::getReverseString4(char buf[MAX_IPSTRLEN], const struct in_addr &dat) const
data/squid-4.13/src/ip/Address.cc:331:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Ip::Address::getReverseString(char buf[MAX_IPSTRLEN], int show_type) const
data/squid-4.13/src/ip/Address.cc:806:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,"::\0", min(static_cast<unsigned int>(3),blen));
data/squid-4.13/src/ip/Address.cc:808:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,"0.0.0.0\0", min(static_cast<unsigned int>(8),blen));
data/squid-4.13/src/ip/Address.cc:818:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "{!IPv4}\0", min(static_cast<unsigned int>(8),blen));
data/squid-4.13/src/ip/Address.cc:837:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,"dead:beef::\0", min(static_cast<unsigned int>(13),blen));
data/squid-4.13/src/ip/Address.h:235:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool getReverseString(char buf[MAX_IPSTRLEN], int show_type = AF_UNSPEC) const;
data/squid-4.13/src/ip/Address.h:310:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool getReverseString4(char buf[MAX_IPSTRLEN], const struct in_addr &dat) const;
data/squid-4.13/src/ip/Address.h:312:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
bool getReverseString6(char buf[MAX_IPSTRLEN], const struct in6_addr &dat) const;
data/squid-4.13/src/ip/Address.h:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/ip/Intercept.cc:236:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
natfd = open(IPNAT_NAME, O_RDONLY, 0);
data/squid-4.13/src/ip/Intercept.cc:238:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
natfd = open(IPL_NAT, O_RDONLY, 0);
data/squid-4.13/src/ip/Intercept.cc:333:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pffd = open("/dev/pf", O_RDONLY);
data/squid-4.13/src/ip/QosConfig.cc:50:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/squid-4.13/src/ip/QosConfig.h:242:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256]; /* random number. change as needed. max config line length. */ \
data/squid-4.13/src/ipc.cc:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hello_buf[HELLO_BUF_SZ];
data/squid-4.13/src/ipc/FdNotes.cc:18:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *FdNotes[Ipc::fdnEnd] = {
data/squid-4.13/src/ipc/MemMap.cc:304:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, block, blockSize);
data/squid-4.13/src/ipc/MemMap.h:47:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MEMMAP_SLOT_KEY_SIZE]; ///< The entry key
data/squid-4.13/src/ipc/MemMap.h:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char p[MEMMAP_SLOT_DATA_SIZE]; ///< The memory block;
data/squid-4.13/src/ipc/Queue.h:407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(theBuffer + pos, &value, sizeof(value));
data/squid-4.13/src/ipc/TypedMsgHdr.cc:34:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<msghdr*>(this), static_cast<const msghdr*>(&tmh), sizeof(msghdr));
data/squid-4.13/src/ipc/TypedMsgHdr.cc:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/squid-4.13/src/ipc/TypedMsgHdr.cc:177:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rawBuf, data.raw + offset, rawSize);
data/squid-4.13/src/ipc/TypedMsgHdr.cc:188:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data.raw + data.size, rawBuf, rawSize);
data/squid-4.13/src/ipc/TypedMsgHdr.cc:217:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fdStore, &fd, fdCount * sizeof(int));
data/squid-4.13/src/ipc/TypedMsgHdr.cc:236:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fd, fdStore, fdCount * sizeof(int));
data/squid-4.13/src/ipc/TypedMsgHdr.h:97:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw[maxSize]; ///< buffer with type-specific data
data/squid-4.13/src/ipc/TypedMsgHdr.h:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw[SQUID_CMSG_SPACE(sizeof(int))];
data/squid-4.13/src/ipc/mem/Pages.cc:99:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open();
data/squid-4.13/src/ipc/mem/Pages.cc:126:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
SharedMemPagesRr::open()
data/squid-4.13/src/ipc/mem/Pointer.h:165:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
theSegment.open();
data/squid-4.13/src/ipc/mem/Segment.cc:133:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Ipc::Mem::Segment::open()
data/squid-4.13/src/ipc/mem/Segment.cc:345:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Ipc::Mem::Segment::open()
data/squid-4.13/src/ipc/mem/Segment.cc:392:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/squid-4.13/src/ipc/mem/Segment.h:35:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(); ///< Open an existing shared memory segment.
data/squid-4.13/src/ipc/mem/Segment.h:93:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual void open() {}
data/squid-4.13/src/ipc_win32.cc:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hello_buf[HELLO_BUF_SZ];
data/squid-4.13/src/ipc_win32.cc:299:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pid = atol(hello_buf);
data/squid-4.13/src/ipc_win32.cc:751:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fd_table[crfd].flags.open)
data/squid-4.13/src/ipcache.cc:422:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, answers[k].rdata, sizeof(struct in_addr));
data/squid-4.13/src/ipcache.cc:433:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, answers[k].rdata, sizeof(struct in6_addr));
data/squid-4.13/src/ipcache.cc:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/log/File.cc:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/squid-4.13/src/log/File.h:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/squid-4.13/src/log/FormatHttpdCombined.cc:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientip[MAX_IPSTRLEN];
data/squid-4.13/src/log/FormatHttpdCommon.cc:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientip[MAX_IPSTRLEN];
data/squid-4.13/src/log/FormatSquidIcap.cc:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_IPSTRLEN], clientbuf[MAX_IPSTRLEN];
data/squid-4.13/src/log/FormatSquidNative.cc:25:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hierHost[MAX_IPSTRLEN];
data/squid-4.13/src/log/FormatSquidNative.cc:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientip[MAX_IPSTRLEN];
data/squid-4.13/src/log/FormatSquidReferer.cc:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientip[MAX_IPSTRLEN];
data/squid-4.13/src/log/FormatSquidUseragent.cc:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientip[MAX_IPSTRLEN];
data/squid-4.13/src/log/ModDaemon.cc:180:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b->buf + b->len, buf, s);
data/squid-4.13/src/log/ModDaemon.cc:213:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[5];
data/squid-4.13/src/log/ModDaemon.cc:275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tb[3];
data/squid-4.13/src/log/ModStdio.cc:71:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ll->buf + ll->offset, buf, len);
data/squid-4.13/src/log/ModUdp.cc:88:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ll->buf + ll->offset, buf, len);
data/squid-4.13/src/log/file/log_file_daemon.cc:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[MAXPATHLEN];
data/squid-4.13/src/log/file/log_file_daemon.cc:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[MAXPATHLEN];
data/squid-4.13/src/log/file/log_file_daemon.cc:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOGFILE_BUF_LEN];
data/squid-4.13/src/log/file/log_file_daemon.cc:106:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(argv[1], "a");
data/squid-4.13/src/log/file/log_file_daemon.cc:116:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
t = open(_PATH_DEVNULL, O_RDWR);
data/squid-4.13/src/log/file/log_file_daemon.cc:137:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(argv[1], "a");
data/squid-4.13/src/log/file/log_file_daemon.cc:155:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(argv[1], "a");
data/squid-4.13/src/log/file/log_file_daemon.cc:167:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rotate_count = atoi(buf + 1);
data/squid-4.13/src/main.cc:666:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
icpPortNumOverride = atoi(optValue);
data/squid-4.13/src/main.cc:1124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[MAXPATHLEN];
data/squid-4.13/src/main.cc:1756:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[MAXPATHLEN];
data/squid-4.13/src/main.cc:1926:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((i = open("/dev/tty", O_RDWR | O_TEXT)) >= 0) {
data/squid-4.13/src/main.cc:1939:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nullfd = open(_PATH_DEVNULL, O_RDWR | O_TEXT);
data/squid-4.13/src/mem/Pool.cc:89:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defaultIsChunked = atoi(cfg);
data/squid-4.13/src/mem/old_api.cc:340:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newbuf, oldbuf, data_size);
data/squid-4.13/src/mem/old_api.cc:679:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/squid-4.13/src/mem_node.h:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[SM_PAGE_SIZE];
data/squid-4.13/src/mgr/QueryParams.cc:83:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
array.push_back(atoi(paramStr.substr(n, i).termedBuf()));
data/squid-4.13/src/mgr/QueryParams.cc:88:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
array.push_back(atoi(paramStr.substr(n, pmatch[2].rm_eo).termedBuf()));
data/squid-4.13/src/mgr/StoreToCommWriter.h:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[HTTP_REQBUF_SZ]; ///< action results; Store fills, Comm writes
data/squid-4.13/src/mime.cc:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/src/mime.cc:233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chopbuf[BUFSIZ];
data/squid-4.13/src/mime.cc:250:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r")) == NULL) {
data/squid-4.13/src/mime.cc:372:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[MAXPATHLEN];
data/squid-4.13/src/neighbors.cc:1593:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/neighbors.cc:1754:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/squid-4.13/src/pconn.h:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fakeReadBuf_[4096]; // TODO: kill magic number.
data/squid-4.13/src/peer_digest.cc:692:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pd->cd->mask + fetch->mask_offset, buf, size);
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:74:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char err_code[17];
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:137:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:148:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, status_string.value,
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:158:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf + len, ". ");
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:168:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + len, status_string.value,
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:333:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[KT_PATH_MAX], *p;
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:562:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char b64buf[8192]; // XXX: 8KB only because base64_encode_bin() used to.
data/squid-4.13/src/peer_sourcehash.cc:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/recv-announce.cc:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RECV_BUF_SIZE];
data/squid-4.13/src/recv-announce.cc:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[4];
data/squid-4.13/src/recv-announce.cc:78:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open(logfile, O_WRONLY | O_CREAT | O_APPEND, 0660) < 0) {
data/squid-4.13/src/recv-announce.cc:97:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ip, &R.sin_addr.s_addr, 4);
data/squid-4.13/src/redirect.cc:136:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const Http::StatusCode status = static_cast<Http::StatusCode>(atoi(result));
data/squid-4.13/src/redirect.cc:145:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statusBuf[4];
data/squid-4.13/src/redirect.cc:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_REDIRECTOR_REQUEST_STRLEN];
data/squid-4.13/src/sbuf/SBuf.cc:288:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testbuf[16];
data/squid-4.13/src/sbuf/SBuf.cc:513:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, buf(), toexport);
data/squid-4.13/src/sbuf/Stream.h:45:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[1] = {static_cast<char>(aChar)};
data/squid-4.13/src/security/KeyData.cc:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/squid-4.13/src/security/NegotiationHistory.cc:31:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512];
data/squid-4.13/src/security/PeerConnector.cc:674:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/squid-4.13/src/security/ServerOptions.cc:198:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/squid-4.13/src/security/ServerOptions.cc:288:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/squid-4.13/src/security/ServerOptions.cc:310:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/squid-4.13/src/security/ServerOptions.cc:355:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (FILE *in = fopen(dhParamsFile.c_str(), "r")) {
data/squid-4.13/src/security/Session.cc:299:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[MEMMAP_SLOT_KEY_SIZE];
data/squid-4.13/src/security/Session.cc:304:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, id, idlen);
data/squid-4.13/src/security/cert_generators/file/certificate_db.cc:55:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename.c_str(), O_RDWR);
data/squid-4.13/src/security/cert_generators/file/certificate_db.cc:164:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row[cell], value, sizeof(char) * (strlen(value) + 1));
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:331:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[HELPER_INPUT_BUFFER];
data/squid-4.13/src/servers/FtpServer.cc:96:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/servers/FtpServer.cc:867:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/squid-4.13/src/servers/FtpServer.cc:897:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_IPSTRLEN];
data/squid-4.13/src/servers/FtpServer.cc:1379:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipBuf[MAX_IPSTRLEN];
data/squid-4.13/src/servers/FtpServer.h:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uploadBuf[CLIENT_REQ_BUF_SZ]; ///< data connection input buffer
data/squid-4.13/src/snmp/Session.cc:34:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<snmp_session *>(this), &session, sizeof(snmp_session));
data/squid-4.13/src/snmp/Var.cc:309:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val.string, value, length);
data/squid-4.13/src/snmp_agent.cc:239:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[MAX_IPSTRLEN];
data/squid-4.13/src/snmp_core.cc:345:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[SNMP_REQUEST_SIZE];
data/squid-4.13/src/snmp_core.cc:684:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, sizeof(*name) * (*len));
data/squid-4.13/src/snmp_core.cc:701:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, sizeof(*name) * (*len));
data/squid-4.13/src/snmp_core.cc:712:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, sizeof(*name) * (*len));
data/squid-4.13/src/snmp_core.cc:740:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, sizeof(*name) * (*len));
data/squid-4.13/src/snmp_core.cc:752:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, (sizeof(*name) * current->len ));
data/squid-4.13/src/snmp_core.cc:787:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, (sizeof(*name) * (*len)));
data/squid-4.13/src/snmp_core.cc:811:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(instance, name, (sizeof(*name) * (current->len)));
data/squid-4.13/src/snmp_core.cc:941:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*name)[*nl] = atoi(s); // stops at the '.' delimiter
data/squid-4.13/src/snmp_core.cc:964:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/squid-4.13/src/snmp_core.cc:1054:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mbuf[16];
data/squid-4.13/src/ssl/ErrorDetail.cc:549:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpBuffer[128];
data/squid-4.13/src/ssl/ErrorDetail.cc:588:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpBuffer[256]; // A temporary buffer
data/squid-4.13/src/ssl/ErrorDetail.cc:636:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpBuffer[256]; // A temporary buffer
data/squid-4.13/src/ssl/ErrorDetail.cc:653:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpBuffer[256]; // A temporary buffer
data/squid-4.13/src/ssl/ErrorDetail.cc:668:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmpBuffer[256]; // A temporary buffer
data/squid-4.13/src/ssl/ErrorDetailManager.cc:134:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[256];
data/squid-4.13/src/ssl/bio.cc:232:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, rbuf.rawContent(), bytes);
data/squid-4.13/src/ssl/bio.cc:355:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, rbuf.rawContent() + rbufConsumePos, bytes);
data/squid-4.13/src/ssl/bio.cc:449:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssl->s3->client_random, details->clientRandom.c_str(), SSL3_RANDOM_SIZE);
data/squid-4.13/src/ssl/bio.cc:450:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wb->buf, helloMessage.rawContent(), helloMessage.length());
data/squid-4.13/src/ssl/bio.cc:456:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssl->init_buf->data, mainHello, mainHelloSize);
data/squid-4.13/src/ssl/bio.cc:709:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cbytes[3];
data/squid-4.13/src/ssl/cert_validate_message.cc:168:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentItem.error_depth = atoi(v.c_str());
data/squid-4.13/src/ssl/crtd_message.cc:72:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
body_size = atoi(current_block.c_str());
data/squid-4.13/src/ssl/crtd_message.cc:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/squid-4.13/src/ssl/gadgets.cc:224:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3];
data/squid-4.13/src/ssl/gadgets.cc:447:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dnsName[1024]; // DNS names are limited to 256 characters
data/squid-4.13/src/ssl/gadgets.cc:630:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[EVP_MAX_MD_SIZE];
data/squid-4.13/src/ssl/gadgets.cc:641:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[EVP_MAX_MD_SIZE];
data/squid-4.13/src/ssl/gadgets.cc:796:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, aTime->data, aTime->length);
data/squid-4.13/src/ssl/gadgets.cc:803:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strTime1[64], strTime2[64];
data/squid-4.13/src/ssl/gadgets.cc:887:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[1024] = ""; // stores common name (CN)
data/squid-4.13/src/ssl/helper.cc:199:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl = atoi(token + 4);
data/squid-4.13/src/ssl/helper.cc:202:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cache = atoi(token + 6);
data/squid-4.13/src/ssl/support.cc:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[1024];
data/squid-4.13/src/ssl/support.cc:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cn[1024];
data/squid-4.13/src/ssl/support.cc:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256] = "";
data/squid-4.13/src/ssl/support.cc:597:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[1024];
data/squid-4.13/src/ssl/support.cc:634:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/squid-4.13/src/ssl/support.cc:639:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[EVP_MAX_MD_SIZE];
data/squid-4.13/src/ssl/support.cc:731:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, ptr, len);
data/squid-4.13/src/ssl/support.cc:772:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, ptr, len);
data/squid-4.13/src/ssl/support.cc:956:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char uri[MAX_URL];
data/squid-4.13/src/ssl/support.cc:987:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[2048];
data/squid-4.13/src/ssl/support.cc:1001:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[2048];
data/squid-4.13/src/stat.cc:284:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "SPECIAL,");
data/squid-4.13/src/stat.cc:287:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "REVALIDATE_ALWAYS,");
data/squid-4.13/src/stat.cc:290:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "DELAY_SENDING,");
data/squid-4.13/src/stat.cc:293:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "RELEASE_REQUEST,");
data/squid-4.13/src/stat.cc:296:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "REFRESH_REQUEST,");
data/squid-4.13/src/stat.cc:299:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "REVALIDATE_STALE,");
data/squid-4.13/src/stat.cc:302:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "DISPATCHED,");
data/squid-4.13/src/stat.cc:305:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "PRIVATE,");
data/squid-4.13/src/stat.cc:308:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "FWD_HDR_WAIT,");
data/squid-4.13/src/stat.cc:311:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "NEGCACHED,");
data/squid-4.13/src/stat.cc:314:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "VALIDATED,");
data/squid-4.13/src/stat.cc:317:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "BAD_LENGTH,");
data/squid-4.13/src/stat.cc:320:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "ABORTED,");
data/squid-4.13/src/stat.cc:1777:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/stmem.cc:122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aNode->nodeBuffer.data + aNode->nodeBuffer.length, source, copyLen);
data/squid-4.13/src/stmem.cc:202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target, aNode->nodeBuffer.data + copyOffset, copyLen);
data/squid-4.13/src/store_key_md5.cc:24:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[SQUID_MD5_DIGEST_LENGTH * 2+1];
data/squid-4.13/src/store_key_md5.cc:36:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char digest[SQUID_MD5_DIGEST_LENGTH];
data/squid-4.13/src/store_key_md5.cc:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[3];
data/squid-4.13/src/store_key_md5.cc:144:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dup, key, SQUID_MD5_DIGEST_LENGTH);
data/squid-4.13/src/store_key_md5.cc:151:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, SQUID_MD5_DIGEST_LENGTH);
data/squid-4.13/src/store_rebuild.cc:241:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(index, x.value, SQUID_MD5_DIGEST_LENGTH);
data/squid-4.13/src/store_rebuild.cc:267:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&what->timestamp, x.value, STORE_HDR_METASIZE);
data/squid-4.13/src/store_swapmeta.cc:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[j], &buflen, sizeof(int));
data/squid-4.13/src/store_swapmeta.cc:131:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[j], &t->length, sizeof(int));
data/squid-4.13/src/store_swapmeta.cc:133:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buf[j], t->value, t->length);
data/squid-4.13/src/tests/stub_debug.cc:68:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char f[BUFSIZ];
data/squid-4.13/src/tests/testAddress.cc:422:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:445:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:511:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:545:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntoabuf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostbuf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testAddress.cc:729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbuf[MAX_IPSTRLEN];
data/squid-4.13/src/tests/testConfigParser.cc:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfgline[2048];
data/squid-4.13/src/tests/testConfigParser.cc:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfgparam[2048];
data/squid-4.13/src/tests/testRock.cc:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cwd[MAXPATHLEN];
data/squid-4.13/src/tests/testRock.cc:179:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[64];
data/squid-4.13/src/tests/testSBuf.cc:771:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40]; //shorter than literal()
data/squid-4.13/src/time.cc:85:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/src/time.cc:100:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/src/tools.cc:108:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char command[256];
data/squid-4.13/src/tools.cc:121:15: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
int tfd = mkstemp(filename);
data/squid-4.13/src/tools.cc:131:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
(fp = fopen(filename, "w")) == NULL) {
data/squid-4.13/src/tools.cc:913:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/squid-4.13/src/tools.cc:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[512];
data/squid-4.13/src/tools.cc:924:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(Config.etcHostsPath, "r");
data/squid-4.13/src/tunnel.cc:464:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(server.buf, connectRespBuf->content(), server.len);
data/squid-4.13/src/tunnel.cc:534:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(server.buf, connectRespBuf->content()+rep.hdr_sz, server.len);
data/squid-4.13/src/tunnel.cc:844:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(client.buf, preReadClientData.rawContent(), copyBytes);
data/squid-4.13/src/tunnel.cc:858:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(server.buf, preReadServerData.rawContent(), copyBytes);
data/squid-4.13/src/ufsdump.cc:134:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (argv[1], O_RDONLY | O_BINARY);
data/squid-4.13/src/ufsdump.cc:139:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[SM_PAGE_SIZE];
data/squid-4.13/src/unlinkd.cc:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN];
data/squid-4.13/src/unlinkd.cc:88:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rbuf[512];
data/squid-4.13/src/unlinkd.cc:196:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[2];
data/squid-4.13/src/unlinkd_daemon.cc:56:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open(_PATH_DEVNULL, O_RDWR) < 0) {
data/squid-4.13/src/urn.cc:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reqbuf[URN_REQBUF_SZ] = { '\0' };
data/squid-4.13/src/urn.cc:387:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list, old, i * sizeof(*list));
data/squid-4.13/src/wccp.cc:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[WCCP_HASH_SIZE];
data/squid-4.13/src/wccp.cc:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[WCCP_HASH_SIZE];
data/squid-4.13/src/wccp.cc:335:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&caches[loop],
data/squid-4.13/src/wccp2.cc:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buckets[32]; /* Draft indicates 8x 32-bit buckets but it's just a mask so doesn't matter how we define. */
data/squid-4.13/src/wccp2.cc:344:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[WCCP_RESPONSE_SIZE];
data/squid-4.13/src/wccp2.cc:450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wccp_packet[WCCP_RESPONSE_SIZE];
data/squid-4.13/src/wccp2.cc:454:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wccp_password[WCCP2_PASSWORD_LEN]; /* hold the trailing C-string NUL */
data/squid-4.13/src/wccp2.cc:556:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[WCCP2_PASSWORD_LEN];
data/squid-4.13/src/wccp2.cc:593:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ws->security_implementation, md5Digest, sizeof(md5Digest));
data/squid-4.13/src/wccp2.cc:609:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwd[WCCP2_PASSWORD_LEN];
data/squid-4.13/src/wccp2.cc:720:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_security_md5, sizeof(struct wccp2_security_md5_t));
data/squid-4.13/src/wccp2.cc:724:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_security_md5, 8);
data/squid-4.13/src/wccp2.cc:734:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &service_list_ptr->info, sizeof(struct wccp2_service_info_t));
data/squid-4.13/src/wccp2.cc:757:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_identity_info, sizeof(struct wccp2_identity_info_t));
data/squid-4.13/src/wccp2.cc:791:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_mask_identity_info, sizeof(struct wccp2_mask_identity_info_t));
data/squid-4.13/src/wccp2.cc:813:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_cache_view_header, sizeof(wccp2_cache_view_header));
data/squid-4.13/src/wccp2.cc:824:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &service_list_ptr->num_routers, sizeof(service_list_ptr->num_routers));
data/squid-4.13/src/wccp2.cc:864:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_cache_view_info.num_caches, sizeof(wccp2_cache_view_info.num_caches));
data/squid-4.13/src/wccp2.cc:877:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_capability_info_header, sizeof(wccp2_capability_info_header));
data/squid-4.13/src/wccp2.cc:892:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_capability_element, sizeof(wccp2_capability_element));
data/squid-4.13/src/wccp2.cc:907:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_capability_element, sizeof(wccp2_capability_element));
data/squid-4.13/src/wccp2.cc:922:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &wccp2_capability_element, sizeof(wccp2_capability_element));
data/squid-4.13/src/wccp2.cc:929:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&service_list_ptr->wccp_packet, &wccp2_here_i_am_header, sizeof(wccp2_here_i_am_header));
data/squid-4.13/src/wccp2.cc:1429:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cache_address, &cache_identity->addr, sizeof(struct in_addr));
data/squid-4.13/src/wccp2.cc:1446:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cache_address, &cache_mask_identity->addr, sizeof(struct in_addr));
data/squid-4.13/src/wccp2.cc:1451:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cache_address, &cache_mask_info->addr, sizeof(struct in_addr));
data/squid-4.13/src/wccp2.cc:1609:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wccp_packet[WCCP_RESPONSE_SIZE];
data/squid-4.13/src/wccp2.cc:1684:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(security, service_list_ptr->security_info, 8);
data/squid-4.13/src/wccp2.cc:1692:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(security, service_list_ptr->security_info, sizeof(struct wccp2_security_md5_t));
data/squid-4.13/src/wccp2.cc:1703:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wccp_packet[offset], service_list_ptr->service_info, sizeof(struct wccp2_service_info_t));
data/squid-4.13/src/wccp2.cc:1750:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wccp_packet[offset], &service_list_ptr->num_routers, sizeof(service_list_ptr->num_routers));
data/squid-4.13/src/wccp2.cc:1779:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wccp_packet[offset], &router_list_ptr->num_caches, sizeof(router_list_ptr->num_caches));
data/squid-4.13/src/wccp2.cc:1790:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cache_address, &cache_list_ptr->cache_ip, sizeof(struct in_addr));
data/squid-4.13/src/wccp2.cc:1849:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wccp_packet[offset], &num_maskval, sizeof(int));
data/squid-4.13/src/wccp2.cc:2097:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wccp_password[WCCP2_PASSWORD_LEN];
data/squid-4.13/src/wccp2.cc:2241:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char copy[10];
data/squid-4.13/src/wccp2.cc:2251:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy, tmp, len);
data/squid-4.13/src/wccp2.cc:2503:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, this_item, sizeof(struct wccp2_cache_list_t));
data/squid-4.13/src/wccp2.cc:2510:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this_item, next_lowest, sizeof(struct wccp2_cache_list_t));
data/squid-4.13/src/wccp2.cc:2511:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(next_lowest, &tmp, sizeof(struct wccp2_cache_list_t));
data/squid-4.13/src/whois.cc:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ+1]; /* readReply adds terminating NULL */
data/squid-4.13/test-suite/membanger.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mbuf[256];
data/squid-4.13/test-suite/membanger.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[32];
data/squid-4.13/test-suite/membanger.c:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_ptr[32];
data/squid-4.13/test-suite/membanger.c:103:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
run_stats = atoi(optarg);
data/squid-4.13/test-suite/membanger.c:107:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fn, "r");
data/squid-4.13/test-suite/membanger.c:110:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
initsiz = atoi(optarg);
data/squid-4.13/test-suite/membanger.c:113:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mem_max_size = atoi(optarg) * 1024 * 1024;
data/squid-4.13/test-suite/membanger.c:116:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxsiz = atoi(optarg);
data/squid-4.13/test-suite/membanger.c:119:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
minchunk = atoi(optarg);
data/squid-4.13/test-suite/membanger.c:148:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(p);
data/squid-4.13/test-suite/membanger.c:165:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
amt = atoi(p);
data/squid-4.13/test-suite/membanger.c:169:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(p);
data/squid-4.13/test-suite/membanger.c:199:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size2id(atoi(p), mi); /* we don't need it here I guess? */
data/squid-4.13/test-suite/stub_debug.cc:68:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char f[BUFSIZ];
data/squid-4.13/test-suite/tcp-banger2.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char method[16];
data/squid-4.13/test-suite/tcp-banger2.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char requestbodyfile[256];
data/squid-4.13/test-suite/tcp-banger2.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[READ_BUF_SZ * 2 + 1];
data/squid-4.13/test-suite/tcp-banger2.c:145:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/test-suite/tcp-banger2.c:195:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[READ_BUF_SZ];
data/squid-4.13/test-suite/tcp-banger2.c:210:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r->buf + oldlen, buf, len);
data/squid-4.13/test-suite/tcp-banger2.c:220:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r->status = atoi(header + 8);
data/squid-4.13/test-suite/tcp-banger2.c:222:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r->content_length = atoi(header + 15);
data/squid-4.13/test-suite/tcp-banger2.c:226:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[8192];
data/squid-4.13/test-suite/tcp-banger2.c:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/squid-4.13/test-suite/tcp-banger2.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[8192];
data/squid-4.13/test-suite/tcp-banger2.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbuf[8192];
data/squid-4.13/test-suite/tcp-banger2.c:343:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r->validsize = atoi(size);
data/squid-4.13/test-suite/tcp-banger2.c:349:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
r->validstatus = atoi(status);
data/squid-4.13/test-suite/tcp-banger2.c:364:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "Accept: */*\r\n");
data/squid-4.13/test-suite/tcp-banger2.c:371:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open(file, O_RDONLY);
data/squid-4.13/test-suite/tcp-banger2.c:383:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "Range: bytes=");
data/squid-4.13/test-suite/tcp-banger2.c:402:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "\r\n");
data/squid-4.13/test-suite/tcp-banger2.c:405:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, "\r\n");
data/squid-4.13/test-suite/tcp-banger2.c:439:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[8192];
data/squid-4.13/test-suite/tcp-banger2.c:498:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proxy_port = atoi(optarg);
data/squid-4.13/test-suite/tcp-banger2.c:504:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_connections = atoi(optarg);
data/squid-4.13/test-suite/tcp-banger2.c:510:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lifetime = (time_t) atoi(optarg);
data/squid-4.13/test-suite/tcp-banger2.c:513:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
process_lifetime = (time_t) atoi(optarg);
data/squid-4.13/test-suite/tcp-banger2.c:519:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace_file = fopen(optarg, "a");
data/squid-4.13/test-suite/tcp-banger2.c:529:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(custom_header, "\r\n");
data/squid-4.13/tools/MemBuf.cc:228:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(space(), newContent, sz);
data/squid-4.13/tools/cachemgr.cc:256:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("cachemgr.conf", "r");
data/squid-4.13/tools/cachemgr.cc:259:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(DEFAULT_CACHEMGR_CONFIG, "r");
data/squid-4.13/tools/cachemgr.cc:309:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_line[BUFSIZ];
data/squid-4.13/tools/cachemgr.cc:427:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(sp);
data/squid-4.13/tools/cachemgr.cc:433:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char url[1024];
data/squid-4.13/tools/cachemgr.cc:564:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char html[2 * 1024];
data/squid-4.13/tools/cachemgr.cc:588:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4 * 1024];
data/squid-4.13/tools/cachemgr.cc:593:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(tmpfile, "w+");
data/squid-4.13/tools/cachemgr.cc:593:22: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
FILE *fp = fopen(tmpfile, "w+");
data/squid-4.13/tools/cachemgr.cc:614:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
perror(tmpfile);
data/squid-4.13/tools/cachemgr.cc:615:15: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
xfree(tmpfile);
data/squid-4.13/tools/cachemgr.cc:770:12: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
remove(tmpfile);
data/squid-4.13/tools/cachemgr.cc:771:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
xfree(tmpfile);
data/squid-4.13/tools/cachemgr.cc:783:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipbuf[MAX_IPSTRLEN];
data/squid-4.13/tools/cachemgr.cc:789:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[2 * 1024];
data/squid-4.13/tools/cachemgr.cc:980:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[65535];
data/squid-4.13/tools/cachemgr.cc:1049:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req->port = atoi(q);
data/squid-4.13/tools/cachemgr.cc:1070:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req->port = atoi(p);
data/squid-4.13/tools/cachemgr.cc:1088:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/squid-4.13/tools/cachemgr.cc:1173:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(time_str) + passwd_ttl < now) {
data/squid-4.13/tools/cachemgr.cc:1205:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/squid-4.13/tools/cachemgr.cc:1239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_line[BUFSIZ];
data/squid-4.13/tools/cachemgr.cc:1242:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("cachemgr.conf", "r");
data/squid-4.13/tools/cachemgr.cc:1245:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(DEFAULT_CACHEMGR_CONFIG, "r");
data/squid-4.13/tools/purge/conffile.cc:76:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/squid-4.13/tools/purge/conffile.cc:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, line[1024];
data/squid-4.13/tools/purge/conffile.cc:101:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/squid-4.13/tools/purge/convert.cc:76:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char s[sizeof(a.s_addr)];
data/squid-4.13/tools/purge/convert.cc:77:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( s, &a.s_addr, sizeof(a.s_addr) );
data/squid-4.13/tools/purge/convert.cc:131:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy( &dst.s_addr, dns->h_addr, dns->h_length );
data/squid-4.13/tools/purge/copyout.cc:164:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int out = open( filename, O_CREAT | O_RDWR | O_TRUNC, 0664 );
data/squid-4.13/tools/purge/copyout.cc:174:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int input = open( fn, O_RDONLY );
data/squid-4.13/tools/purge/copyout.cc:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32768];
data/squid-4.13/tools/purge/copyout.cc:272:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, src+metasize, filesize-metasize );
data/squid-4.13/tools/purge/purge.cc:171:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/squid-4.13/tools/purge/purge.cc:190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/squid-4.13/tools/purge/purge.cc:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[34];
data/squid-4.13/tools/purge/purge.cc:275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeb[256];
data/squid-4.13/tools/purge/purge.cc:279:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &temp, findings->data, sizeof(StoreMetaStd) );
data/squid-4.13/tools/purge/purge.cc:286:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &temp, findings->data, sizeof(StoreMetaStdLFS) );
data/squid-4.13/tools/purge/purge.cc:408:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open( fn, O_RDONLY );
data/squid-4.13/tools/purge/purge.cc:418:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &datastart, ::linebuffer + 1, sizeof(unsigned int) );
data/squid-4.13/tools/purge/purge.cc:432:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &size, linebuffer+offset+sizeof(char), sizeof(unsigned int) );
data/squid-4.13/tools/purge/purge.cc:512:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char alivelist[4][3] = { "\\\b", "|\b", "/\b", "-\b" };
data/squid-4.13/tools/purge/purge.cc:694:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (rfile = fopen( optarg, "r" )) != NULL ) {
data/squid-4.13/tools/purge/purge.cc:697:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINESIZE];
data/squid-4.13/tools/squidclient/Ping.cc:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[4096];
data/squid-4.13/tools/squidclient/Ping.cc:189:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(optarg);
data/squid-4.13/tools/squidclient/Ping.cc:200:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if ((interval = atoi(optarg) * 1000) <= 0) {
data/squid-4.13/tools/squidclient/Transport.cc:115:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ioTimeout = atoi(optarg);
data/squid-4.13/tools/squidclient/Transport.cc:222:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostnameBuf[MAX_IPSTRLEN];
data/squid-4.13/tools/squidclient/gssapi_support.cc:39:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE];
data/squid-4.13/tools/squidclient/gssapi_support.cc:106:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, "ERROR", 5);
data/squid-4.13/tools/squidclient/gssapi_support.cc:145:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(token, "ERROR", 5);
data/squid-4.13/tools/squidclient/squidclient.cc:241:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[BUFSIZ];
data/squid-4.13/tools/squidclient/squidclient.cc:242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/squid-4.13/tools/squidclient/squidclient.cc:343:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ims = (time_t) atoi(optarg);
data/squid-4.13/tools/squidclient/squidclient.cc:352:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_forwards = atoi(optarg);
data/squid-4.13/tools/squidclient/squidclient.cc:367:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Transport::Config.ioTimeout = atoi(optarg);
data/squid-4.13/tools/squidclient/squidclient.cc:440:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
put_fd = open(put_file, O_RDONLY);
data/squid-4.13/tools/squidclient/stub_debug.cc:68:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char f[BUFSIZ];
data/squid-4.13/tools/squidclient/time.cc:85:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/tools/squidclient/time.cc:100:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/tools/stub_debug.cc:68:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char f[BUFSIZ];
data/squid-4.13/tools/time.cc:85:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/tools/time.cc:100:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/squid-4.13/compat/GnuRegex.c:4166:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = regex_compile(pattern, strlen(pattern), syntax, preg);
data/squid-4.13/compat/GnuRegex.c:4201:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/squid-4.13/compat/GnuRegex.c:4268:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_size = strlen(msg) + 1; /* Includes the null. */
data/squid-4.13/compat/GnuRegex.c:4272:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errbuf, msg, errbuf_size - 1);
data/squid-4.13/compat/cmsg.h:114:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen ((ptr)->sun_path))
data/squid-4.13/compat/compat_shared.h:49:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define NAMLEN(dirent) strlen((dirent)->d_name)
data/squid-4.13/compat/getaddrinfo.cc:282:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sai->ai_canonname = (char *)malloc(strlen(hp->h_name) + 1);
data/squid-4.13/compat/getnameinfo.cc:204:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sp->s_name) + 1 > servlen)
data/squid-4.13/compat/getnameinfo.cc:209:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(numserv) + 1 > servlen)
data/squid-4.13/compat/getnameinfo.cc:298:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hp->h_name) + 1 > hostlen) {
data/squid-4.13/compat/getnameinfo.cc:351:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numaddrlen = strlen(numaddr);
data/squid-4.13/compat/getnameinfo.cc:408:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(p));
data/squid-4.13/compat/inet_ntop.cc:225:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp += strlen(tp);
data/squid-4.13/compat/os/mswindows.h:136:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
#define umask _umask
data/squid-4.13/compat/os/mswindows.h:476:1: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(int fd, void * buf, size_t siz)
data/squid-4.13/compat/os/solaris.h:90:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define SUN_LEN(su) (sizeof(*(su)) - sizeof((su)->sun_path) + strlen((su)->sun_path))
data/squid-4.13/compat/statvfs.cc:33:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(drive, path, 2);
data/squid-4.13/compat/statvfs.cc:35:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(drive, "\\");
data/squid-4.13/compat/strnstr.cc:83:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/squid-4.13/compat/xstring.cc:29:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(s) + 1;
data/squid-4.13/compat/xstring.cc:68:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sz = strlen(s) + 1;
data/squid-4.13/lib/dirent.c:90:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd = (DIR *) malloc(sizeof(DIR) + (strlen(szFullPath)
data/squid-4.13/lib/dirent.c:91:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(SLASH)
data/squid-4.13/lib/dirent.c:92:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(SUFFIX) + 1)
data/squid-4.13/lib/dirent.c:106:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(nd->dd_name) - 1
data/squid-4.13/lib/dirent.c:108:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(nd->dd_name) - 1) {
data/squid-4.13/lib/dirent.c:186:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirp->dd_dir.d_namlen = strlen(dirp->dd_dta.name);
data/squid-4.13/lib/hash.cc:63:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(key);
data/squid-4.13/lib/hash.cc:350:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf) - 1] = '\0';
data/squid-4.13/lib/html_quote.c:64:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf == NULL || strlen(string) * 6 > bufsize) {
data/squid-4.13/lib/html_quote.c:66:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize = strlen(string) * 6 + 1;
data/squid-4.13/lib/html_quote.c:93:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst, escape, 7);
data/squid-4.13/lib/html_quote.c:94:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst += strlen(escape);
data/squid-4.13/lib/iso3307.c:32:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(buf) < 14)
data/squid-4.13/lib/ntlmauth/ntlmauth.cc:211:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint16_t dlen = strlen(domain) & 0xFFFF;
data/squid-4.13/lib/rfc1123.c:92:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(year) == 4)
data/squid-4.13/lib/rfc1738.c:64:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf == NULL || strlen(url) * 3 > bufsize) {
data/squid-4.13/lib/rfc1738.c:66:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize = strlen(url) * 3 + 1;
data/squid-4.13/lib/rfc2617.c:103:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszUserName, strlen(pszUserName));
data/squid-4.13/lib/rfc2617.c:105:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszRealm, strlen(pszRealm));
data/squid-4.13/lib/rfc2617.c:107:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszPassword, strlen(pszPassword));
data/squid-4.13/lib/rfc2617.c:116:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszNonce, strlen(pszNonce));
data/squid-4.13/lib/rfc2617.c:118:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
data/squid-4.13/lib/rfc2617.c:146:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszMethod, strlen(pszMethod));
data/squid-4.13/lib/rfc2617.c:148:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszDigestUri, strlen(pszDigestUri));
data/squid-4.13/lib/rfc2617.c:161:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszNonce, strlen(pszNonce));
data/squid-4.13/lib/rfc2617.c:164:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszNonceCount, strlen(pszNonceCount));
data/squid-4.13/lib/rfc2617.c:166:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
data/squid-4.13/lib/rfc2617.c:168:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&Md5Ctx, pszQop, strlen(pszQop));
data/squid-4.13/lib/rfcnb/rfcnb-io.c:159:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(con->fd, temp, this_read);
data/squid-4.13/lib/rfcnb/rfcnb-io.c:304:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((read_len = read(con->fd, hdr, sizeof(hdr))) < 0) { /* Problems */
data/squid-4.13/lib/rfcnb/rfcnb-io.c:402:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((this_time = read(con->fd, (pkt_frag->data) + offset, this_len)) <= 0) { /* Problems */
data/squid-4.13/lib/rfcnb/rfcnb-util.c:76:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name1);
data/squid-4.13/lib/rfcnb/session.c:94:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Called_Address) != 0) { /* If the Called Address = "" */
data/squid-4.13/lib/smblib/smbencrypt.c:125:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *) passwd);
data/squid-4.13/lib/smblib/smblib-util.c:254:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prots_len = prots_len + strlen(Prots[i]) + 2; /* Account for null etc */
data/squid-4.13/lib/smblib/smblib-util.c:306:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(Prots[i]) + 2; /* Adjust len of p for null plus dialectID */
data/squid-4.13/lib/smblib/smblib-util.c:457:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(name, "unknown", len);
data/squid-4.13/lib/smblib/smblib-util.c:504:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_len = strlen(path) + 2 + strlen(password) + 2 + strlen(device) + 2;
data/squid-4.13/lib/smblib/smblib-util.c:504:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_len = strlen(path) + 2 + strlen(password) + 2 + strlen(device) + 2;
data/squid-4.13/lib/smblib/smblib-util.c:504:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_len = strlen(path) + 2 + strlen(password) + 2 + strlen(device) + 2;
data/squid-4.13/lib/smblib/smblib-util.c:562:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(path) + 2;
data/squid-4.13/lib/smblib/smblib-util.c:565:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(password) + 2;
data/squid-4.13/lib/smblib/smblib-util.c:804:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msgbuf,
data/squid-4.13/lib/smblib/smblib-util.c:814:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msgbuf,
data/squid-4.13/lib/smblib/smblib-util.c:820:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msgbuf) < len) { /* If there is space, put rest in */
data/squid-4.13/lib/smblib/smblib-util.c:822:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(msgbuf, "\n\t", len - strlen(msgbuf));
data/squid-4.13/lib/smblib/smblib-util.c:822:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(msgbuf, "\n\t", len - strlen(msgbuf));
data/squid-4.13/lib/smblib/smblib-util.c:826:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(msgbuf, prot_msg, len - strlen(msgbuf));
data/squid-4.13/lib/smblib/smblib-util.c:826:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(msgbuf, prot_msg, len - strlen(msgbuf));
data/squid-4.13/lib/smblib/smblib.c:125:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> service, "");
data/squid-4.13/lib/smblib/smblib.c:126:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> username, "");
data/squid-4.13/lib/smblib/smblib.c:127:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> password, "");
data/squid-4.13/lib/smblib/smblib.c:128:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> sock_options, "");
data/squid-4.13/lib/smblib/smblib.c:129:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> address, "");
data/squid-4.13/lib/smblib/smblib.c:130:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con -> desthost, server, sizeof(con->desthost));
data/squid-4.13/lib/smblib/smblib.c:132:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con -> PDomain, NTdomain, sizeof(con->PDomain));
data/squid-4.13/lib/smblib/smblib.c:152:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(con -> desthost); i++)
data/squid-4.13/lib/smblib/smblib.c:155:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
called[strlen(con -> desthost)] = 0; /* Make it a string */
data/squid-4.13/lib/smblib/smblib.c:157:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(con -> myname); i++)
data/squid-4.13/lib/smblib/smblib.c:160:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
calling[strlen(con -> myname)] = 0; /* Make it a string */
data/squid-4.13/lib/smblib/smblib.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(con -> address) == 0)
data/squid-4.13/lib/smblib/smblib.c:225:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con -> service, service, sizeof(con -> service));
data/squid-4.13/lib/smblib/smblib.c:227:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con -> username, username, sizeof(con -> username));
data/squid-4.13/lib/smblib/smblib.c:229:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con -> password, password, sizeof(con -> password));
data/squid-4.13/lib/smblib/smblib.c:231:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> sock_options, "");
data/squid-4.13/lib/smblib/smblib.c:232:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(con -> address, "");
data/squid-4.13/lib/smblib/smblib.c:251:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp, service, sizeof(temp));
data/squid-4.13/lib/smblib/smblib.c:262:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(con->desthost, host, sizeof(con->desthost));
data/squid-4.13/lib/smblib/smblib.c:268:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(con -> desthost); i++)
data/squid-4.13/lib/smblib/smblib.c:271:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
called[strlen(con -> desthost)] = 0; /* Make it a string */
data/squid-4.13/lib/smblib/smblib.c:273:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(con -> myname); i++)
data/squid-4.13/lib/smblib/smblib.c:276:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
calling[strlen(con -> myname)] = 0; /* Make it a string */
data/squid-4.13/lib/smblib/smblib.c:278:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(con -> address) == 0)
data/squid-4.13/lib/smblib/smblib.c:355:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pword, PassWord, sizeof(pword));
data/squid-4.13/lib/smblib/smblib.c:363:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pass_len = strlen(pword);
data/squid-4.13/lib/smblib/smblib.c:372:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_len = strlen(UserName) + 1 + pass_len + 1 +
data/squid-4.13/lib/smblib/smblib.c:373:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(NtDomain!=NULL ? strlen(NtDomain) : strlen(Con_Handle->PDomain)) + 1 +
data/squid-4.13/lib/smblib/smblib.c:373:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(NtDomain!=NULL ? strlen(NtDomain) : strlen(Con_Handle->PDomain)) + 1 +
data/squid-4.13/lib/smblib/smblib.c:374:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Con_Handle -> OSName) + 1;
data/squid-4.13/lib/smblib/smblib.c:417:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(UserName);
data/squid-4.13/lib/smblib/smblib.c:424:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(Con_Handle -> PDomain);
data/squid-4.13/lib/smblib/smblib.c:427:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(NtDomain);
data/squid-4.13/lib/smblib/smblib.c:433:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(Con_Handle -> OSName);
data/squid-4.13/lib/smblib/smblib.c:440:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_len = strlen(UserName) + 1 + pass_len +
data/squid-4.13/lib/smblib/smblib.c:441:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Con_Handle -> PDomain) + 1 +
data/squid-4.13/lib/smblib/smblib.c:442:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Con_Handle -> OSName) + 1 +
data/squid-4.13/lib/smblib/smblib.c:443:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Con_Handle -> LMType) + 1;
data/squid-4.13/lib/smblib/smblib.c:488:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(UserName);
data/squid-4.13/lib/smblib/smblib.c:494:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(Con_Handle -> PDomain);
data/squid-4.13/lib/smblib/smblib.c:499:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(Con_Handle -> OSName);
data/squid-4.13/lib/smblib/smblib.c:504:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(Con_Handle -> LMType);
data/squid-4.13/lib/snmplib/parse.c:493:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = getc(fp);
data/squid-4.13/lib/snmplib/parse.c:531:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = getc(fp)) != -1)
data/squid-4.13/lib/snmplib/parse.c:552:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} while ((ch = getc(fp)) != -1);
data/squid-4.13/lib/snmplib/parse.c:588:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = (char *) xmalloc((unsigned) strlen(token) + 1);
data/squid-4.13/lib/snmplib/parse.c:673:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np->parent, op->label, sizeof(np->parent) - 1);
data/squid-4.13/lib/snmplib/parse.c:675:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np->label, nop->label, sizeof(np->label) - 1);
data/squid-4.13/lib/snmplib/parse.c:696:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np->parent, op->label, sizeof(np->parent)-1);
data/squid-4.13/lib/snmplib/parse.c:697:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np->label, name, sizeof(np->label)-1);
data/squid-4.13/lib/snmplib/parse.c:785:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(syntax, " ");
data/squid-4.13/lib/snmplib/parse.c:788:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(syntax, " ");
data/squid-4.13/lib/snmplib/parse.c:812:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ep->label = (char *) xmalloc((unsigned) strlen(token) + 1);
data/squid-4.13/lib/snmplib/parse.c:915:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ReadChar = getc(fp);
data/squid-4.13/lib/snmplib/parse.c:946:28: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ReadChar = getc(fp);
data/squid-4.13/lib/snmplib/parse.c:964:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np->parent, SubOid[length - 2].label, 64);
data/squid-4.13/lib/snmplib/parse.c:967:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np->label, name, sizeof(np->label));
data/squid-4.13/lib/snmplib/parse.c:1013:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, token, 64);
data/squid-4.13/lib/snmplib/parse.c:1099:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("DUMMY")));
data/squid-4.13/lib/snmplib/snmp_api.c:153:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) bufp, (char *) Community, CommunityLen);
data/squid-4.13/lib/sspwin32.cc:372:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(credentials, namebuffer.sUserName, SSP_MAX_CRED_LEN);
data/squid-4.13/libltdl/libltdl/lt__dirent.h:46:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define D_NAMLEN(dirent) (strlen((dirent)->d_name))
data/squid-4.13/libltdl/libltdl/lt__dirent.h:54:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define D_NAMLEN(dirent) (strlen((dirent)->d_name))
data/squid-4.13/libltdl/loaders/dlopen.c:222:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *attempt = MALLOC (char, len + strlen (member) + 1);
data/squid-4.13/libltdl/loaders/loadlibrary.c:179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (wpath);
data/squid-4.13/libltdl/lt__alloc.c:95:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (char *) lt__memdup (string, strlen (string) +1);
data/squid-4.13/libltdl/lt__argz.c:91:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argz_len = 1+ strlen (str);
data/squid-4.13/libltdl/lt__argz.c:141:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return argz_append (pargz, pargz_len, entry, 1+ strlen (entry));
data/squid-4.13/libltdl/lt__argz.c:150:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t entry_len = 1+ strlen (entry);
data/squid-4.13/libltdl/lt__dirent.c:101:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry->file_info.d_namlen = strlen (entry->file_info.d_name);
data/squid-4.13/libltdl/lt__strl.c:61:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length=strlen(dst);
data/squid-4.13/libltdl/ltdl.c:1293:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archive_name = MALLOC (char, strlen (libprefix) + LT_STRLEN (name) + strlen (libext) + 2);
data/squid-4.13/libltdl/ltdl.c:1293:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
archive_name = MALLOC (char, strlen (libprefix) + LT_STRLEN (name) + strlen (libext) + 2);
data/squid-4.13/libltdl/ltdl.c:1731:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = argz_append (pargz, pargz_len, entry, 1 + strlen (entry));
data/squid-4.13/libltdl/ltdl.c:1821:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (buf, "/");
data/squid-4.13/libltdl/ltdl.c:1822:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (buf, dp->d_name, end_offset);
data/squid-4.13/libltdl/ltdl.c:2166:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert ((int) (before - *ppath) <= (int) strlen (*ppath));
data/squid-4.13/libltdl/ltdl.h:44:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define LT_STRLEN(s) (((s) && (s)[0]) ? strlen (s) : 0)
data/squid-4.13/src/AccessLogEntry.cc:40:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(buf, "-", bufsz);
data/squid-4.13/src/DiskIO/AIO/AIODiskFile.cc:86:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
AIODiskFile::read(ReadRequest *request)
data/squid-4.13/src/DiskIO/AIO/AIODiskFile.h:35:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *);
data/squid-4.13/src/DiskIO/Blocking/BlockingFile.cc:108:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
BlockingFile::read(ReadRequest *aRequest)
data/squid-4.13/src/DiskIO/Blocking/BlockingFile.h:28:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc:105:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.read_ops = diskd_stats.read.ops;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc:106:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.read_success = diskd_stats.read.success;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdAction.cc:107:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
data.read_fail = diskd_stats.read.fail;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:67:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf) + 1,
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:98:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf) + 1,
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:118:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
DiskdFile::read(ReadRequest *aRead)
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:144:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
++diskd_stats.read.ops;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:362:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
++diskd_stats.read.fail;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.cc:369:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
++diskd_stats.read.success;
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdFile.h:33:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *);
data/squid-4.13/src/DiskIO/DiskDaemon/DiskdIOStrategy.h:116:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
open, create, close, unlink, read, write;
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:148:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(fs->fd, buf, readlen);
data/squid-4.13/src/DiskIO/DiskDaemon/diskd.cc:373:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(0, rbuf, 512) <= 0) {
data/squid-4.13/src/DiskIO/DiskFile.h:46:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *) = 0;
data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskFile.cc:75:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
DiskThreadsDiskFile::read(ReadRequest * request)
data/squid-4.13/src/DiskIO/DiskThreads/DiskThreadsDiskFile.h:28:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *);
data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc:188:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str) + 1;
data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc:191:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, str, len);
data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc:211:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str) + 1;
data/squid-4.13/src/DiskIO/DiskThreads/aiops.cc:709:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
requestp->ret = read(requestp->fd, requestp->bufferp, requestp->buflen);
data/squid-4.13/src/DiskIO/DiskThreads/aiops_win32.cc:175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str) + 1;
data/squid-4.13/src/DiskIO/DiskThreads/aiops_win32.cc:178:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, str, len);
data/squid-4.13/src/DiskIO/DiskThreads/aiops_win32.cc:198:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str) + 1;
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:211:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
IpcIoFile::read(ReadRequest *readRequest)
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:666:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fd_bytes(TheFile, read, FD_READ);
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:668:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read >= 0) {
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:670:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const size_t len = static_cast<size_t>(read); // safe because read > 0
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.cc:672:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(len == ipcIo.len ? "all " : "just ") << read);
data/squid-4.13/src/DiskIO/IpcIo/IpcIoFile.h:74:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *);
data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.cc:145:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
MmappedFile::read(ReadRequest *aRequest)
data/squid-4.13/src/DiskIO/Mmapped/MmappedFile.h:25:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(ReadRequest *);
data/squid-4.13/src/ETag.cc:40:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/squid-4.13/src/HttpHeader.cc:253:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!hasNamed(name, strlen(name), &value) ||
data/squid-4.13/src/HttpHeader.cc:846:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)hasNamed(name, strlen(name), &result);
data/squid-4.13/src/HttpHeader.cc:926:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int mlen = strlen(member);
data/squid-4.13/src/HttpHeader.cc:954:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int mlen = strlen(member);
data/squid-4.13/src/HttpHeader.cc:1301:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(auth_scheme);
data/squid-4.13/src/HttpHeader.cc:1317:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto fieldLen = strlen(field);
data/squid-4.13/src/HttpHeader.cc:1682:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int mlen = strlen(member);
data/squid-4.13/src/HttpHeader.cc:1706:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int mlen = strlen(member);
data/squid-4.13/src/HttpMsg.cc:281:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blk_end = blk_start + strlen(blk_start);
data/squid-4.13/src/MemObject.cc:38:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&M, (unsigned char *) url, strlen(url));
data/squid-4.13/src/Parsing.cc:183:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* end = &token[strlen(token)-1];
data/squid-4.13/src/SquidConfig.h:101:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
time_t read;
data/squid-4.13/src/SquidConfig.h:520:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
int umask;
data/squid-4.13/src/StoreIOState.cc:40:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback = NULL;
data/squid-4.13/src/StoreIOState.cc:41:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback_data = NULL;
data/squid-4.13/src/StoreIOState.cc:49:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read.callback_data)
data/squid-4.13/src/StoreIOState.cc:50:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cbdataReferenceDone(read.callback_data);
data/squid-4.13/src/StoreIOState.h:95:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} read;
data/squid-4.13/src/StrList.cc:21:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto itemSize = strlen(item);
data/squid-4.13/src/StrList.cc:44:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mlen = strlen(m);
data/squid-4.13/src/String.cc:52:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
allocAndFill(aString, strlen(aString));
data/squid-4.13/src/String.cc:157:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
allocAndFill(str, strlen(str));
data/squid-4.13/src/String.cc:194:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
append(str, strlen(str));
data/squid-4.13/src/WinSvc.cc:502:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path[strlen(path) - 10] = '\0';
data/squid-4.13/src/WinSvc.cc:715:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WIN32_StoreKey(COMMANDLINE, REG_SZ, (unsigned char *) WIN32_Command_Line, strlen(WIN32_Command_Line) + 1);
data/squid-4.13/src/WinSvc.cc:783:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WIN32_StoreKey(CONFIGFILE, REG_SZ, (unsigned char *) ConfigFile, strlen(ConfigFile) + 1);
data/squid-4.13/src/acl/Acl.cc:184:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(t) >= ACL_NAME_SZ) {
data/squid-4.13/src/acl/BoolOps.cc:20:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Must(strlen(acl->name) <= sizeof(name)-2);
data/squid-4.13/src/acl/DomainData.cc:80:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool d3big = (strlen(d3) > strlen(d4)); // Always suggest removing the longer one.
data/squid-4.13/src/acl/DomainData.cc:80:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool d3big = (strlen(d3) > strlen(d4)); // Always suggest removing the longer one.
data/squid-4.13/src/acl/DomainData.cc:95:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool d1big = (strlen(d1) > strlen(d2)); // Always suggest removing the longer one.
data/squid-4.13/src/acl/DomainData.cc:95:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool d1big = (strlen(d1) > strlen(d2)); // Always suggest removing the longer one.
data/squid-4.13/src/acl/Ip.cc:49:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rlen = strlen(buf);
data/squid-4.13/src/acl/Ip.cc:56:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rlen = strlen(buf);
data/squid-4.13/src/acl/Random.cc:100:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(pattern, t, min(sizeof(pattern)-1,strlen(t)));
data/squid-4.13/src/acl/RegexData.cc:240:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(clean) > BUFSIZ-1) {
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:273:31: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wc = (wchar_t *) xmalloc((wcslen(bstr) + 1) * sizeof(wchar_t));
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:285:31: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wc = (wchar_t *) xmalloc((wcslen(Base_DN) + 8) * sizeof(wchar_t));
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:313:26: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = wcslen(pDSRoleInfo->DomainNameFlat);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:364:63: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
User_Groups[User_Groups_Count - 1] = (wchar_t *) xmalloc((wcslen(Group) + 1) * sizeof(wchar_t));
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:391:9: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, *array,
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:392:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(*array) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0]));
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:494:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Group, *array, GNLEN);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:500:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Group, "\\");
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:501:17: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(Group, *array, GNLEN - sizeof(userdomain) - 1);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:503:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Group, *array, GNLEN);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:549:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, UserName,
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:550:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(UserName) + 1, wszUserName, sizeof(wszUserName) / sizeof(wszUserName[0]));
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:617:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(NTDomain, UserName, sizeof(NTDomain));
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:619:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < strlen(NTV_VALID_DOMAIN_SEPARATOR); ++j) {
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:624:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(User, DefaultDomain, DNLEN);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:625:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(User, "\\");
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:627:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(NTDomain, DefaultDomain, DNLEN);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:630:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(User, NTDomain, DNLEN + UNLEN + 2);
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:638:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, User,
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:639:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(User) + 1, wszUser,
data/squid-4.13/src/acl/external/AD_group/ext_ad_group_acl.cc:830:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
debug("Got '%s' from Squid (length: %d).\n", buf, strlen(buf));
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:247:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > 2) {
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:268:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:268:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:397:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/acl/external/LDAP_group/ext_ldap_group_acl.cc:397:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:225:9: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, *array,
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:226:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(*array) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0]));
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:261:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, UserName,
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:262:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(UserName) + 1, wszUserName, sizeof(wszUserName) / sizeof(wszUserName[0]));
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:339:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(NTDomain, UserName, sizeof(NTDomain));
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:341:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < strlen(NTV_VALID_DOMAIN_SEPARATOR); ++j) {
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:358:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, User,
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:359:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(User) + 1, wszUserName,
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:361:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, machinedomain,
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:362:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(machinedomain) + 1, wszLocalDomain, sizeof(wszLocalDomain) / sizeof(wszLocalDomain[0]));
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:387:13: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, NTDomain,
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:388:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(NTDomain) + 1, wszUserDomain, sizeof(wszUserDomain) / sizeof(wszUserDomain[0]));
data/squid-4.13/src/acl/external/LM_group/ext_lm_group_acl.cc:572:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
debug("Got '%s' from Squid (length: %d).\n", buf, strlen(buf));
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:265:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t In_Len = strlen(In_Str) + 1;
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:725:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dn) >= sizeof(l->dn))
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:846:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(dst);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:982:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = strlen(l->search_ip);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1038:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = strlen(bufa);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1393:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = strlen(argv[i]);
data/squid-4.13/src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc:1611:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(bufa);
data/squid-4.13/src/acl/external/file_userip/ext_file_userip_acl.cc:126:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char*)calloc(strlen(username) + 1, sizeof(char));
data/squid-4.13/src/acl/external/kerberos_ldap_group/kerberos_ldap_group.cc:251:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(optarg, 'X', strlen(optarg));
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:78:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = 0; n < strlen(src); ++n)
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:83:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (unsigned char *) xmalloc(strlen(src) + c);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:85:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = 0; n < strlen(src); ++n) {
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:134:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t a = (upd ? (size_t)(upd - up) : strlen(up) );
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:136:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ul = (char *) xmalloc(strlen(up)+1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:143:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (n < strlen(up)) {
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:348:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp1) + strlen(hp2) + 2);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:348:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp1) + strlen(hp2) + 2);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:348:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp1) + strlen(hp2) + 2);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:350:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ":");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:352:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ":");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:355:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(hp1) + strlen(hp2) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:355:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(hp1) + strlen(hp2) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:357:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ":");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:362:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp1) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:362:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp1) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:364:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ":");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:372:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp2) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:372:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpbuf = p = (char *) xmalloc(strlen(up) + strlen(hp2) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_group.cc:374:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, ":");
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:123:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_cache = (char *) xmalloc(strlen("FILE:/tmp/squid_ldap_") + strlen(domain) + 1 + 16);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:123:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_cache = (char *) xmalloc(strlen("FILE:/tmp/squid_ldap_") + strlen(domain) + 1 + 16);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:124:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mem_cache, strlen("FILE:/tmp/squid_ldap_") + strlen(domain) + 1 + 16, "FILE:/tmp/squid_ldap_%s_%d", domain, (int) getpid());
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:124:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mem_cache, strlen("FILE:/tmp/squid_ldap_") + strlen(domain) + 1 + 16, "FILE:/tmp/squid_ldap_%s_%d", domain, (int) getpid());
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:126:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_cache = (char *) xmalloc(strlen("MEMORY:squid_ldap_") + strlen(domain) + 1 + 16);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:126:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mem_cache = (char *) xmalloc(strlen("MEMORY:squid_ldap_") + strlen(domain) + 1 + 16);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:127:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mem_cache, strlen("MEMORY:squid_ldap_") + strlen(domain) + 1 + 16, "MEMORY:squid_ldap_%s_%d", domain, (int) getpid());
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:127:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mem_cache, strlen("MEMORY:squid_ldap_") + strlen(domain) + 1 + 16, "MEMORY:squid_ldap_%s_%d", domain, (int) getpid());
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:347:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + 2 * strlen(domain) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:347:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + 2 * strlen(domain) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:348:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + 2 * strlen(domain) + 3, "krbtgt/%s@%s", domain, domain);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:348:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + 2 * strlen(domain) + 3, "krbtgt/%s@%s", domain, domain);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:432:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + 2 * strlen(domain) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:432:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + 2 * strlen(domain) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:433:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + 2 * strlen(domain) + 3, "krbtgt/%s@%s", domain, domain);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:433:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + 2 * strlen(domain) + 3, "krbtgt/%s@%s", domain, domain);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:456:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + strlen(domain) + strlen(principal_list[i]->realm) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:456:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + strlen(domain) + strlen(principal_list[i]->realm) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:456:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + strlen(domain) + strlen(principal_list[i]->realm) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:457:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + strlen(domain) + strlen(principal_list[i]->realm) + 3, "krbtgt/%s@%s", domain, principal_list[i]->realm);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:457:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + strlen(domain) + strlen(principal_list[i]->realm) + 3, "krbtgt/%s@%s", domain, principal_list[i]->realm);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:457:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + strlen(domain) + strlen(principal_list[i]->realm) + 3, "krbtgt/%s@%s", domain, principal_list[i]->realm);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:459:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + strlen(domain) + strlen(krb5_princ_realm(kparam.context, principal_list[i])->data) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:459:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + strlen(domain) + strlen(krb5_princ_realm(kparam.context, principal_list[i])->data) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:459:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("krbtgt") + strlen(domain) + strlen(krb5_princ_realm(kparam.context, principal_list[i])->data) + 3);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:460:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + strlen(domain) + strlen(krb5_princ_realm(kparam.context, principal_list[i])->data) + 3, "krbtgt/%s@%s", domain, krb5_princ_realm(kparam.context, principal_list[i])->data);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:460:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + strlen(domain) + strlen(krb5_princ_realm(kparam.context, principal_list[i])->data) + 3, "krbtgt/%s@%s", domain, krb5_princ_realm(kparam.context, principal_list[i])->data);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_krb5.cc:460:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(service, strlen("krbtgt") + strlen(domain) + strlen(krb5_princ_realm(kparam.context, principal_list[i])->data) + 3, "krbtgt/%s@%s", domain, krb5_princ_realm(kparam.context, principal_list[i])->data);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:114:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cred.bv_len = strlen(cp->pw);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:146:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cred.bv_len = strlen(cp->pw);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:182:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cred.bv_len = strlen(cp->pw);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:218:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cred.bv_len = strlen(cp->pw);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:242:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bindp = (char *) xmalloc(strlen(domain) + 3 + i * 3 + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:273:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ldap_filter_esc = (char *) xcalloc(strlen(filter) + i + 1, sizeof(char));
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:384:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:384:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1152:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cred.bv_len = strlen(margs->lpass);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1224:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1224:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1359:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1359:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1421:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(FILTER_SID_1) + len * 3 +
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1422:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(FILTER_SID_2) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1469:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_ldap.cc:1469:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se_len = strlen(filter) + strlen(ldap_filter_esc) + 1;
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:270:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("_ldaps._tcp.") + strlen(domain) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:270:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("_ldaps._tcp.") + strlen(domain) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:273:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("_ldap._tcp.") + strlen(domain) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:273:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("_ldap._tcp.") + strlen(domain) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:293:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("_ldap._tcp.") + strlen(domain) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_resolv.cc:293:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service = (char *) xmalloc(strlen("_ldap._tcp.") + strlen(domain) + 1);
data/squid-4.13/src/acl/external/kerberos_ldap_group/support_sasl.cc:173:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
interact->len = (unsigned) strlen((const char *) interact->result);
data/squid-4.13/src/acl/external/session/ext_session_acl.cc:203:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t detail_len = strlen(detail);
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:167:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(user_key) + strlen(sub_key) + 1 + 1 > sizeof(keybuffer) ) {
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:167:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(user_key) + strlen(sub_key) + 1 + 1 > sizeof(keybuffer) ) {
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:173:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.size = strlen(keybuffer);
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:187:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(user_key) + 1 + strlen(sub_key) + 1 > sizeof(keybuffer) ) {
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:187:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(user_key) + 1 + strlen(sub_key) + 1 > sizeof(keybuffer) ) {
data/squid-4.13/src/acl/external/time_quota/ext_time_quota_acl.cc:193:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.size = strlen(keybuffer);
data/squid-4.13/src/adaptation/ServiceConfig.cc:215:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *s = uri.termedBuf() + protocol.size() + strlen(schemeSuffix);
data/squid-4.13/src/adaptation/ecap/XactionRep.cc:141:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return libecap::Area::FromTempBuffer(ntoabuf, strlen(ntoabuf));
data/squid-4.13/src/adaptation/ecap/XactionRep.cc:156:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return libecap::Area::FromTempBuffer(name, strlen(name));
data/squid-4.13/src/adaptation/icap/Config.cc:55:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return ::Config.Timeout.read;
data/squid-4.13/src/adaptation/icap/ModXact.cc:1511:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf.append(allowHeader, strlen(allowHeader));
data/squid-4.13/src/adaptation/icap/ModXact.cc:1532:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t resultLen = base64_encode_update(&ctx, base64buf, strlen(value), reinterpret_cast<const uint8_t*>(value));
data/squid-4.13/src/adaptation/icap/Options.cc:193:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t eLen = strlen(e->key);
data/squid-4.13/src/anyp/Uri.cc:229:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint64_t dlen = strlen(host);
data/squid-4.13/src/anyp/Uri.cc:235:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN - dlen - 1);
data/squid-4.13/src/anyp/Uri.cc:373:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) login, (char *) foundHost, sizeof(login)-1);
data/squid-4.13/src/anyp/Uri.cc:377:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *) foundHost, t + 1, sizeof(foundHost)-1);
data/squid-4.13/src/anyp/Uri.cc:390:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(foundHost);
data/squid-4.13/src/anyp/Uri.cc:448:117: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strspn(foundHost, Config.onoff.allow_underscore ? valid_hostname_chars_u : valid_hostname_chars) != strlen(foundHost)) {
data/squid-4.13/src/anyp/Uri.cc:457:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while ((l = strlen(foundHost)) > 0 && foundHost[--l] == '.')
data/squid-4.13/src/anyp/Uri.cc:734:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto relUrlLength = strlen(relUrl);
data/squid-4.13/src/anyp/Uri.cc:757:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hl = strlen(h);
data/squid-4.13/src/anyp/Uri.cc:762:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dl = strlen(d);
data/squid-4.13/src/anyp/Uri.cc:947:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos < strlen(uri))
data/squid-4.13/src/anyp/Uri.cc:960:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp_uri = static_cast<char*>(xmalloc(strlen(uri) + 1));
data/squid-4.13/src/auth/Config.cc:62:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(proxy_auth, (*i)->type(), strlen((*i)->type())) == 0)
data/squid-4.13/src/auth/User.cc:237:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key.append(username, strlen(username));
data/squid-4.13/src/auth/basic/Config.cc:173:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t srcLen = strlen(eek);
data/squid-4.13/src/auth/basic/Config.cc:189:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strcspn(cleartext, "\r\n") != strlen(cleartext)) {
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:376:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > 2) {
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:397:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:397:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:517:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:517:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/basic/LDAP/basic_ldap_auth.cc:794:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passwd = (char *) calloc(sizeof(char), strlen(buf) + 1);
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:73:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(user) > 0) && passwd) {
data/squid-4.13/src/auth/basic/NCSA/basic_ncsa_auth.cc:125:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t passwordLength = strlen(passwd);
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:92:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx, (unsigned const char *) pw, strlen(pw));
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:102:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:104:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:106:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (pl = strlen(pw); pl > 0; pl -= 16)
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:113:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0, i = strlen(pw); i; i >>= 1)
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:121:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(passwd, magic, magiclen);
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:122:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(passwd, sp, sl);
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:123:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(passwd, "$");
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:135:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:143:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:148:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx1, (unsigned const char *) pw, strlen(pw));
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:152:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = passwd + strlen(passwd);
data/squid-4.13/src/auth/basic/NCSA/crypt_md5.cc:193:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&ctx,(const unsigned char *)s,strlen(s));
data/squid-4.13/src/auth/basic/NIS/nis_support.cc:61:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
res = yp_match(nisdomain, nismap, user, strlen(user), &val, &vallen);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:189:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
secretlen = strlen(secretkey);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:312:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(username);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:325:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(passwd);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:344:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
secretlen = strlen(secretkey);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:382:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(identifier);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:491:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(server, optarg, sizeof(server)-1);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:495:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(svc_name, optarg, sizeof(svc_name)-1);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:499:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(secretkey, optarg, sizeof(secretkey)-1);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:503:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(identifier, optarg, sizeof(identifier)-1);
data/squid-4.13/src/auth/basic/RADIUS/basic_radius_auth.cc:591:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > HELPER_INPUT_BUFFER) {
data/squid-4.13/src/auth/basic/SASL/basic_sasl_auth.cc:106:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password), &errstr);
data/squid-4.13/src/auth/basic/SASL/basic_sasl_auth.cc:106:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password), &errstr);
data/squid-4.13/src/auth/basic/SASL/basic_sasl_auth.cc:108:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password));
data/squid-4.13/src/auth/basic/SASL/basic_sasl_auth.cc:108:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password));
data/squid-4.13/src/auth/basic/SMB/basic_smb_auth.cc:207:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (domname != NULL && strlen(domname) > 0) {
data/squid-4.13/src/auth/basic/SSPI/basic_sspi_auth.cc:93:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Default_NTDomain, optarg, DNLEN);
data/squid-4.13/src/auth/basic/SSPI/valid.cc:80:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, UserName,
data/squid-4.13/src/auth/basic/SSPI/valid.cc:81:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(UserName) + 1, wszUserName,
data/squid-4.13/src/auth/basic/SSPI/valid.cc:83:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, Group,
data/squid-4.13/src/auth/basic/SSPI/valid.cc:84:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Group) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0]));
data/squid-4.13/src/auth/basic/SSPI/valid.cc:138:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(NTDomain, UserName, sizeof(NTDomain));
data/squid-4.13/src/auth/basic/SSPI/valid.cc:140:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(NTV_VALID_DOMAIN_SEPARATOR); ++i) {
data/squid-4.13/src/auth/basic/SSPI/valid.cc:162:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(DomainUser, "\\");
data/squid-4.13/src/auth/digest/Config.cc:939:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!digest_request->response || strlen(digest_request->response) != 32) {
data/squid-4.13/src/auth/digest/Config.cc:978:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(digest_request->nc) != 8 || strspn(digest_request->nc, "0123456789abcdefABCDEF") != 8) {
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:416:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > 2) {
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:437:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:437:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:566:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/LDAP/ldap_backend.cc:566:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:96:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8ObjSize = strlen(objectDN)+1;
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:100:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8PwdSize = strlen(password)+1;
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:105:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8Pwd2Size = strlen(password2)+1;
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:167:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8ObjSize = strlen(utf8ObjPtr)+1;
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:170:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
utf8TagSize = strlen(utf8TagPtr)+1;
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:301:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(objectDN) == 0) || ld == NULL) {
data/squid-4.13/src/auth/digest/eDirectory/edir_ldapext.cc:429:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (objectDN == NULL || (strlen(objectDN) == 0) || pwdSize == NULL || ld == NULL) {
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:442:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > 2) {
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:463:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:463:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:592:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/eDirectory/ldap_backend.cc:592:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ldapServer) + 1 + strlen(value) + 1;
data/squid-4.13/src/auth/digest/file/text_backend.cc:104:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(user) > 0) && passwd) {
data/squid-4.13/src/auth/digest/file/text_backend.cc:112:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ha1 && strlen(ha1) != 32) {
data/squid-4.13/src/auth/digest/file/text_backend.cc:121:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(user) + strlen(realm) + 2;
data/squid-4.13/src/auth/digest/file/text_backend.cc:121:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(user) + strlen(realm) + 2;
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:134:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!base64_decode_update(&ctx, decodedLen, decoded, strlen(buf), reinterpret_cast<const uint8_t*>(buf)) ||
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:175:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(buf) > 3) && Negotiate_packet_debug_enabled) {
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:178:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(helper_command, buf, 2);
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:251:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n')
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:252:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:253:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r')
data/squid-4.13/src/auth/negotiate/SSPI/negotiate_sspi_auth.cc:254:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:496:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.length = strlen((char *) service.value);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:506:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = xmalloc(strlen(service_name) + strlen(host_name) + 2);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:506:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = xmalloc(strlen(service_name) + strlen(host_name) + 2);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:507:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen(service_name) + strlen(host_name) + 2,
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:507:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen(service_name) + strlen(host_name) + 2,
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:509:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.length = strlen((char *) service.value);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:514:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rcache_type_env = (char *) xmalloc(strlen("KRB5RCACHETYPE=")+strlen(rcache_type)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:514:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rcache_type_env = (char *) xmalloc(strlen("KRB5RCACHETYPE=")+strlen(rcache_type)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:523:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rcache_dir_env = (char *) xmalloc(strlen("KRB5RCACHEDIR=")+strlen(rcache_dir)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:523:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rcache_dir_env = (char *) xmalloc(strlen("KRB5RCACHEDIR=")+strlen(rcache_dir)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:532:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keytab_name_env = (char *) xmalloc(strlen("KRB5_KTNAME=")+strlen(keytab_name)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:532:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keytab_name_env = (char *) xmalloc(strlen("KRB5_KTNAME=")+strlen(keytab_name)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:552:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memory_keytab_name = (char *)xmalloc(strlen("MEMORY:negotiate_kerberos_auth_")+16);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:553:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(memory_keytab_name, strlen("MEMORY:negotiate_kerberos_auth_")+16,
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:565:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memory_keytab_name_env = (char *) xmalloc(strlen("KRB5_KTNAME=")+strlen(memory_keytab_name)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:565:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memory_keytab_name_env = (char *) xmalloc(strlen("KRB5_KTNAME=")+strlen(memory_keytab_name)+1);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:619:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < 2) {
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:670:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) <= 3) {
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:676:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t srcLen = strlen(buf+3);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth.cc:795:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
type_id.length = strlen((char *)type_id.value);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:185:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = xmalloc(strlen("HTTP") + strlen(proxy) + 2);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:185:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = xmalloc(strlen("HTTP") + strlen(proxy) + 2);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:186:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen("HTTP") + strlen(proxy) + 2, "%s@%s", "HTTP", proxy);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:186:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen("HTTP") + strlen(proxy) + 2, "%s@%s", "HTTP", proxy);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_auth_test.cc:187:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.length = strlen((char *) service.value);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:121:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dst)>MAX_PAC_GROUP_SIZE)
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:133:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(src)+strlen(dst)+1>MAX_PAC_GROUP_SIZE)
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:133:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(src)+strlen(dst)+1>MAX_PAC_GROUP_SIZE)
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:268:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *)&dli[strlen(dli)],sizeof(dli)-strlen(dli),"-%u",sauth);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:268:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *)&dli[strlen(dli)],sizeof(dli)-strlen(dli),"-%u",sauth);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:355:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *)&es[strlen(es)],sizeof(es)-strlen(es),"-%u",sauth);
data/squid-4.13/src/auth/negotiate/kerberos/negotiate_kerberos_pac.cc:355:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *)&es[strlen(es)],sizeof(es)-strlen(es),"-%u",sauth);
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:156:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < 2) {
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:175:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) <= 3) {
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:182:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = BASE64_DECODE_LENGTH(strlen(buf+3));
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:196:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!base64_decode_update(&ctx, &dstLen, token, strlen(buf+3), buf+3) ||
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:232:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tbuff) >= 3 && (!strncmp(tbuff,"AF ",3) || !strncmp(tbuff,"NA ",3))) {
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:233:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff,tbuff,3);
data/squid-4.13/src/auth/negotiate/wrapper/negotiate_wrapper.cc:235:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (unsigned int i=2; i<=strlen(tbuff); ++i)
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:177:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(my_domain, domain, sizeof(my_domain)-1);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:179:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(my_domain_controller, domain_controller, sizeof(my_domain_controller)-1);
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:409:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = static_cast<char*>(xmalloc(strlen(argv[j]) + 1));
data/squid-4.13/src/auth/ntlm/SMB_LM/ntlm_smb_lm_auth.cc:521:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!base64_decode_update(&ctx, &dstLen, reinterpret_cast<uint8_t*>(decoded), strlen(buf)-3, buf+3) ||
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:126:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, UserName,
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:127:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(UserName) + 1, wszUserName,
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:129:5: [1] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120). Risk is very
low, the length appears to be in characters not bytes.
MultiByteToWideChar(CP_ACP, 0, Group,
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:130:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Group) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0]));
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:421:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!base64_decode_update(&ctx, decodedLen, decoded, strlen(buf), reinterpret_cast<const uint8_t*>(buf)) ||
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:475:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(buf) > 3) && NTLM_packet_debug_enabled) {
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:478:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(helper_command, buf, 2);
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:485:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 3) {
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:600:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n')
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:601:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:602:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r')
data/squid-4.13/src/auth/ntlm/SSPI/ntlm_sspi_auth.cc:603:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:152:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
data/squid-4.13/src/auth/ntlm/fake/ntlm_fake_auth.cc:168:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(helper_command, buf, 2);
data/squid-4.13/src/base/CharacterSet.cc:87:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t clen = strlen(c);
data/squid-4.13/src/base/File.cc:183:27: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
oldCreationMask = umask(cfg.creationMask); // XXX: Why here? Should not this be set for the whole Squid?
data/squid-4.13/src/base/File.cc:187:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(oldCreationMask);
data/squid-4.13/src/base/File.cc:252:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const auto result = ::read(fd_, rawBuf, readLimit);
data/squid-4.13/src/base/Here.cc:31:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(full) - strlen(tail);
data/squid-4.13/src/base/Here.cc:31:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(full) - strlen(tail);
data/squid-4.13/src/cache_cf.cc:313:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned newSubstrLen = strlen(newSubstr);
data/squid-4.13/src/cache_cf.cc:322:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/squid-4.13/src/cache_cf.cc:331:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned macroNameLen = strlen(macroName);
data/squid-4.13/src/cache_cf.cc:348:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned i = strlen(str);
data/squid-4.13/src/cache_cf.cc:361:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(statement);
data/squid-4.13/src/cache_cf.cc:465:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(config_input_line, p, strlen(p)+1);
data/squid-4.13/src/cache_cf.cc:503:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t append_len = strlen(append);
data/squid-4.13/src/cache_cf.cc:594:25: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
setUmask(Config.umask);
data/squid-4.13/src/cache_cf.cc:722:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Config.appendDomainLen = strlen(Config.appendDomain);
data/squid-4.13/src/cache_cf.cc:860:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(pwd->pw_dir) + 6;
data/squid-4.13/src/cache_cf.cc:1029:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp.append(token, strlen(token));
data/squid-4.13/src/cache_cf.cc:1083:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (allowMsec && !strncasecmp(unit, T_MILLISECOND_STR, strlen(T_MILLISECOND_STR)))
data/squid-4.13/src/cache_cf.cc:1086:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_SECOND_STR, strlen(T_SECOND_STR)))
data/squid-4.13/src/cache_cf.cc:1089:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_MINUTE_STR, strlen(T_MINUTE_STR)))
data/squid-4.13/src/cache_cf.cc:1092:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_HOUR_STR, strlen(T_HOUR_STR)))
data/squid-4.13/src/cache_cf.cc:1095:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_DAY_STR, strlen(T_DAY_STR)))
data/squid-4.13/src/cache_cf.cc:1098:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_WEEK_STR, strlen(T_WEEK_STR)))
data/squid-4.13/src/cache_cf.cc:1101:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_FORTNIGHT_STR, strlen(T_FORTNIGHT_STR)))
data/squid-4.13/src/cache_cf.cc:1104:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_MONTH_STR, strlen(T_MONTH_STR)))
data/squid-4.13/src/cache_cf.cc:1107:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_YEAR_STR, strlen(T_YEAR_STR)))
data/squid-4.13/src/cache_cf.cc:1110:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, T_DECADE_STR, strlen(T_DECADE_STR)))
data/squid-4.13/src/cache_cf.cc:1299:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_BYTES_STR, strlen(B_BYTES_STR)))
data/squid-4.13/src/cache_cf.cc:1302:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_KBYTES_STR, strlen(B_KBYTES_STR)))
data/squid-4.13/src/cache_cf.cc:1305:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_MBYTES_STR, strlen(B_MBYTES_STR)))
data/squid-4.13/src/cache_cf.cc:1308:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_GBYTES_STR, strlen(B_GBYTES_STR)))
data/squid-4.13/src/cache_cf.cc:2038:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !isUnsignedNumeric(token, strlen(token)) )
data/squid-4.13/src/cache_cf.cc:2186:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *nextkey=token+strlen("carp-key="), *key=nextkey;
data/squid-4.13/src/cache_cf.cc:4440:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(param) > 64) {
data/squid-4.13/src/cache_manager.cc:171:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(url);
data/squid-4.13/src/cbdata.cc:184:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
label = (char *)xmalloc(strlen(name) + 20);
data/squid-4.13/src/cbdata.cc:186:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(label, strlen(name) + 20, "cbdata %s (%d)", name, (int) type);
data/squid-4.13/src/cf_gen.cc:265:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(buff) == 0) || (!strncmp(buff, "#", 1))) {
data/squid-4.13/src/cf_gen.cc:298:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(buff) == 0) || (!strncmp(buff, "#", 1))) {
data/squid-4.13/src/cf_gen.cc:350:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strcmp(ptr + strlen(ptr) - 2, "[]")) {
data/squid-4.13/src/cf_gen.cc:352:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(ptr + strlen(ptr) - 2) = '\0';
data/squid-4.13/src/client_db.cc:517:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(client);
data/squid-4.13/src/client_side.cc:778:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b.append(key, strlen(key));
data/squid-4.13/src/client_side.cc:1174:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int url_sz = scheme.length() + strlen(conn->port->defaultsite) + sizeof(vportStr) + url.length() + 32;
data/squid-4.13/src/client_side.cc:1203:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int url_sz = scheme.length() + strlen(host) + hp->requestUri().length() + 32;
data/squid-4.13/src/client_side_request.cc:345:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
url_sz = strlen(url) + Config.appendDomainLen + 5;
data/squid-4.13/src/client_side_request.cc:659:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(host) != strlen(http->request->url.host())) {
data/squid-4.13/src/client_side_request.cc:659:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(host) != strlen(http->request->url.host())) {
data/squid-4.13/src/client_side_request.cc:1615:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Comm::Write(getConn()->clientConnection, conn_established, strlen(conn_established), bumpCall, NULL);
data/squid-4.13/src/clients/FtpClient.cc:331:72: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
min(Config.Timeout.connect, Config.Timeout.read):
data/squid-4.13/src/clients/FtpClient.cc:332:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Config.Timeout.read;
data/squid-4.13/src/clients/FtpClient.cc:832:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Comm::Write(ctrl.conn, ctrl.last_command, strlen(ctrl.last_command), call, NULL);
data/squid-4.13/src/clients/FtpClient.cc:912:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(data.conn, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/clients/FtpClient.cc:1039:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(data.conn, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/clients/FtpGateway.cc:422:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
debugs(9, 9, "found user=" << user << " (" << strlen(user) << ") unescaped.");
data/squid-4.13/src/clients/FtpGateway.cc:439:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
debugs(9, 9, "found password=" << password << " (" << strlen(password) << ") unescaped.");
data/squid-4.13/src/clients/FtpGateway.cc:622:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
copyFrom = buf + tokens[i + 2].pos + strlen(tokens[i + 2].token);
data/squid-4.13/src/clients/FtpGateway.cc:767:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > 1024) {
data/squid-4.13/src/clients/FtpGateway.cc:2666:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writeReplyBody(buf, strlen(buf));
data/squid-4.13/src/comm.cc:1763:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!fd_table || !Comm::IsConnOpen(read.theRead.conn)) {
data/squid-4.13/src/comm.cc:1764:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read.closer != NULL) {
data/squid-4.13/src/comm.cc:1765:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.closer->cancel("Connection closed before.");
data/squid-4.13/src/comm.cc:1766:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.closer = NULL;
data/squid-4.13/src/comm.cc:1768:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.markCancelled();
data/squid-4.13/src/comm.cc:1771:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!read.cancelled) {
data/squid-4.13/src/comm.cc:1772:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
comm_remove_close_handler(read.theRead.conn->fd, read.closer);
data/squid-4.13/src/comm.cc:1772:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
comm_remove_close_handler(read.theRead.conn->fd, read.closer);
data/squid-4.13/src/comm.cc:1773:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.closer = NULL;
data/squid-4.13/src/comm/TcpAcceptor.cc:138:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf.append(jobStatus, strlen(jobStatus));
data/squid-4.13/src/dns/rfc1035.cc:108:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = label ? strlen(label) : 0;
data/squid-4.13/src/dns/rfc1035.cc:564:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
la = strlen(a->name);
data/squid-4.13/src/dns/rfc1035.cc:565:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lb = strlen(b->name);
data/squid-4.13/src/dns/rfc1035.cc:829:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, answers[i].rdata, answers[i].rdlength);
data/squid-4.13/src/dns/rfc3596.cc:318:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, answers[i].rdata, answers[i].rdlength);
data/squid-4.13/src/dns/rfc3596.cc:322:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr, answers[i].rdata, answers[i].rdlength);
data/squid-4.13/src/dns_internal.cc:307:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(q->name);
data/squid-4.13/src/dns_internal.cc:390:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(searchpath[npc].domain, buf, sizeof(searchpath[npc].domain)-1);
data/squid-4.13/src/dns_internal.cc:625:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newkeyname, "\\");
data/squid-4.13/src/dns_internal.cc:1265:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(q->name, ".");
data/squid-4.13/src/dns_internal.cc:1741:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t nameLength = strlen(name);
data/squid-4.13/src/dns_internal.cc:1772:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(q->name, ".");
data/squid-4.13/src/errorpage.cc:308:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(lang) == 2) {
data/squid-4.13/src/errorpage.cc:1129:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert((size_t)result.contentSize() == strlen(result.content()));
data/squid-4.13/src/errorpage.cc:1290:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert((size_t)content->contentSize() == strlen(content->content()));
data/squid-4.13/src/esi/Esi.cc:866:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (el) < 5)
data/squid-4.13/src/esi/Esi.cc:957:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ellen = strlen (el);
data/squid-4.13/src/esi/Esi.cc:977:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
position = localbuf + strlen (localbuf);
data/squid-4.13/src/esi/Esi.cc:985:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
position += strlen (position);
data/squid-4.13/src/esi/Esi.cc:1084:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int ellen = strlen (el);
data/squid-4.13/src/esi/Esi.cc:1100:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
position = localbuf + strlen (localbuf);
data/squid-4.13/src/esi/Esi.cc:1157:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!tempParser->parse(s + 3, strlen(s) - 3, 0) ||
data/squid-4.13/src/esi/Esi.cc:1176:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/squid-4.13/src/esi/Esi.cc:2217:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
varState->feedData(unevaluatedExpression, strlen (unevaluatedExpression));
data/squid-4.13/src/esi/Include.cc:296:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vars->feedData(url, strlen (url));
data/squid-4.13/src/esi/VarState.cc:36:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), found_default, strlen (found_default));
data/squid-4.13/src/esi/VarState.cc:388:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), found_default, strlen (found_default));
data/squid-4.13/src/esi/VarState.cc:394:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:408:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:428:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:432:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:457:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:471:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:496:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ESISegment::ListAppend (state.getOutput(), s, strlen (s));
data/squid-4.13/src/esi/VarState.cc:613:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (string);
data/squid-4.13/src/eui/Eui48.cc:248:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(arpReq.arp_dev, ifr->ifr_name, sizeof(arpReq.arp_dev) - 1);
data/squid-4.13/src/external_acl.cc:326:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(len == strlen(token));
data/squid-4.13/src/external_acl.cc:785:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sb.append(quoted, strlen(quoted));
data/squid-4.13/src/fd.cc:118:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PROF_start(read);
data/squid-4.13/src/fd.cc:120:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PROF_stop(read);
data/squid-4.13/src/fd.cc:149:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PROF_start(read);
data/squid-4.13/src/fd.cc:150:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fd, buf, len);
data/squid-4.13/src/fd.cc:151:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PROF_stop(read);
data/squid-4.13/src/fd.cc:168:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PROF_start(read);
data/squid-4.13/src/fd.cc:170:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
PROF_stop(read);
data/squid-4.13/src/format/Format.cc:83:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
eos = def + strlen(def);
data/squid-4.13/src/format/Format.cc:1419:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t out_len = static_cast<size_t>(strlen(out)) * 2 + 1;
data/squid-4.13/src/format/Format.cc:1468:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fmt->widthMax : strlen(out);
data/squid-4.13/src/format/Format.cc:1475:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb.append(out, strlen(out));
data/squid-4.13/src/format/Quoting.cc:56:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = static_cast<char *>(xcalloc(1, (strlen(header) * 3) + 1));
data/squid-4.13/src/format/Token.cc:262:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(lte->configTag, cur, strlen(lte->configTag)) == 0) {
data/squid-4.13/src/format/Token.cc:266:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cur + strlen(lte->configTag);
data/squid-4.13/src/fs/rock/RockIoState.cc:119:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read.callback == NULL);
data/squid-4.13/src/fs/rock/RockIoState.cc:120:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read.callback_data == NULL);
data/squid-4.13/src/fs/rock/RockIoState.cc:121:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback = cb;
data/squid-4.13/src/fs/rock/RockIoState.cc:122:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback_data = cbdataReference(data);
data/squid-4.13/src/fs/rock/RockIoState.cc:138:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
theFile->read(request);
data/squid-4.13/src/fs/rock/RockIoState.cc:166:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
StoreIOState::STRCB *callb = read.callback;
data/squid-4.13/src/fs/rock/RockIoState.cc:168:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback = NULL;
data/squid-4.13/src/fs/rock/RockIoState.cc:170:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (cbdataReferenceValidDone(read.callback_data, &cbdata))
data/squid-4.13/src/fs/rock/RockRebuild.cc:250:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, hdrBuf, sizeof(hdrBuf)) != SwapDir::HeaderSize)
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:127:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read.callback == NULL);
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:128:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(read.callback_data == NULL);
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:140:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback = aCallback;
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:141:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback_data = cbdataReference(aCallbackData);
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:147:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
theFile->read(new ReadRequest(buf,aOffset,size));
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:241:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
STRCB *callback_ = read.callback;
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:245:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.callback = NULL;
data/squid-4.13/src/fs/ufs/UFSStoreState.cc:261:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!closing && cbdataReferenceValidDone(read.callback_data, &cbdata)) {
data/squid-4.13/src/fs/ufs/UFSSwapDir.cc:699:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pos = strlen(pathtmp);
data/squid-4.13/src/ftp/Parsing.cc:67:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ip, s, e - s);
data/squid-4.13/src/gopher.cc:589:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(escaped_selector) != 0)
data/squid-4.13/src/gopher.cc:767:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(conn, Config.Timeout.read, nil);
data/squid-4.13/src/gopher.cc:915:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb.append(gopherState->request, strlen(gopherState->request));
data/squid-4.13/src/gopher.cc:970:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(fwd->serverConnection(), Config.Timeout.read, timeoutCall);
data/squid-4.13/src/helper.cc:161:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
procname = (char *)xmalloc(strlen(shortname) + 3);
data/squid-4.13/src/helper.cc:163:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(procname, strlen(shortname) + 3, "(%s)", shortname);
data/squid-4.13/src/helper.cc:286:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *procname = (char *)xmalloc(strlen(shortname) + 3);
data/squid-4.13/src/helper.cc:288:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(procname, strlen(shortname) + 3, "(%s)", shortname);
data/squid-4.13/src/helper.cc:488:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
debugs(84, DBG_DATA, Raw("buf", buf, strlen(buf)));
data/squid-4.13/src/helper.cc:530:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
"', " << Raw("buf", buf, (!buf?0:strlen(buf))));
data/squid-4.13/src/helper.cc:1367:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
srv->wqueue->append(r->request.buf, strlen(r->request.buf));
data/squid-4.13/src/helper.cc:1379:103: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
debugs(84, 5, "helperDispatch: Request sent to " << hlp->id_name << " #" << srv->index << ", " << strlen(r->request.buf) << " bytes");
data/squid-4.13/src/helper.cc:1427:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Comm::Write(srv->writePipe, r->request.buf, strlen(r->request.buf), call, NULL);
data/squid-4.13/src/helper.cc:1430:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int) strlen(r->request.buf) << " bytes");
data/squid-4.13/src/htcp.cc:338:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = htcpBuildCountstr(buf + off, buflen - off, stuff->S.method, (stuff->S.method?strlen(stuff->S.method):0));
data/squid-4.13/src/htcp.cc:345:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = htcpBuildCountstr(buf + off, buflen - off, stuff->S.uri, (stuff->S.uri?strlen(stuff->S.uri):0));
data/squid-4.13/src/htcp.cc:352:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = htcpBuildCountstr(buf + off, buflen - off, stuff->S.version, (stuff->S.version?strlen(stuff->S.version):0));
data/squid-4.13/src/http.cc:1446:69: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(serverConnection, Config.Timeout.read, nil);
data/squid-4.13/src/http.cc:1633:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(serverConnection, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/http.cc:1706:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = base64_encode_update(&ctx, loginbuf, strlen(username), reinterpret_cast<const uint8_t*>(username));
data/squid-4.13/src/http.cc:1707:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen += base64_encode_update(&ctx, loginbuf+blen, strlen(request->peer_login +1), reinterpret_cast<const uint8_t*>(request->peer_login +1));
data/squid-4.13/src/http.cc:1731:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(request->peer_login, "NEGOTIATE",strlen("NEGOTIATE")) == 0) {
data/squid-4.13/src/http.cc:1750:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blen = base64_encode_update(&ctx, loginbuf, strlen(request->peer_login), reinterpret_cast<const uint8_t*>(request->peer_login));
data/squid-4.13/src/http/one/Parser.cc:226:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int namelen = strlen(name);
data/squid-4.13/src/http/url_rewriters/fake/fake.cc:116:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
data/squid-4.13/src/icmp/IcmpConfig.h:43:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(e)->append((n), strlen((n))); \
data/squid-4.13/src/icmp/IcmpPinger.cc:66:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(0, buf, sizeof(wpi));
data/squid-4.13/src/icmp/IcmpPinger.cc:79:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(0, buf, sizeof(PS));
data/squid-4.13/src/icmp/IcmpPinger.cc:121:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = send(icmp_sock, (const void *) buf, strlen(buf), 0);
data/squid-4.13/src/icmp/IcmpSquid.cc:72:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(payload);
data/squid-4.13/src/icp_v2.cc:245:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len = sizeof(icp_common_t) + strlen(url) + 1;
data/squid-4.13/src/icp_v2.cc:273:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(urloffset, url, strlen(url));
data/squid-4.13/src/internal.cc:52:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reply->setHeaders(Http::scNotFound, "Not Found", "text/plain", strlen(msgbuf), squid_curtime, -2);
data/squid-4.13/src/internal.cc:54:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entry->append(msgbuf, strlen(msgbuf));
data/squid-4.13/src/internal.cc:117:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb.append(dir, strlen(dir));
data/squid-4.13/src/internal.cc:146:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN -
data/squid-4.13/src/internal.cc:147:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(host) - 1);
data/squid-4.13/src/ipc.cc:55:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
env_str = (char *)xcalloc((tmp_s = strlen(Debug::debugOptions) + 32), 1);
data/squid-4.13/src/ipc.cc:278:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(prfd, hello_buf, sizeof(hello_buf)-1);
data/squid-4.13/src/ipc.cc:350:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = comm_udp_send(cwfd, hello_string, strlen(hello_string) + 1, 0);
data/squid-4.13/src/ipc.cc:359:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(cwfd, hello_string, strlen(hello_string) + 1) < 0) {
data/squid-4.13/src/ipc_win32.cc:86:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
env_str = (char *)xcalloc((tmp_s = strlen(Debug::debugOptions) + 32), 1);
data/squid-4.13/src/ipc_win32.cc:271:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = send(pwfd, (const void *)ok_string, strlen(ok_string), 0);
data/squid-4.13/src/ipc_win32.cc:419:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = send(cwfd, (const void *)hello_string, strlen(hello_string) + 1, 0);
data/squid-4.13/src/ipc_win32.cc:448:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:455:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:465:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:474:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:483:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:498:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:509:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:516:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:565:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf1, " ");
data/squid-4.13/src/ipc_win32.cc:573:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf1, " ");
data/squid-4.13/src/ipc_win32.cc:595:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:607:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:617:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:621:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(p2c[0], buf1, bufSz-1);
data/squid-4.13/src/ipc_win32.cc:627:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:629:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(buf1, ok_string, strlen(ok_string))) {
data/squid-4.13/src/ipc_win32.cc:634:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:644:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:648:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(p2c[0], buf1, bufSz-1);
data/squid-4.13/src/ipc_win32.cc:654:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:656:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp(buf1, ok_string, strlen(ok_string))) {
data/squid-4.13/src/ipc_win32.cc:661:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:665:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = send(pwfd_ipc, (const void *)ok_string, strlen(ok_string), 0);
data/squid-4.13/src/ipc_win32.cc:667:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert((size_t) x == strlen(ok_string)
data/squid-4.13/src/ipc_win32.cc:668:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& !strncmp(ok_string, buf1 + 200, strlen(ok_string)));
data/squid-4.13/src/ipc_win32.cc:701:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ipcSend(cwfd, err_string, strlen(err_string));
data/squid-4.13/src/ipc_win32.cc:707:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (-1 == ipcSend(cwfd, buf1, strlen(buf1)))
data/squid-4.13/src/ipc_win32.cc:755:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(crfd_ipc, (const void *)shutdown_string, strlen(shutdown_string), 0);
data/squid-4.13/src/ipc_win32.cc:813:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(rfd, buf2, bufSz-1);
data/squid-4.13/src/ipcache.cc:796:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp[strlen(tmp)-1] = '\0';
data/squid-4.13/src/ipcache.cc:1040:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(ipaddr, ':') && strspn(ipaddr, "0123456789abcdefABCDEF:") == strlen(ipaddr)) {
data/squid-4.13/src/log/File.cc:125:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fmt[strlen(fmt) - 1] == '\n')
data/squid-4.13/src/log/ModDaemon.cc:244:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logfile_mod_daemon_append(lf, tmpbuf, strlen(tmpbuf));
data/squid-4.13/src/log/access_log.cc:433:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Config.mcast_miss.encode_key) < 16)
data/squid-4.13/src/main.cc:543:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!optValue || strlen(optValue) < 1)
data/squid-4.13/src/main.cc:546:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "reconfigure", strlen(optValue)))
data/squid-4.13/src/main.cc:549:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "rotate", strlen(optValue)))
data/squid-4.13/src/main.cc:557:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "debug", strlen(optValue)))
data/squid-4.13/src/main.cc:565:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "shutdown", strlen(optValue)))
data/squid-4.13/src/main.cc:568:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "interrupt", strlen(optValue)))
data/squid-4.13/src/main.cc:571:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "kill", strlen(optValue)))
data/squid-4.13/src/main.cc:577:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "restart", strlen(optValue)))
data/squid-4.13/src/main.cc:583:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "check", strlen(optValue)))
data/squid-4.13/src/main.cc:586:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp(optValue, "parse", strlen(optValue)))
data/squid-4.13/src/main.cc:678:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(SQUID_BUILD_INFO))
data/squid-4.13/src/main.cc:954:21: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
setUmask(Config.umask);
data/squid-4.13/src/main.cc:1585:21: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
setUmask(Config.umask);
data/squid-4.13/src/main.cc:1765:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl = strlen(script);
data/squid-4.13/src/mem/PoolChunked.cc:463:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stats->overhead += sizeof(MemPoolChunked) + chunkCount * sizeof(MemChunk) + strlen(objectType()) + 1;
data/squid-4.13/src/mem/PoolMalloc.cc:81:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stats->overhead += sizeof(MemPoolMalloc) + strlen(objectType()) + 1;
data/squid-4.13/src/neighbors.cc:845:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(request->hier.cd_host, p->host, sizeof(request->hier.cd_host)-1);
data/squid-4.13/src/neighbors.cc:1374:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(url, "/");
data/squid-4.13/src/pconn.cc:337:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int used = strlen(buf);
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:445:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) xmalloc(strlen("FILE:/tmp/peer_proxy_negotiate_auth_")
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:452:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("FILE:/tmp/peer_proxy_negotiate_auth_") + 16,
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:456:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) xmalloc(strlen("MEMORY:peer_proxy_negotiate_auth_") +
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:463:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("MEMORY:peer_proxy_negotiate_auth_") + 16,
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:534:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = (void *) xmalloc(strlen("HTTP") + strlen(proxy) + 2);
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:534:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = (void *) xmalloc(strlen("HTTP") + strlen(proxy) + 2);
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:535:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen("HTTP") + strlen(proxy) + 2,
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:535:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen("HTTP") + strlen(proxy) + 2,
data/squid-4.13/src/peer_proxy_negotiate_auth.cc:537:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.length = strlen((char *) service.value);
data/squid-4.13/src/sbuf/SBuf.cc:211:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Ssize = strlen(S);
data/squid-4.13/src/sbuf/SBuf.cc:257:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_type requiredSpaceEstimate = strlen(fmt)*2;
data/squid-4.13/src/security/PeerConnector.cc:151:60: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
timeToRead = min(static_cast<int>(::Config.Timeout.read), timeLeft);
data/squid-4.13/src/security/PeerConnector.cc:153:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
timeToRead = ::Config.Timeout.read;
data/squid-4.13/src/security/PeerOptions.cc:229:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sslOptions.append(add+1, strlen(add+1));
data/squid-4.13/src/security/PeerOptions.cc:231:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sslOptions.append(add, strlen(add));
data/squid-4.13/src/security/cert_generators/file/certificate_db.cc:163:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
row[cell] = static_cast<char *>(OPENSSL_malloc(sizeof(char) * (strlen(value) + 1)));
data/squid-4.13/src/security/cert_generators/file/certificate_db.cc:164:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(row[cell], value, sizeof(char) * (strlen(value) + 1));
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:96:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_BYTES_STR, strlen(B_BYTES_STR)) ||
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:97:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!strncasecmp(unit, "", strlen(unit)))
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:100:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_KBYTES_STR, strlen(B_KBYTES_STR)))
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:103:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_MBYTES_STR, strlen(B_MBYTES_STR)))
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:106:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(unit, B_GBYTES_STR, strlen(B_GBYTES_STR)))
data/squid-4.13/src/security/cert_generators/file/security_file_certgen.cc:338:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t gcount = strlen(request);
data/squid-4.13/src/send-announce.cc:79:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(sndbuf);
data/squid-4.13/src/send-announce.cc:99:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (comm_udp_sendto(icpOutgoingConn->fd, S, sndbuf, strlen(sndbuf) + 1) < 0) {
data/squid-4.13/src/snmp/Session.cc:67:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = peername != NULL ? strlen(peername) : 0;
data/squid-4.13/src/snmp_agent.cc:92:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(Config.adminEmail);
data/squid-4.13/src/snmp_agent.cc:99:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(APP_SHORTNAME);
data/squid-4.13/src/snmp_agent.cc:106:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(VERSION);
data/squid-4.13/src/snmp_agent.cc:153:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(cp);
data/squid-4.13/src/snmp_agent.cc:166:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(cp);
data/squid-4.13/src/snmp_agent.cc:221:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(cp);
data/squid-4.13/src/snmp_agent.cc:241:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Answer->val_len = strlen(host);
data/squid-4.13/src/ssl/ErrorDetail.cc:734:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(ErrorFormatingCodes[i].code);
data/squid-4.13/src/ssl/ErrorDetail.cc:773:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
errDetailStr.append(s, strlen(s));
data/squid-4.13/src/ssl/bio.cc:127:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Ssl::Bio::read(char *buf, int size, BIO *table)
data/squid-4.13/src/ssl/bio.cc:216:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Ssl::ClientBio::read(char *buf, int size, BIO *table)
data/squid-4.13/src/ssl/bio.cc:236:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return Ssl::Bio::read(buf, size, table);
data/squid-4.13/src/ssl/bio.cc:272:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Ssl::ServerBio::read(char *buf, int size, BIO *table)
data/squid-4.13/src/ssl/bio.cc:296:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return Ssl::Bio::read(buf, size, table);
data/squid-4.13/src/ssl/bio.cc:337:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const int result = Ssl::Bio::read(space, SQUID_TCP_SO_RCVBUF, table);
data/squid-4.13/src/ssl/bio.cc:605:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return bio->read(buf, size, table);
data/squid-4.13/src/ssl/bio.cc:613:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return squid_bio_write(table, str, strlen(str));
data/squid-4.13/src/ssl/bio.h:43:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(char *buf, int size, BIO *table);
data/squid-4.13/src/ssl/bio.h:84:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(char *buf, int size, BIO *table);
data/squid-4.13/src/ssl/bio.h:137:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(char *buf, int size, BIO *table);
data/squid-4.13/src/ssl/cert_validate_message.cc:125:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b += strlen("-----END CERTIFICATE-----");
data/squid-4.13/src/ssl/gadgets.cc:766:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tm.length = strlen(date);
data/squid-4.13/src/ssl/support.cc:74:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/squid-4.13/src/store_key_md5.cc:104:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SquidMD5Update(&M, (unsigned char *) url, strlen(url));
data/squid-4.13/src/tests/testConfigParser.cc:34:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cfgparam, cfgline, sizeof(cfgparam)-1);
data/squid-4.13/src/tests/testSBuf.cc:306:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t maxN = 2 + min(strlen(left), strlen(right));
data/squid-4.13/src/tests/testSBuf.cc:306:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t maxN = 2 + min(strlen(left), strlen(right));
data/squid-4.13/src/tests/testSBuf.cc:377:91: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const SBuf::size_type maxN = 20 + min(left.length(), static_cast<SBuf::size_type>(strlen(right)));
data/squid-4.13/src/tests/testSBuf.cc:421:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *rb=s2.rawAppendStart(strlen(fox2)+1);
data/squid-4.13/src/tests/testSBuf.cc:423:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s2.rawAppendFinish(rb, strlen(fox2));
data/squid-4.13/src/tests/testSBuf.cc:765:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CPPUNIT_ASSERT_EQUAL(strlen(fox),(size_t)s.length());
data/squid-4.13/src/tools.cc:117:29: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
const mode_t prev_umask=umask(S_IXUSR|S_IXGRP|S_IWGRP|S_IWOTH|S_IXOTH);
data/squid-4.13/src/tools.cc:123:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(prev_umask);
data/squid-4.13/src/tools.cc:132:9: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(prev_umask);
data/squid-4.13/src/tools.cc:136:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(prev_umask);
data/squid-4.13/src/tools.cc:977:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf2, lt, sizeof(buf2)-1);
data/squid-4.13/src/tools.cc:978:17: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf2, Config.appendDomain, sizeof(buf2) - strlen(lt) - 1);
data/squid-4.13/src/tools.cc:978:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf2, Config.appendDomain, sizeof(buf2) - strlen(lt) - 1);
data/squid-4.13/src/tools.cc:1034:38: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
static const mode_t orig_umask = umask(mask); // once, to get
data/squid-4.13/src/tools.cc:1035:5: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(mask | orig_umask); // always, to set
data/squid-4.13/src/tunnel.cc:604:54: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(from.conn, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/tunnel.cc:612:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(to.conn, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/tunnel.cc:977:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tunnelState->client.write(conn_established, strlen(conn_established), call, NULL);
data/squid-4.13/src/tunnel.cc:1070:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(conn, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/tunnel.cc:1198:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(srv, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/tunnel.cc:1335:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(srvConn, Config.Timeout.read, timeoutCall);
data/squid-4.13/src/ufsdump.cc:141:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len = read(fd, tempbuf, SM_PAGE_SIZE);
data/squid-4.13/src/unlinkd.cc:89:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = read(unlinkd_rfd, rbuf, 511);
data/squid-4.13/src/unlinkd.cc:102:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(path);
data/squid-4.13/src/whois.cc:76:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Comm::Write(fwd->serverConnection(), buf, strlen(buf), writeCall, NULL);
data/squid-4.13/src/whois.cc:82:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
commSetConnTimeout(fwd->serverConnection(), Config.Timeout.read, timeoutCall);
data/squid-4.13/test-suite/ESIExpressions.cc:41:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen (expressions[i])) {
data/squid-4.13/test-suite/tcp-banger2.c:198:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((len = read(fd, buf, READ_BUF_SZ)) <= 0) {
data/squid-4.13/test-suite/tcp-banger2.c:207:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int oldlen = strlen(r->buf);
data/squid-4.13/test-suite/tcp-banger2.c:227:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(url, header + 15, strcspn(header + 15, "\r\n"));
data/squid-4.13/test-suite/tcp-banger2.c:387:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(msg, ",");
data/squid-4.13/test-suite/tcp-banger2.c:406:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg);
data/squid-4.13/test-suite/tcp-banger2.c:415:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((len = read(f, buf, sizeof(buf))) > 0) {
data/squid-4.13/test-suite/tcp-banger2.c:527:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
custom_header = realloc(custom_header, strlen(custom_header) + strlen(optarg) + 2 + 1);
data/squid-4.13/test-suite/tcp-banger2.c:527:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
custom_header = realloc(custom_header, strlen(custom_header) + strlen(optarg) + 2 + 1);
data/squid-4.13/tools/CharacterSet.cc:87:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t clen = strlen(c);
data/squid-4.13/tools/Here.cc:31:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(full) - strlen(tail);
data/squid-4.13/tools/Here.cc:31:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(full) - strlen(tail);
data/squid-4.13/tools/cachemgr.cc:188:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strspn(str, "\t -+01234567890./\n") == strlen(str);
data/squid-4.13/tools/cachemgr.cc:206:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tok);
data/squid-4.13/tools/cachemgr.cc:225:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto limit = strlen(uri);
data/squid-4.13/tools/cachemgr.cc:253:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!host || !strlen(host))
data/squid-4.13/tools/cachemgr.cc:454:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char bufLen = strlen(buf);
data/squid-4.13/tools/cachemgr.cc:539:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (x && strlen(x)) {
data/squid-4.13/tools/cachemgr.cc:607:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strlen(req->action))
data/squid-4.13/tools/cachemgr.cc:922:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(args[1]) > 2) {
data/squid-4.13/tools/cachemgr.cc:961:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *endptr = s+ strlen(s);
data/squid-4.13/tools/cachemgr.cc:1018:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) == 0 || strlen(buf) == 4000)
data/squid-4.13/tools/cachemgr.cc:1018:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) == 0 || strlen(buf) == 4000)
data/squid-4.13/tools/cachemgr.cc:1021:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) == 0)
data/squid-4.13/tools/cachemgr.cc:1044:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strcmp(t, "server") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1046:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "host") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1048:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "port") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1050:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "user_name") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1052:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "passwd") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1054:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "auth") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1058:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "workers") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1060:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strcmp(t, "processes") && strlen(q))
data/squid-4.13/tools/cachemgr.cc:1092:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!req->passwd || !strlen(req->passwd))
data/squid-4.13/tools/cachemgr.cc:1122:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!req->pub_auth || strlen(req->pub_auth) < 4 + strlen(safe_str(req->hostname)))
data/squid-4.13/tools/cachemgr.cc:1122:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!req->pub_auth || strlen(req->pub_auth) < 4 + strlen(safe_str(req->hostname)))
data/squid-4.13/tools/cachemgr.cc:1125:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = static_cast<char*>(xmalloc(BASE64_DECODE_LENGTH(strlen(req->pub_auth))+1));
data/squid-4.13/tools/cachemgr.cc:1129:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!base64_decode_update(&ctx, &decodedLen, reinterpret_cast<uint8_t*>(buf), strlen(req->pub_auth), req->pub_auth) ||
data/squid-4.13/tools/purge/copyout.cc:132:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ptr == 0 || strlen(ptr) < 4 ) return false;
data/squid-4.13/tools/purge/copyout.cc:136:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = new char[ strlen(ptr) + strlen(copydir) + strlen(index) +5 ];
data/squid-4.13/tools/purge/copyout.cc:136:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = new char[ strlen(ptr) + strlen(copydir) + strlen(index) +5 ];
data/squid-4.13/tools/purge/copyout.cc:136:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *filename = new char[ strlen(ptr) + strlen(copydir) + strlen(index) +5 ];
data/squid-4.13/tools/purge/copyout.cc:139:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( filename, "/" );
data/squid-4.13/tools/purge/copyout.cc:140:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* here = filename + strlen(filename);
data/squid-4.13/tools/purge/copyout.cc:144:38: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ( strchr( ptr+3, '/' ) == 0 ) strcat( filename, "/" );
data/squid-4.13/tools/purge/copyout.cc:147:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( filename[strlen(filename)-1] == '/' ) strcat( filename, index );
data/squid-4.13/tools/purge/copyout.cc:229:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (rsize=read(input,buffer,sizeof(buffer))) > 0 ) {
data/squid-4.13/tools/purge/purge.cc:212:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned size = strlen(start)+1;
data/squid-4.13/tools/purge/purge.cc:215:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(s);
data/squid-4.13/tools/purge/purge.cc:241:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(s) != testlen ) return false;
data/squid-4.13/tools/purge/purge.cc:339:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long bufsize = strlen(url) + strlen(schablone) + 4;
data/squid-4.13/tools/purge/purge.cc:339:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned long bufsize = strlen(url) + strlen(schablone) + 4;
data/squid-4.13/tools/purge/purge.cc:350:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int content_size = strlen(buffer);
data/squid-4.13/tools/purge/purge.cc:359:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int readLen = read(sockfd, buffer, bufsize);
data/squid-4.13/tools/purge/purge.cc:411:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t readLen = read(fd,::linebuffer,::buffersize-1);
data/squid-4.13/tools/purge/purge.cc:555:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(entry->d_name) == 2 &&
data/squid-4.13/tools/purge/purge.cc:700:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line)-1;
data/squid-4.13/tools/squidclient/Transport.cc:279:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(conn, buf, len);
data/squid-4.13/tools/squidclient/Transport.cc:471:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gnutls_server_name_set(Transport::Config.session, GNUTLS_NAME_DNS, hostname, strlen(hostname));
data/squid-4.13/tools/squidclient/gssapi_support.cc:110:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = xmalloc(strlen("HTTP") + strlen(server) + 2);
data/squid-4.13/tools/squidclient/gssapi_support.cc:110:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.value = xmalloc(strlen("HTTP") + strlen(server) + 2);
data/squid-4.13/tools/squidclient/gssapi_support.cc:111:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen("HTTP") + strlen(server) + 2, "%s@%s", "HTTP", server);
data/squid-4.13/tools/squidclient/gssapi_support.cc:111:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf((char *) service.value, strlen("HTTP") + strlen(server) + 2, "%s@%s", "HTTP", server);
data/squid-4.13/tools/squidclient/gssapi_support.cc:112:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
service.length = strlen((char *) service.value);
data/squid-4.13/tools/squidclient/squidclient.cc:211:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto bcapacity = base64_encode_len(strlen(user) + 1 + strlen(password));
data/squid-4.13/tools/squidclient/squidclient.cc:211:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto bcapacity = base64_encode_len(strlen(user) + 1 + strlen(password));
data/squid-4.13/tools/squidclient/squidclient.cc:215:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bsize += base64_encode_update(&ctx, buf, strlen(user), reinterpret_cast<const uint8_t*>(user));
data/squid-4.13/tools/squidclient/squidclient.cc:217:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bsize += base64_encode_update(&ctx, buf+bsize, strlen(password), reinterpret_cast<const uint8_t*>(password));
data/squid-4.13/tools/squidclient/squidclient.cc:261:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(url, argv[argc - 1], sizeof(url));
data/squid-4.13/tools/squidclient/squidclient.cc:356:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optarg)) {
data/squid-4.13/tools/squidclient/squidclient.cc:582:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else while ((x = read(put_fd, buf, sizeof(buf))) > 0) {
ANALYSIS SUMMARY:
Hits = 2621
Lines analyzed = 311662 in approximately 8.01 seconds (38913 lines/second)
Physical Source Lines of Code (SLOC) = 209173
Hits@level = [0] 1387 [1] 887 [2] 1291 [3] 74 [4] 368 [5] 1
Hits@level+ = [0+] 4008 [1+] 2621 [2+] 1734 [3+] 443 [4+] 369 [5+] 1
Hits/KSLOC@level+ = [0+] 19.1612 [1+] 12.5303 [2+] 8.28979 [3+] 2.11786 [4+] 1.76409 [5+] 0.00478073
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.