Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/suricata-5.0.3/ebpf/filter.c
Examining data/suricata-5.0.3/ebpf/bpf_helpers.h
Examining data/suricata-5.0.3/ebpf/vlan_filter.c
Examining data/suricata-5.0.3/ebpf/bypass_filter.c
Examining data/suricata-5.0.3/ebpf/hash_func01.h
Examining data/suricata-5.0.3/ebpf/lb.c
Examining data/suricata-5.0.3/ebpf/include/linux/bpf.h
Examining data/suricata-5.0.3/ebpf/include/linux/bpf_common.h
Examining data/suricata-5.0.3/ebpf/xdp_filter.c
Examining data/suricata-5.0.3/ebpf/xdp_lb.c
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-applayertemplate-template-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-dns-dns-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-core-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-dhcp-dhcp-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-ntp-ntp-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-dns-detect-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-nfs-nfs-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-ikev2-ikev2-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-dns-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-smb-detect-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-snmp-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-smb-smb-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-dns-lua-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-tftp-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-tftp-tftp-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-snmp-detect-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-sip-sip-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-krb-krb5-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-sip-detect-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-smb-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-rdp-rdp-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-snmp-snmp-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-nfs-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-ftp-mod-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-krb-detect-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-smb-files-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-applayertemplate-logger-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-krb-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-dhcp-logger-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-sip-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-rdp-log-gen.h
Examining data/suricata-5.0.3/rust/gen/c-headers/rust-ikev2-log-gen.h
Examining data/suricata-5.0.3/src/detect-fast-pattern.h
Examining data/suricata-5.0.3/src/detect-within.h
Examining data/suricata-5.0.3/src/util-profiling.h
Examining data/suricata-5.0.3/src/detect-http-accept-enc.c
Examining data/suricata-5.0.3/src/app-layer-ssl.c
Examining data/suricata-5.0.3/src/util-runmodes.c
Examining data/suricata-5.0.3/src/packet-queue.h
Examining data/suricata-5.0.3/src/detect-content.h
Examining data/suricata-5.0.3/src/util-lua-dns.c
Examining data/suricata-5.0.3/src/util-debug-filters.c
Examining data/suricata-5.0.3/src/app-layer-expectation.h
Examining data/suricata-5.0.3/src/detect-app-layer-event.h
Examining data/suricata-5.0.3/src/util-unittest.c
Examining data/suricata-5.0.3/src/output-stats.c
Examining data/suricata-5.0.3/src/app-layer-ftp.c
Examining data/suricata-5.0.3/src/app-layer-dnp3.h
Examining data/suricata-5.0.3/src/detect-dns-query.c
Examining data/suricata-5.0.3/src/output-packet.h
Examining data/suricata-5.0.3/src/app-layer-htp-file.h
Examining data/suricata-5.0.3/src/detect-tcp-seq.c
Examining data/suricata-5.0.3/src/source-netmap.h
Examining data/suricata-5.0.3/src/output-json-ftp.h
Examining data/suricata-5.0.3/src/detect-krb5-sname.c
Examining data/suricata-5.0.3/src/decode-teredo.c
Examining data/suricata-5.0.3/src/output-filestore.c
Examining data/suricata-5.0.3/src/util-unittest.h
Examining data/suricata-5.0.3/src/stream-tcp.c
Examining data/suricata-5.0.3/src/output-json-ftp.c
Examining data/suricata-5.0.3/src/util-conf.c
Examining data/suricata-5.0.3/src/alert-prelude.h
Examining data/suricata-5.0.3/src/source-erf-dag.c
Examining data/suricata-5.0.3/src/detect-sip-stat-msg.c
Examining data/suricata-5.0.3/src/decode-mpls.c
Examining data/suricata-5.0.3/src/util-var.h
Examining data/suricata-5.0.3/src/util-unittest-helper.h
Examining data/suricata-5.0.3/src/detect-http-header-common.h
Examining data/suricata-5.0.3/src/runmode-nflog.c
Examining data/suricata-5.0.3/src/util-decode-der-get.c
Examining data/suricata-5.0.3/src/reputation.c
Examining data/suricata-5.0.3/src/detect-engine-address-ipv4.h
Examining data/suricata-5.0.3/src/source-windivert.h
Examining data/suricata-5.0.3/src/detect-http-cookie.h
Examining data/suricata-5.0.3/src/detect-transform-strip-whitespace.c
Examining data/suricata-5.0.3/src/util-hyperscan.h
Examining data/suricata-5.0.3/src/util-ip.h
Examining data/suricata-5.0.3/src/host-queue.h
Examining data/suricata-5.0.3/src/detect-transform-md5.c
Examining data/suricata-5.0.3/src/detect-filesha1.c
Examining data/suricata-5.0.3/src/detect-engine-mpm.h
Examining data/suricata-5.0.3/src/threads-profile.h
Examining data/suricata-5.0.3/src/util-ebpf.h
Examining data/suricata-5.0.3/src/stream-tcp.h
Examining data/suricata-5.0.3/src/util-lua-dnp3-objects.c
Examining data/suricata-5.0.3/src/flow-worker.h
Examining data/suricata-5.0.3/src/output-json-sip.c
Examining data/suricata-5.0.3/src/app-layer-htp-mem.h
Examining data/suricata-5.0.3/src/detect-sip-uri.c
Examining data/suricata-5.0.3/src/detect-iprep.c
Examining data/suricata-5.0.3/src/app-layer-dhcp.c
Examining data/suricata-5.0.3/src/detect-template.h
Examining data/suricata-5.0.3/src/util-pidfile.c
Examining data/suricata-5.0.3/src/stream-tcp-reassemble.c
Examining data/suricata-5.0.3/src/detect-engine-loader.c
Examining data/suricata-5.0.3/src/detect-http-client-body.c
Examining data/suricata-5.0.3/src/detect-bytejump.c
Examining data/suricata-5.0.3/src/detect-ssl-state.h
Examining data/suricata-5.0.3/src/detect-metadata.h
Examining data/suricata-5.0.3/src/stream-tcp-list.h
Examining data/suricata-5.0.3/src/util-profiling.c
Examining data/suricata-5.0.3/src/decode-ipv6.h
Examining data/suricata-5.0.3/src/util-radix-tree.h
Examining data/suricata-5.0.3/src/util-debug-filters.h
Examining data/suricata-5.0.3/src/detect-tcp-window.c
Examining data/suricata-5.0.3/src/tree.h
Examining data/suricata-5.0.3/src/app-layer.h
Examining data/suricata-5.0.3/src/log-tlslog.h
Examining data/suricata-5.0.3/src/detect-dce-iface.h
Examining data/suricata-5.0.3/src/flow-timeout.c
Examining data/suricata-5.0.3/src/output-streaming.h
Examining data/suricata-5.0.3/src/detect-krb5-errcode.c
Examining data/suricata-5.0.3/src/flow-hash.h
Examining data/suricata-5.0.3/src/detect-http-location.c
Examining data/suricata-5.0.3/src/detect-csum.c
Examining data/suricata-5.0.3/src/tm-queues.h
Examining data/suricata-5.0.3/src/util-error.c
Examining data/suricata-5.0.3/src/detect-tcphdr.c
Examining data/suricata-5.0.3/src/detect-xbits.h
Examining data/suricata-5.0.3/src/decode-erspan.h
Examining data/suricata-5.0.3/src/detect-http-uri.c
Examining data/suricata-5.0.3/src/detect-http-connection.h
Examining data/suricata-5.0.3/src/decode-ethernet.h
Examining data/suricata-5.0.3/src/output-json-snmp.c
Examining data/suricata-5.0.3/src/util-profiling-locks.c
Examining data/suricata-5.0.3/src/detect-filesha1.h
Examining data/suricata-5.0.3/src/util-hash.c
Examining data/suricata-5.0.3/src/detect-fast-pattern.c
Examining data/suricata-5.0.3/src/detect-snmp-version.c
Examining data/suricata-5.0.3/src/runmodes.h
Examining data/suricata-5.0.3/src/alert-debuglog.c
Examining data/suricata-5.0.3/src/util-spm-bs.c
Examining data/suricata-5.0.3/src/detect-engine-address-ipv6.h
Examining data/suricata-5.0.3/src/util-streaming-buffer.h
Examining data/suricata-5.0.3/src/log-pcap.h
Examining data/suricata-5.0.3/src/detect-sip-request-line.h
Examining data/suricata-5.0.3/src/output-json-anomaly.h
Examining data/suricata-5.0.3/src/app-layer-template.c
Examining data/suricata-5.0.3/src/detect-engine-loader.h
Examining data/suricata-5.0.3/src/util-lua-common.c
Examining data/suricata-5.0.3/src/detect-datarep.h
Examining data/suricata-5.0.3/src/util-decode-der-get.h
Examining data/suricata-5.0.3/src/detect-http-accept-lang.c
Examining data/suricata-5.0.3/src/runmode-pcap.h
Examining data/suricata-5.0.3/src/detect-sid.h
Examining data/suricata-5.0.3/src/detect-csum.h
Examining data/suricata-5.0.3/src/detect-snmp-pdu_type.c
Examining data/suricata-5.0.3/src/app-layer-dnp3-objects.h
Examining data/suricata-5.0.3/src/detect-tls-cert-issuer.c
Examining data/suricata-5.0.3/src/host.h
Examining data/suricata-5.0.3/src/log-httplog.c
Examining data/suricata-5.0.3/src/source-pcap.h
Examining data/suricata-5.0.3/src/detect-http-raw-header.c
Examining data/suricata-5.0.3/src/app-layer-enip-common.c
Examining data/suricata-5.0.3/src/datasets.c
Examining data/suricata-5.0.3/src/detect-ssh-proto.h
Examining data/suricata-5.0.3/src/app-layer-events.h
Examining data/suricata-5.0.3/src/decode.h
Examining data/suricata-5.0.3/src/datasets.h
Examining data/suricata-5.0.3/src/detect-pcre.h
Examining data/suricata-5.0.3/src/util-checksum.h
Examining data/suricata-5.0.3/src/detect-engine-alert.h
Examining data/suricata-5.0.3/src/detect-bypass.h
Examining data/suricata-5.0.3/src/detect-base64-decode.h
Examining data/suricata-5.0.3/src/detect-tls-ja3-string.c
Examining data/suricata-5.0.3/src/util-file-decompression.h
Examining data/suricata-5.0.3/src/detect-http-protocol.c
Examining data/suricata-5.0.3/src/util-storage.h
Examining data/suricata-5.0.3/src/output-json-ssh.h
Examining data/suricata-5.0.3/src/output-json.c
Examining data/suricata-5.0.3/src/source-pfring.c
Examining data/suricata-5.0.3/src/win32-misc.h
Examining data/suricata-5.0.3/src/win32-syscall.h
Examining data/suricata-5.0.3/src/output-json-snmp.h
Examining data/suricata-5.0.3/src/host-bit.h
Examining data/suricata-5.0.3/src/output-json-template.h
Examining data/suricata-5.0.3/src/util-bpf.c
Examining data/suricata-5.0.3/src/app-layer-detect-proto.h
Examining data/suricata-5.0.3/src/detect-dns-opcode.h
Examining data/suricata-5.0.3/src/rust.h
Examining data/suricata-5.0.3/src/detect-engine-content-inspection.h
Examining data/suricata-5.0.3/src/runmode-netmap.c
Examining data/suricata-5.0.3/src/output-json-drop.c
Examining data/suricata-5.0.3/src/detect-engine-modbus.h
Examining data/suricata-5.0.3/src/util-hash-lookup3.c
Examining data/suricata-5.0.3/src/detect-parse.h
Examining data/suricata-5.0.3/src/output-file.h
Examining data/suricata-5.0.3/src/output-filestore.h
Examining data/suricata-5.0.3/src/detect-template-rust-buffer.h
Examining data/suricata-5.0.3/src/runmode-erf-dag.h
Examining data/suricata-5.0.3/src/decode.c
Examining data/suricata-5.0.3/src/util-logopenfile.c
Examining data/suricata-5.0.3/src/source-ipfw.h
Examining data/suricata-5.0.3/src/alert-syslog.h
Examining data/suricata-5.0.3/src/detect-ssh-proto-version.h
Examining data/suricata-5.0.3/src/app-layer-ssh.h
Examining data/suricata-5.0.3/src/runmode-ipfw.h
Examining data/suricata-5.0.3/src/pkt-var.h
Examining data/suricata-5.0.3/src/output-filedata.h
Examining data/suricata-5.0.3/src/detect-tls.h
Examining data/suricata-5.0.3/src/detect-detection-filter.h
Examining data/suricata-5.0.3/src/output-json-krb5.c
Examining data/suricata-5.0.3/src/defrag-queue.c
Examining data/suricata-5.0.3/src/app-layer-ikev2.h
Examining data/suricata-5.0.3/src/flow-private.h
Examining data/suricata-5.0.3/src/tmqh-simple.c
Examining data/suricata-5.0.3/src/util-base64.c
Examining data/suricata-5.0.3/src/util-validate.h
Examining data/suricata-5.0.3/src/detect-engine.c
Examining data/suricata-5.0.3/src/defrag-timeout.c
Examining data/suricata-5.0.3/src/queue.h
Examining data/suricata-5.0.3/src/app-layer-dcerpc-common.h
Examining data/suricata-5.0.3/src/util-cpu.h
Examining data/suricata-5.0.3/src/app-layer-dhcp.h
Examining data/suricata-5.0.3/src/detect-icmp-seq.c
Examining data/suricata-5.0.3/src/log-tlslog.c
Examining data/suricata-5.0.3/src/util-memrchr.c
Examining data/suricata-5.0.3/src/util-signal.h
Examining data/suricata-5.0.3/src/detect-snmp-community.c
Examining data/suricata-5.0.3/src/detect-prefilter.h
Examining data/suricata-5.0.3/src/util-threshold-config.c
Examining data/suricata-5.0.3/src/detect-sip-method.c
Examining data/suricata-5.0.3/src/util-memrchr.h
Examining data/suricata-5.0.3/src/util-enum.h
Examining data/suricata-5.0.3/src/output-json-nfs.h
Examining data/suricata-5.0.3/src/log-stats.c
Examining data/suricata-5.0.3/src/detect-http-referer.h
Examining data/suricata-5.0.3/src/detect-pkt-data.c
Examining data/suricata-5.0.3/src/detect-filemd5.h
Examining data/suricata-5.0.3/src/util-profiling-rulegroups.c
Examining data/suricata-5.0.3/src/stream-tcp-inline.h
Examining data/suricata-5.0.3/src/detect-tls-ja3s-string.h
Examining data/suricata-5.0.3/src/tmqh-packetpool.h
Examining data/suricata-5.0.3/src/util-mpm-hs.h
Examining data/suricata-5.0.3/src/app-layer-krb5.c
Examining data/suricata-5.0.3/src/detect-http-server.c
Examining data/suricata-5.0.3/src/detect-dataset.h
Examining data/suricata-5.0.3/src/flow-bit.c
Examining data/suricata-5.0.3/src/util-hashlist.h
Examining data/suricata-5.0.3/src/util-syslog.c
Examining data/suricata-5.0.3/src/flow-queue.c
Examining data/suricata-5.0.3/src/detect-noalert.c
Examining data/suricata-5.0.3/src/decode-icmpv6.h
Examining data/suricata-5.0.3/src/detect-file-hash-common.h
Examining data/suricata-5.0.3/src/detect-engine-register.h
Examining data/suricata-5.0.3/src/respond-reject-libnet11.h
Examining data/suricata-5.0.3/src/detect-priority.h
Examining data/suricata-5.0.3/src/detect-rawbytes.h
Examining data/suricata-5.0.3/src/detect-template2.h
Examining data/suricata-5.0.3/src/source-erf-dag.h
Examining data/suricata-5.0.3/src/app-layer-htp-body.h
Examining data/suricata-5.0.3/src/util-bloomfilter.c
Examining data/suricata-5.0.3/src/detect-engine-proto.c
Examining data/suricata-5.0.3/src/defrag-queue.h
Examining data/suricata-5.0.3/src/respond-reject-libnet11.c
Examining data/suricata-5.0.3/src/decode-ipv4.h
Examining data/suricata-5.0.3/src/util-pages.c
Examining data/suricata-5.0.3/src/detect-ssh-proto.c
Examining data/suricata-5.0.3/src/detect-ipproto.h
Examining data/suricata-5.0.3/src/app-layer-dns-tcp.h
Examining data/suricata-5.0.3/src/detect-smb-share.c
Examining data/suricata-5.0.3/src/util-rule-vars.c
Examining data/suricata-5.0.3/src/util-mpm-ac.h
Examining data/suricata-5.0.3/src/output-json-dhcp.h
Examining data/suricata-5.0.3/src/detect-geoip.c
Examining data/suricata-5.0.3/src/detect-http-header.h
Examining data/suricata-5.0.3/src/detect-id.c
Examining data/suricata-5.0.3/src/util-signal.c
Examining data/suricata-5.0.3/src/detect-fragoffset.c
Examining data/suricata-5.0.3/src/detect-tls-certs.c
Examining data/suricata-5.0.3/src/detect-http-content-len.c
Examining data/suricata-5.0.3/src/runmode-unix-socket.c
Examining data/suricata-5.0.3/src/detect-filemagic.h
Examining data/suricata-5.0.3/src/datasets-sha256.h
Examining data/suricata-5.0.3/src/detect-ipv6hdr.c
Examining data/suricata-5.0.3/src/detect-krb5-msgtype.c
Examining data/suricata-5.0.3/src/detect-nocase.h
Examining data/suricata-5.0.3/src/detect-tcpmss.h
Examining data/suricata-5.0.3/src/detect-http-client-body.h
Examining data/suricata-5.0.3/src/ippair-queue.c
Examining data/suricata-5.0.3/src/tests/reputation.c
Examining data/suricata-5.0.3/src/tests/stream-tcp-reassemble.c
Examining data/suricata-5.0.3/src/tests/detect-http-client-body.c
Examining data/suricata-5.0.3/src/tests/detect-tcphdr.c
Examining data/suricata-5.0.3/src/tests/detect-http-uri.c
Examining data/suricata-5.0.3/src/tests/detect-snmp-version.c
Examining data/suricata-5.0.3/src/tests/detect-snmp-pdu_type.c
Examining data/suricata-5.0.3/src/tests/detect-tls-cert-issuer.c
Examining data/suricata-5.0.3/src/tests/detect-http-raw-header.c
Examining data/suricata-5.0.3/src/tests/detect-tls-ja3-string.c
Examining data/suricata-5.0.3/src/tests/detect-snmp-community.c
Examining data/suricata-5.0.3/src/tests/detect-tls-certs.c
Examining data/suricata-5.0.3/src/tests/detect-ipv6hdr.c
Examining data/suricata-5.0.3/src/tests/detect-http-header.c
Examining data/suricata-5.0.3/src/tests/detect-tls-cert-serial.c
Examining data/suricata-5.0.3/src/tests/detect-bsize.c
Examining data/suricata-5.0.3/src/tests/stream-tcp-list.c
Examining data/suricata-5.0.3/src/tests/detect-template2.c
Examining data/suricata-5.0.3/src/tests/detect-tls-sni.c
Examining data/suricata-5.0.3/src/tests/detect-template-buffer.c
Examining data/suricata-5.0.3/src/tests/detect-ttl.c
Examining data/suricata-5.0.3/src/tests/detect-tls-cert-subject.c
Examining data/suricata-5.0.3/src/tests/detect-parse.c
Examining data/suricata-5.0.3/src/tests/detect-http-host.c
Examining data/suricata-5.0.3/src/tests/detect.c
Examining data/suricata-5.0.3/src/tests/detect-http-cookie.c
Examining data/suricata-5.0.3/src/tests/detect-http-server-body.c
Examining data/suricata-5.0.3/src/tests/detect-tcpmss.c
Examining data/suricata-5.0.3/src/tests/detect-tls-ja3-hash.c
Examining data/suricata-5.0.3/src/tests/detect-tls-version.c
Examining data/suricata-5.0.3/src/tests/detect-ipv4hdr.c
Examining data/suricata-5.0.3/src/tests/detect-file-data.c
Examining data/suricata-5.0.3/src/tests/detect-tls-cert-fingerprint.c
Examining data/suricata-5.0.3/src/tests/stream-tcp-inline.c
Examining data/suricata-5.0.3/src/tests/detect-http-stat-code.c
Examining data/suricata-5.0.3/src/tests/detect-http-method.c
Examining data/suricata-5.0.3/src/tests/detect-http-stat-msg.c
Examining data/suricata-5.0.3/src/tests/detect-udphdr.c
Examining data/suricata-5.0.3/src/tests/detect-template.c
Examining data/suricata-5.0.3/src/tests/detect-tls-ja3s-hash.c
Examining data/suricata-5.0.3/src/tests/detect-tls-ja3s-string.c
Examining data/suricata-5.0.3/src/tests/detect-ssl-state.c
Examining data/suricata-5.0.3/src/tests/detect-ssl-version.c
Examining data/suricata-5.0.3/src/tests/detect-engine-content-inspection.c
Examining data/suricata-5.0.3/src/tests/detect-tls-cert-validity.c
Examining data/suricata-5.0.3/src/tests/app-layer-htp-file.c
Examining data/suricata-5.0.3/src/tests/detect-http-user-agent.c
Examining data/suricata-5.0.3/src/detect-engine-threshold.h
Examining data/suricata-5.0.3/src/app-layer-ikev2.c
Examining data/suricata-5.0.3/src/source-pcap-file-directory-helper.c
Examining data/suricata-5.0.3/src/util-mpm.h
Examining data/suricata-5.0.3/src/alert-debuglog.h
Examining data/suricata-5.0.3/src/decode-icmpv4.c
Examining data/suricata-5.0.3/src/defrag.h
Examining data/suricata-5.0.3/src/util-var-name.c
Examining data/suricata-5.0.3/src/detect-depth.c
Examining data/suricata-5.0.3/src/decode-raw.h
Examining data/suricata-5.0.3/src/util-mpm-ac-ks-small.c
Examining data/suricata-5.0.3/src/threads.c
Examining data/suricata-5.0.3/src/host-timeout.c
Examining data/suricata-5.0.3/src/detect-sip-protocol.c
Examining data/suricata-5.0.3/src/source-pcap-file.c
Examining data/suricata-5.0.3/src/util-file.h
Examining data/suricata-5.0.3/src/util-misc.h
Examining data/suricata-5.0.3/src/decode-template.h
Examining data/suricata-5.0.3/src/decode-null.h
Examining data/suricata-5.0.3/src/detect-modbus.h
Examining data/suricata-5.0.3/src/tm-queuehandlers.h
Examining data/suricata-5.0.3/src/detect-http-header.c
Examining data/suricata-5.0.3/src/detect-http-request-line.c
Examining data/suricata-5.0.3/src/log-droplog.c
Examining data/suricata-5.0.3/src/util-cidr.c
Examining data/suricata-5.0.3/src/decode-vxlan.h
Examining data/suricata-5.0.3/src/app-layer-nfs-tcp.c
Examining data/suricata-5.0.3/src/detect-tls-cert-serial.c
Examining data/suricata-5.0.3/src/detect-http-header-names.c
Examining data/suricata-5.0.3/src/detect-http-stat-msg.h
Examining data/suricata-5.0.3/src/detect-nfs-procedure.h
Examining data/suricata-5.0.3/src/util-lua-dns.h
Examining data/suricata-5.0.3/src/detect-http-content-type.h
Examining data/suricata-5.0.3/src/detect-sip-response-line.h
Examining data/suricata-5.0.3/src/log-droplog.h
Examining data/suricata-5.0.3/src/util-logopenfile.h
Examining data/suricata-5.0.3/src/app-layer-dns-udp.c
Examining data/suricata-5.0.3/src/output-json-smtp.h
Examining data/suricata-5.0.3/src/output-json-sip.h
Examining data/suricata-5.0.3/src/detect-http-start.h
Examining data/suricata-5.0.3/src/detect-base64-data.c
Examining data/suricata-5.0.3/src/detect-xbits.c
Examining data/suricata-5.0.3/src/util-luajit.h
Examining data/suricata-5.0.3/src/runmode-windivert.h
Examining data/suricata-5.0.3/src/output-json-netflow.h
Examining data/suricata-5.0.3/src/output-json-dnp3.h
Examining data/suricata-5.0.3/src/flow-queue.h
Examining data/suricata-5.0.3/src/output-json-dns.h
Examining data/suricata-5.0.3/src/detect-ipopts.h
Examining data/suricata-5.0.3/src/util-syslog.h
Examining data/suricata-5.0.3/src/util-lua-dnp3-objects.h
Examining data/suricata-5.0.3/src/detect-ipv6hdr.h
Examining data/suricata-5.0.3/src/detect-isdataat.h
Examining data/suricata-5.0.3/src/util-spm-bs.h
Examining data/suricata-5.0.3/src/log-httplog.h
Examining data/suricata-5.0.3/src/app-layer-snmp.c
Examining data/suricata-5.0.3/src/detect-sameip.c
Examining data/suricata-5.0.3/src/util-byte.c
Examining data/suricata-5.0.3/src/app-layer-enip.c
Examining data/suricata-5.0.3/src/app-layer-krb5.h
Examining data/suricata-5.0.3/src/detect-byte-extract.c
Examining data/suricata-5.0.3/src/threads.h
Examining data/suricata-5.0.3/src/detect-icmp-seq.h
Examining data/suricata-5.0.3/src/source-pfring.h
Examining data/suricata-5.0.3/src/runmode-af-packet.h
Examining data/suricata-5.0.3/src/output-lua.h
Examining data/suricata-5.0.3/src/util-strlcatu.c
Examining data/suricata-5.0.3/src/detect-engine-event.c
Examining data/suricata-5.0.3/src/detect-bsize.c
Examining data/suricata-5.0.3/src/detect-dataset.c
Examining data/suricata-5.0.3/src/detect-engine-register.c
Examining data/suricata-5.0.3/src/detect-tls-ja3s-hash.h
Examining data/suricata-5.0.3/src/device-storage.h
Examining data/suricata-5.0.3/src/runmode-af-packet.c
Examining data/suricata-5.0.3/src/output-json-file.c
Examining data/suricata-5.0.3/src/app-layer-dns-common.c
Examining data/suricata-5.0.3/src/util-magic.h
Examining data/suricata-5.0.3/src/detect-template-rust-buffer.c
Examining data/suricata-5.0.3/src/util-mpm-ac-ks.c
Examining data/suricata-5.0.3/src/datasets-sha256.c
Examining data/suricata-5.0.3/src/conf.h
Examining data/suricata-5.0.3/src/util-bloomfilter-counting.h
Examining data/suricata-5.0.3/src/flow-worker.c
Examining data/suricata-5.0.3/src/detect-pktvar.h
Examining data/suricata-5.0.3/src/detect-reference.h
Examining data/suricata-5.0.3/src/host.c
Examining data/suricata-5.0.3/src/detect-http-start.c
Examining data/suricata-5.0.3/src/output-flow.h
Examining data/suricata-5.0.3/src/detect-http-server-body.h
Examining data/suricata-5.0.3/src/host-timeout.h
Examining data/suricata-5.0.3/src/output-json-email-common.c
Examining data/suricata-5.0.3/src/util-strptime.c
Examining data/suricata-5.0.3/src/runmode-erf-file.h
Examining data/suricata-5.0.3/src/detect-filemagic.c
Examining data/suricata-5.0.3/src/util-classification-config.c
Examining data/suricata-5.0.3/src/detect-engine-threshold.c
Examining data/suricata-5.0.3/src/output-filedata.c
Examining data/suricata-5.0.3/src/util-pool-thread.h
Examining data/suricata-5.0.3/src/util-lua-http.c
Examining data/suricata-5.0.3/src/output-json-metadata.h
Examining data/suricata-5.0.3/src/output-json-anomaly.c
Examining data/suricata-5.0.3/src/util-affinity.c
Examining data/suricata-5.0.3/src/util-action.h
Examining data/suricata-5.0.3/src/util-thash.h
Examining data/suricata-5.0.3/src/detect-http-stat-code.h
Examining data/suricata-5.0.3/src/util-log-redis.c
Examining data/suricata-5.0.3/src/detect-l3proto.c
Examining data/suricata-5.0.3/src/decode-pppoe.h
Examining data/suricata-5.0.3/src/util-rohash.h
Examining data/suricata-5.0.3/src/util-decode-der.c
Examining data/suricata-5.0.3/src/decode-icmpv6.c
Examining data/suricata-5.0.3/src/flow-var.c
Examining data/suricata-5.0.3/src/util-device.h
Examining data/suricata-5.0.3/src/stream-tcp-list.c
Examining data/suricata-5.0.3/src/source-windivert.c
Examining data/suricata-5.0.3/src/util-spm-hs.h
Examining data/suricata-5.0.3/src/output-json-flow.c
Examining data/suricata-5.0.3/src/util-storage.c
Examining data/suricata-5.0.3/src/util-crypt.c
Examining data/suricata-5.0.3/src/detect-engine-build.h
Examining data/suricata-5.0.3/src/output-lua.c
Examining data/suricata-5.0.3/src/detect-dns-opcode.c
Examining data/suricata-5.0.3/src/util-host-info.c
Examining data/suricata-5.0.3/src/action-globals.h
Examining data/suricata-5.0.3/src/decode-events.c
Examining data/suricata-5.0.3/src/flow-hash.c
Examining data/suricata-5.0.3/src/app-layer-rdp.h
Examining data/suricata-5.0.3/src/source-erf-file.h
Examining data/suricata-5.0.3/src/detect-sip-stat-msg.h
Examining data/suricata-5.0.3/src/util-mpm-ac.c
Examining data/suricata-5.0.3/src/util-lua-ssh.h
Examining data/suricata-5.0.3/src/util-random.h
Examining data/suricata-5.0.3/src/util-mpm-ac-bs.h
Examining data/suricata-5.0.3/src/app-layer-protos.c
Examining data/suricata-5.0.3/src/util-profiling-locks.h
Examining data/suricata-5.0.3/src/detect-template2.c
Examining data/suricata-5.0.3/src/output-json-metadata.c
Examining data/suricata-5.0.3/src/detect-tos.c
Examining data/suricata-5.0.3/src/detect-datarep.c
Examining data/suricata-5.0.3/src/detect-asn1.c
Examining data/suricata-5.0.3/src/util-cidr.h
Examining data/suricata-5.0.3/src/output-json-smb.h
Examining data/suricata-5.0.3/src/output-json-http.c
Examining data/suricata-5.0.3/src/detect-itype.c
Examining data/suricata-5.0.3/src/detect-reference.c
Examining data/suricata-5.0.3/src/detect-ftpdata.h
Examining data/suricata-5.0.3/src/app-layer-htp-xff.h
Examining data/suricata-5.0.3/src/util-atomic.c
Examining data/suricata-5.0.3/src/detect-filemd5.c
Examining data/suricata-5.0.3/src/util-spm.c
Examining data/suricata-5.0.3/src/decode-vlan.h
Examining data/suricata-5.0.3/src/detect-tls-ja3-string.h
Examining data/suricata-5.0.3/src/util-lua-ja3.c
Examining data/suricata-5.0.3/src/detect-http-connection.c
Examining data/suricata-5.0.3/src/util-host-info.h
Examining data/suricata-5.0.3/src/defrag-hash.h
Examining data/suricata-5.0.3/src/util-clock.h
Examining data/suricata-5.0.3/src/util-running-modes.h
Examining data/suricata-5.0.3/src/app-layer-sip.h
Examining data/suricata-5.0.3/src/util-ebpf.c
Examining data/suricata-5.0.3/src/detect-bytetest.h
Examining data/suricata-5.0.3/src/detect-engine-siggroup.c
Examining data/suricata-5.0.3/src/decode-ethernet.c
Examining data/suricata-5.0.3/src/detect-sip-stat-code.h
Examining data/suricata-5.0.3/src/ippair.c
Examining data/suricata-5.0.3/src/detect-pcre.c
Examining data/suricata-5.0.3/src/log-filestore.h
Examining data/suricata-5.0.3/src/util-buffer.c
Examining data/suricata-5.0.3/src/detect-tls-sni.c
Examining data/suricata-5.0.3/src/detect-template-buffer.c
Examining data/suricata-5.0.3/src/detect-http-accept-enc.h
Examining data/suricata-5.0.3/src/util-optimize.h
Examining data/suricata-5.0.3/src/decode-events.h
Examining data/suricata-5.0.3/src/util-proto-name.h
Examining data/suricata-5.0.3/src/detect-filesha256.c
Examining data/suricata-5.0.3/src/tmqh-flow.h
Examining data/suricata-5.0.3/src/alert-syslog.c
Examining data/suricata-5.0.3/src/source-pcap-file-helper.c
Examining data/suricata-5.0.3/src/detect-mark.h
Examining data/suricata-5.0.3/src/output-json-ikev2.h
Examining data/suricata-5.0.3/src/util-misc.c
Examining data/suricata-5.0.3/src/util-magic.c
Examining data/suricata-5.0.3/src/detect-ttl.c
Examining data/suricata-5.0.3/src/util-napatech.c
Examining data/suricata-5.0.3/src/detect-engine-tag.h
Examining data/suricata-5.0.3/src/util-ioctl.h
Examining data/suricata-5.0.3/src/source-ipfw.c
Examining data/suricata-5.0.3/src/util-spm-bs2bm.c
Examining data/suricata-5.0.3/src/app-layer-snmp.h
Examining data/suricata-5.0.3/src/util-checksum.c
Examining data/suricata-5.0.3/src/detect-pkt-data.h
Examining data/suricata-5.0.3/src/decode-gre.h
Examining data/suricata-5.0.3/src/threads-debug.h
Examining data/suricata-5.0.3/src/util-print.h
Examining data/suricata-5.0.3/src/output-json-stats.h
Examining data/suricata-5.0.3/src/util-napatech.h
Examining data/suricata-5.0.3/src/detect-tls-cert-subject.c
Examining data/suricata-5.0.3/src/detect-sameip.h
Examining data/suricata-5.0.3/src/detect-flow.h
Examining data/suricata-5.0.3/src/detect-asn1.h
Examining data/suricata-5.0.3/src/util-mpm-ac-ks.h
Examining data/suricata-5.0.3/src/util-spm-bs2bm.h
Examining data/suricata-5.0.3/src/util-file-swf-decompression.c
Examining data/suricata-5.0.3/src/util-decode-der.h
Examining data/suricata-5.0.3/src/detect-tcp-flags.c
Examining data/suricata-5.0.3/src/util-spm.h
Examining data/suricata-5.0.3/src/stream.c
Examining data/suricata-5.0.3/src/detect-fragbits.h
Examining data/suricata-5.0.3/src/reputation.h
Examining data/suricata-5.0.3/src/detect-lua.h
Examining data/suricata-5.0.3/src/detect-file-data.h
Examining data/suricata-5.0.3/src/output-json-dnp3.c
Examining data/suricata-5.0.3/src/util-file.c
Examining data/suricata-5.0.3/src/detect-geoip.h
Examining data/suricata-5.0.3/src/detect-tcp-flags.h
Examining data/suricata-5.0.3/src/unix-manager.h
Examining data/suricata-5.0.3/src/output-json-alert.h
Examining data/suricata-5.0.3/src/detect-krb5-cname.c
Examining data/suricata-5.0.3/src/decode-sll.h
Examining data/suricata-5.0.3/src/output-json-tftp.h
Examining data/suricata-5.0.3/src/ippair.h
Examining data/suricata-5.0.3/src/runmode-pcap-file.h
Examining data/suricata-5.0.3/src/output-json-template-rust.h
Examining data/suricata-5.0.3/src/app-layer-parser.c
Examining data/suricata-5.0.3/src/detect-ssl-version.h
Examining data/suricata-5.0.3/src/log-cf-common.c
Examining data/suricata-5.0.3/src/detect-msg.c
Examining data/suricata-5.0.3/src/detect-fileext.c
Examining data/suricata-5.0.3/src/flow-util.c
Examining data/suricata-5.0.3/src/detect-mark.c
Examining data/suricata-5.0.3/src/runmode-pfring.h
Examining data/suricata-5.0.3/src/detect-http-accept.c
Examining data/suricata-5.0.3/src/host-storage.h
Examining data/suricata-5.0.3/src/detect-classtype.h
Examining data/suricata-5.0.3/src/detect-engine-payload.c
Examining data/suricata-5.0.3/src/detect-snmp-pdu_type.h
Examining data/suricata-5.0.3/src/detect-transform-md5.h
Examining data/suricata-5.0.3/src/output-json-alert.c
Examining data/suricata-5.0.3/src/detect-base64-data.h
Examining data/suricata-5.0.3/src/detect-parse.c
Examining data/suricata-5.0.3/src/flow-storage.c
Examining data/suricata-5.0.3/src/detect-engine-analyzer.c
Examining data/suricata-5.0.3/src/detect-engine-port.h
Examining data/suricata-5.0.3/src/detect-engine-prefilter.h
Examining data/suricata-5.0.3/src/source-pcap-file.h
Examining data/suricata-5.0.3/src/detect-transform-compress-whitespace.c
Examining data/suricata-5.0.3/src/flow-bypass.c
Examining data/suricata-5.0.3/src/app-layer-dcerpc-udp.c
Examining data/suricata-5.0.3/src/flow-timeout.h
Examining data/suricata-5.0.3/src/output-json-tftp.c
Examining data/suricata-5.0.3/src/source-nfq-prototypes.h
Examining data/suricata-5.0.3/src/util-lua-http.h
Examining data/suricata-5.0.3/src/detect-urilen.c
Examining data/suricata-5.0.3/src/detect-iprep.h
Examining data/suricata-5.0.3/src/detect-tag.h
Examining data/suricata-5.0.3/src/app-layer-dcerpc-udp.h
Examining data/suricata-5.0.3/src/util-memcmp.c
Examining data/suricata-5.0.3/src/output-json-nfs.c
Examining data/suricata-5.0.3/src/detect-bsize.h
Examining data/suricata-5.0.3/src/source-pcap.c
Examining data/suricata-5.0.3/src/detect-bytetest.c
Examining data/suricata-5.0.3/src/output-stats.h
Examining data/suricata-5.0.3/src/util-lua-dnp3.h
Examining data/suricata-5.0.3/src/datasets-string.h
Examining data/suricata-5.0.3/src/detect-flowbits.h
Examining data/suricata-5.0.3/src/detect-priority.c
Examining data/suricata-5.0.3/src/suricata.h
Examining data/suricata-5.0.3/src/runmode-ipfw.c
Examining data/suricata-5.0.3/src/output-tx.h
Examining data/suricata-5.0.3/src/detect-lua-extensions.c
Examining data/suricata-5.0.3/src/detect-flow.c
Examining data/suricata-5.0.3/src/util-crypt.h
Examining data/suricata-5.0.3/src/runmodes.c
Examining data/suricata-5.0.3/src/app-layer-nbss.h
Examining data/suricata-5.0.3/src/defrag-config.h
Examining data/suricata-5.0.3/src/util-bpf.h
Examining data/suricata-5.0.3/src/alert-unified2-alert.h
Examining data/suricata-5.0.3/src/ippair-bit.c
Examining data/suricata-5.0.3/src/decode-udp.c
Examining data/suricata-5.0.3/src/decode-ppp.h
Examining data/suricata-5.0.3/src/detect-target.h
Examining data/suricata-5.0.3/src/detect-sip-method.h
Examining data/suricata-5.0.3/src/win32-syscall.c
Examining data/suricata-5.0.3/src/win32-service.c
Examining data/suricata-5.0.3/src/util-lua.c
Examining data/suricata-5.0.3/src/util-hyperscan.c
Examining data/suricata-5.0.3/src/app-layer-dns-common.h
Examining data/suricata-5.0.3/src/util-debug.c
Examining data/suricata-5.0.3/src/log-tcp-data.h
Examining data/suricata-5.0.3/src/output-json-rdp.c
Examining data/suricata-5.0.3/src/detect-engine-prefilter.c
Examining data/suricata-5.0.3/src/flow-bit.h
Examining data/suricata-5.0.3/src/output-flow.c
Examining data/suricata-5.0.3/src/detect-rawbytes.c
Examining data/suricata-5.0.3/src/tm-threads-common.h
Examining data/suricata-5.0.3/src/detect-http-host.c
Examining data/suricata-5.0.3/src/detect-tls-cert-fingerprint.h
Examining data/suricata-5.0.3/src/decode-template.c
Examining data/suricata-5.0.3/src/detect-ssh-software.c
Examining data/suricata-5.0.3/src/util-pool-thread.c
Examining data/suricata-5.0.3/src/detect-metadata.c
Examining data/suricata-5.0.3/src/detect-msg.h
Examining data/suricata-5.0.3/src/detect-sip-stat-code.c
Examining data/suricata-5.0.3/src/detect-hostbits.c
Examining data/suricata-5.0.3/src/decode-ipv6.c
Examining data/suricata-5.0.3/src/detect.c
Examining data/suricata-5.0.3/src/decode-teredo.h
Examining data/suricata-5.0.3/src/app-layer-register.h
Examining data/suricata-5.0.3/src/detect-sip-protocol.h
Examining data/suricata-5.0.3/src/util-error.h
Examining data/suricata-5.0.3/src/output-json-stats.c
Examining data/suricata-5.0.3/src/detect-engine-address-ipv4.c
Examining data/suricata-5.0.3/src/detect-engine-sigorder.c
Examining data/suricata-5.0.3/src/tm-threads.c
Examining data/suricata-5.0.3/src/detect-http-cookie.c
Examining data/suricata-5.0.3/src/util-lua-dnp3.c
Examining data/suricata-5.0.3/src/detect-rpc.c
Examining data/suricata-5.0.3/src/util-debug.h
Examining data/suricata-5.0.3/src/detect-engine-sigorder.h
Examining data/suricata-5.0.3/src/util-hash-lookup3.h
Examining data/suricata-5.0.3/src/detect-http-response-line.c
Examining data/suricata-5.0.3/src/util-decode-mime.h
Examining data/suricata-5.0.3/src/util-print.c
Examining data/suricata-5.0.3/src/detect-engine-iponly.h
Examining data/suricata-5.0.3/src/detect-http-server-body.c
Examining data/suricata-5.0.3/src/app-layer-ssl.h
Examining data/suricata-5.0.3/src/output-json-dns.c
Examining data/suricata-5.0.3/src/detect-krb5-errcode.h
Examining data/suricata-5.0.3/src/decode-tcp.c
Examining data/suricata-5.0.3/src/util-pool.c
Examining data/suricata-5.0.3/src/output-json-tls.h
Examining data/suricata-5.0.3/src/detect-dce-stub-data.c
Examining data/suricata-5.0.3/src/util-lua-common.h
Examining data/suricata-5.0.3/src/detect-http-uri.h
Examining data/suricata-5.0.3/src/output-json-flow.h
Examining data/suricata-5.0.3/src/output-json-tls.c
Examining data/suricata-5.0.3/src/util-bloomfilter-counting.c
Examining data/suricata-5.0.3/src/flow-bypass.h
Examining data/suricata-5.0.3/src/runmode-pcap.c
Examining data/suricata-5.0.3/src/detect-http-method.h
Examining data/suricata-5.0.3/src/runmode-windivert.c
Examining data/suricata-5.0.3/src/detect-transform-sha1.h
Examining data/suricata-5.0.3/src/detect-transform-sha256.c
Examining data/suricata-5.0.3/src/util-unittest-helper.c
Examining data/suricata-5.0.3/src/stream-tcp-util.h
Examining data/suricata-5.0.3/src/detect-tcpmss.c
Examining data/suricata-5.0.3/src/detect-tls-ja3-hash.c
Examining data/suricata-5.0.3/src/util-fix_checksum.c
Examining data/suricata-5.0.3/src/output-tx.c
Examining data/suricata-5.0.3/src/output-json.h
Examining data/suricata-5.0.3/src/decode-sll.c
Examining data/suricata-5.0.3/src/detect-stream_size.h
Examining data/suricata-5.0.3/src/detect-flowint.c
Examining data/suricata-5.0.3/src/detect-app-layer-protocol.h
Examining data/suricata-5.0.3/src/detect-tls-sni.h
Examining data/suricata-5.0.3/src/output-file.c
Examining data/suricata-5.0.3/src/detect-engine-payload.h
Examining data/suricata-5.0.3/src/detect-http-referer.c
Examining data/suricata-5.0.3/src/detect-isdataat.c
Examining data/suricata-5.0.3/src/detect-itype.h
Examining data/suricata-5.0.3/src/detect-transform-dotprefix.c
Examining data/suricata-5.0.3/src/source-af-packet.h
Examining data/suricata-5.0.3/src/util-device.c
Examining data/suricata-5.0.3/src/detect-tls-version.c
Examining data/suricata-5.0.3/src/detect-engine-enip.h
Examining data/suricata-5.0.3/src/output-json-dhcp.c
Examining data/suricata-5.0.3/src/flow-util.h
Examining data/suricata-5.0.3/src/flow.h
Examining data/suricata-5.0.3/src/util-host-os-info.h
Examining data/suricata-5.0.3/src/detect-krb5-msgtype.h
Examining data/suricata-5.0.3/src/app-layer-ssh.c
Examining data/suricata-5.0.3/src/app-layer-template.h
Examining data/suricata-5.0.3/src/debug.h
Examining data/suricata-5.0.3/src/detect-engine-analyzer.h
Examining data/suricata-5.0.3/src/detect-transform-sha256.h
Examining data/suricata-5.0.3/src/detect-template-buffer.h
Examining data/suricata-5.0.3/src/ippair-bit.h
Examining data/suricata-5.0.3/src/util-lua-tls.h
Examining data/suricata-5.0.3/src/util-var-name.h
Examining data/suricata-5.0.3/src/flow-manager.h
Examining data/suricata-5.0.3/src/flow-var.h
Examining data/suricata-5.0.3/src/detect-engine-enip.c
Examining data/suricata-5.0.3/src/util-cpu.c
Examining data/suricata-5.0.3/src/host-bit.c
Examining data/suricata-5.0.3/src/log-cf-common.h
Examining data/suricata-5.0.3/src/decode-raw.c
Examining data/suricata-5.0.3/src/defrag-timeout.h
Examining data/suricata-5.0.3/src/detect-modbus.c
Examining data/suricata-5.0.3/src/flow-storage.h
Examining data/suricata-5.0.3/src/app-layer-modbus.c
Examining data/suricata-5.0.3/src/detect-flowint.h
Examining data/suricata-5.0.3/src/detect-base64-decode.c
Examining data/suricata-5.0.3/src/stream-tcp-util.c
Examining data/suricata-5.0.3/src/detect-ipv4hdr.c
Examining data/suricata-5.0.3/src/detect-dce-stub-data.h
Examining data/suricata-5.0.3/src/app-layer-template-rust.c
Examining data/suricata-5.0.3/src/detect-filesize.h
Examining data/suricata-5.0.3/src/util-enum.c
Examining data/suricata-5.0.3/src/detect-engine.h
Examining data/suricata-5.0.3/src/util-ja3.c
Examining data/suricata-5.0.3/src/datasets-reputation.h
Examining data/suricata-5.0.3/src/ippair-storage.h
Examining data/suricata-5.0.3/src/app-layer-dcerpc.h
Examining data/suricata-5.0.3/src/util-rohash.c
Examining data/suricata-5.0.3/src/util-bloomfilter.h
Examining data/suricata-5.0.3/src/source-nfq.c
Examining data/suricata-5.0.3/src/detect-sid.c
Examining data/suricata-5.0.3/src/output-json-file.h
Examining data/suricata-5.0.3/src/app-layer-nfs-tcp.h
Examining data/suricata-5.0.3/src/detect-content.c
Examining data/suricata-5.0.3/src/app-layer-tftp.c
Examining data/suricata-5.0.3/src/respond-reject.h
Examining data/suricata-5.0.3/src/tmqh-flow.c
Examining data/suricata-5.0.3/src/tm-modules.c
Examining data/suricata-5.0.3/src/detect-tls-version.h
Examining data/suricata-5.0.3/src/app-layer-parser.h
Examining data/suricata-5.0.3/src/source-pcap-file-directory-helper.h
Examining data/suricata-5.0.3/src/util-detect.c
Examining data/suricata-5.0.3/src/detect-ssh-software.h
Examining data/suricata-5.0.3/src/runmode-nfq.h
Examining data/suricata-5.0.3/src/detect-depth.h
Examining data/suricata-5.0.3/src/detect-engine-iponly.c
Examining data/suricata-5.0.3/src/detect-icode.h
Examining data/suricata-5.0.3/src/app-layer-ntp.c
Examining data/suricata-5.0.3/src/util-fix_checksum.h
Examining data/suricata-5.0.3/src/detect-sip-response-line.c
Examining data/suricata-5.0.3/src/decode-pppoe.c
Examining data/suricata-5.0.3/src/detect-http-content-type.c
Examining data/suricata-5.0.3/src/util-fmemopen.h
Examining data/suricata-5.0.3/src/decode-sctp.h
Examining data/suricata-5.0.3/src/util-rule-vars.h
Examining data/suricata-5.0.3/src/detect-file-data.c
Examining data/suricata-5.0.3/src/detect-tls-cert-fingerprint.c
Examining data/suricata-5.0.3/src/stream-tcp-inline.c
Examining data/suricata-5.0.3/src/util-privs.h
Examining data/suricata-5.0.3/src/detect-tcp-seq.h
Examining data/suricata-5.0.3/src/util-memcmp.h
Examining data/suricata-5.0.3/src/output-json-ikev2.c
Examining data/suricata-5.0.3/src/tm-threads.h
Examining data/suricata-5.0.3/src/output-json-template-rust.c
Examining data/suricata-5.0.3/src/output-json-smtp.c
Examining data/suricata-5.0.3/src/detect-icmp-id.c
Examining data/suricata-5.0.3/src/detect-ssh-software-version.h
Examining data/suricata-5.0.3/src/defrag-hash.c
Examining data/suricata-5.0.3/src/util-mem.h
Examining data/suricata-5.0.3/src/source-nfq.h
Examining data/suricata-5.0.3/src/util-profiling-keywords.c
Examining data/suricata-5.0.3/src/detect-engine-event.h
Examining data/suricata-5.0.3/src/detect-prefilter.c
Examining data/suricata-5.0.3/src/util-proto-name.c
Examining data/suricata-5.0.3/src/detect-http-header-common.c
Examining data/suricata-5.0.3/src/detect-dce-opnum.c
Examining data/suricata-5.0.3/src/detect-tcp-ack.c
Examining data/suricata-5.0.3/src/detect-icode.c
Examining data/suricata-5.0.3/src/app-layer-ntp.h
Examining data/suricata-5.0.3/src/util-path.h
Examining data/suricata-5.0.3/src/detect-rpc.h
Examining data/suricata-5.0.3/src/detect-tls-cert-subject.h
Examining data/suricata-5.0.3/src/detect-http-headers.c
Examining data/suricata-5.0.3/src/decode-afl.c
Examining data/suricata-5.0.3/src/detect-tcp-window.h
Examining data/suricata-5.0.3/src/decode-erspan.c
Examining data/suricata-5.0.3/src/alert-unified2-alert.c
Examining data/suricata-5.0.3/src/detect-byte-extract.h
Examining data/suricata-5.0.3/src/detect-fileext.h
Examining data/suricata-5.0.3/src/detect-pktvar.c
Examining data/suricata-5.0.3/src/util-mpm-ac-bs.c
Examining data/suricata-5.0.3/src/util-hash-string.h
Examining data/suricata-5.0.3/src/detect-uricontent.h
Examining data/suricata-5.0.3/src/stream-tcp-sack.h
Examining data/suricata-5.0.3/src/output-streaming.c
Examining data/suricata-5.0.3/src/detect-http-stat-code.c
Examining data/suricata-5.0.3/src/detect-app-layer-event.c
Examining data/suricata-5.0.3/src/detect-tls-certs.h
Examining data/suricata-5.0.3/src/suricata.c
Examining data/suricata-5.0.3/src/output-json-template.c
Examining data/suricata-5.0.3/src/detect-dns-query.h
Examining data/suricata-5.0.3/src/util-lua-tls.c
Examining data/suricata-5.0.3/src/runmode-pcap-file.c
Examining data/suricata-5.0.3/src/util-log-redis.h
Examining data/suricata-5.0.3/src/util-pool.h
Examining data/suricata-5.0.3/src/source-nflog.h
Examining data/suricata-5.0.3/src/app-layer-detect-proto.c
Examining data/suricata-5.0.3/src/defrag.c
Examining data/suricata-5.0.3/src/app-layer-enip-common.h
Examining data/suricata-5.0.3/src/detect-dsize.h
Examining data/suricata-5.0.3/src/detect-bytejump.h
Examining data/suricata-5.0.3/src/util-hashlist.c
Examining data/suricata-5.0.3/src/detect-engine-address.h
Examining data/suricata-5.0.3/src/ippair-timeout.c
Examining data/suricata-5.0.3/src/output-packet.c
Examining data/suricata-5.0.3/src/conf-yaml-loader.h
Examining data/suricata-5.0.3/src/runmode-nflog.h
Examining data/suricata-5.0.3/src/source-windivert-prototypes.h
Examining data/suricata-5.0.3/src/detect-rev.h
Examining data/suricata-5.0.3/src/detect-flowbits.c
Examining data/suricata-5.0.3/src/util-hash.h
Examining data/suricata-5.0.3/src/util-runmodes.h
Examining data/suricata-5.0.3/src/app-layer-htp-mem.c
Examining data/suricata-5.0.3/src/tmqh-packetpool.c
Examining data/suricata-5.0.3/src/detect-replace.c
Examining data/suricata-5.0.3/src/decode-icmpv4.h
Examining data/suricata-5.0.3/src/detect-ssh-software-version.c
Examining data/suricata-5.0.3/src/detect-l3proto.h
Examining data/suricata-5.0.3/src/runmode-unittests.h
Examining data/suricata-5.0.3/src/runmode-unix-socket.h
Examining data/suricata-5.0.3/src/detect-engine-dcepayload.h
Examining data/suricata-5.0.3/src/util-streaming-buffer.c
Examining data/suricata-5.0.3/src/detect-nocase.c
Examining data/suricata-5.0.3/src/detect-engine-state.h
Examining data/suricata-5.0.3/src/detect-ipproto.c
Examining data/suricata-5.0.3/src/util-coredump-config.h
Examining data/suricata-5.0.3/src/util-detect.h
Examining data/suricata-5.0.3/src/counters.h
Examining data/suricata-5.0.3/src/detect-threshold.c
Examining data/suricata-5.0.3/src/detect-http-request-line.h
Examining data/suricata-5.0.3/src/detect-http-ua.h
Examining data/suricata-5.0.3/src/util-ip.c
Examining data/suricata-5.0.3/src/util-daemon.h
Examining data/suricata-5.0.3/src/detect-http-host.h
Examining data/suricata-5.0.3/src/datasets-md5.c
Examining data/suricata-5.0.3/src/util-fmemopen.c
Examining data/suricata-5.0.3/src/detect-filesize.c
Examining data/suricata-5.0.3/src/detect-ftpbounce.h
Examining data/suricata-5.0.3/src/detect-filesha256.h
Examining data/suricata-5.0.3/src/app-layer-htp.h
Examining data/suricata-5.0.3/src/tmqh-simple.h
Examining data/suricata-5.0.3/src/util-hash-string.c
Examining data/suricata-5.0.3/src/util-lua-smtp.c
Examining data/suricata-5.0.3/src/output.c
Examining data/suricata-5.0.3/src/detect-engine-address-ipv6.c
Examining data/suricata-5.0.3/src/detect-sip-uri.h
Examining data/suricata-5.0.3/src/source-netmap.c
Examining data/suricata-5.0.3/src/detect-tag.c
Examining data/suricata-5.0.3/src/output-json-rdp.h
Examining data/suricata-5.0.3/src/util-host-os-info.c
Examining data/suricata-5.0.3/src/detect-http-server.h
Examining data/suricata-5.0.3/src/detect-http-method.c
Examining data/suricata-5.0.3/src/detect-uricontent.c
Examining data/suricata-5.0.3/src/detect-tcphdr.h
Examining data/suricata-5.0.3/src/app-layer-ftp.h
Examining data/suricata-5.0.3/src/detect-nfs-version.h
Examining data/suricata-5.0.3/src/detect-http-stat-msg.c
Examining data/suricata-5.0.3/src/util-profiling-prefilter.c
Examining data/suricata-5.0.3/src/app-layer-modbus.h
Examining data/suricata-5.0.3/src/util-path.c
Examining data/suricata-5.0.3/src/app-layer-template-rust.h
Examining data/suricata-5.0.3/src/output-json-common.c
Examining data/suricata-5.0.3/src/detect-udphdr.h
Examining data/suricata-5.0.3/src/detect-filestore.c
Examining data/suricata-5.0.3/src/detect-dnp3.h
Examining data/suricata-5.0.3/src/detect-udphdr.c
Examining data/suricata-5.0.3/src/util-reference-config.c
Examining data/suricata-5.0.3/src/detect-dnp3.c
Examining data/suricata-5.0.3/src/detect-template.c
Examining data/suricata-5.0.3/src/detect-ftpdata.c
Examining data/suricata-5.0.3/src/output-json-krb5.h
Examining data/suricata-5.0.3/src/output-json-netflow.c
Examining data/suricata-5.0.3/src/util-base64.h
Examining data/suricata-5.0.3/src/detect-transform-sha1.c
Examining data/suricata-5.0.3/src/detect-icmp-id.h
Examining data/suricata-5.0.3/src/detect-ssh-proto-version.c
Examining data/suricata-5.0.3/src/detect-ftpbounce.c
Examining data/suricata-5.0.3/src/tm-modules.h
Examining data/suricata-5.0.3/src/app-layer-expectation.c
Examining data/suricata-5.0.3/src/source-napatech.c
Examining data/suricata-5.0.3/src/source-pcap-file-helper.h
Examining data/suricata-5.0.3/src/detect-ttl.h
Examining data/suricata-5.0.3/src/util-strlcpyu.c
Examining data/suricata-5.0.3/src/detect-http-accept.h
Examining data/suricata-5.0.3/src/detect-stream_size.c
Examining data/suricata-5.0.3/src/detect-transform-strip-whitespace.h
Examining data/suricata-5.0.3/src/tm-queuehandlers.c
Examining data/suricata-5.0.3/src/detect-krb5-cname.h
Examining data/suricata-5.0.3/src/conf.c
Examining data/suricata-5.0.3/src/detect-engine-address.c
Examining data/suricata-5.0.3/src/output-json-smb.c
Examining data/suricata-5.0.3/src/app-layer.c
Examining data/suricata-5.0.3/src/counters.c
Examining data/suricata-5.0.3/src/detect.h
Examining data/suricata-5.0.3/src/util-profiling-rules.c
Examining data/suricata-5.0.3/src/detect-gid.h
Examining data/suricata-5.0.3/src/util-affinity.h
Examining data/suricata-5.0.3/src/detect-engine-prefilter-common.c
Examining data/suricata-5.0.3/src/detect-http-headers-stub.h
Examining data/suricata-5.0.3/src/decode-gre.c
Examining data/suricata-5.0.3/src/alert-fastlog.h
Examining data/suricata-5.0.3/src/source-napatech.h
Examining data/suricata-5.0.3/src/detect-tls-ja3s-hash.c
Examining data/suricata-5.0.3/src/decode-vxlan.c
Examining data/suricata-5.0.3/src/decode-ppp.c
Examining data/suricata-5.0.3/src/detect-snmp-community.h
Examining data/suricata-5.0.3/src/util-pidfile.h
Examining data/suricata-5.0.3/src/util-lua-ssh.c
Examining data/suricata-5.0.3/src/util-mpm.c
Examining data/suricata-5.0.3/src/util-pages.h
Examining data/suricata-5.0.3/src/detect-ipopts.c
Examining data/suricata-5.0.3/src/detect-distance.h
Examining data/suricata-5.0.3/src/detect-noalert.h
Examining data/suricata-5.0.3/src/app-layer-sip.c
Examining data/suricata-5.0.3/src/util-prefilter.c
Examining data/suricata-5.0.3/src/app-layer-protos.h
Examining data/suricata-5.0.3/src/util-threshold-config.h
Examining data/suricata-5.0.3/src/detect-http-raw-header.h
Examining data/suricata-5.0.3/src/app-layer-htp-xff.c
Examining data/suricata-5.0.3/src/app-layer-nfs-udp.c
Examining data/suricata-5.0.3/src/win32-misc.c
Examining data/suricata-5.0.3/src/detect-engine-file.h
Examining data/suricata-5.0.3/src/detect-dce-iface.c
Examining data/suricata-5.0.3/src/log-stats.h
Examining data/suricata-5.0.3/src/detect-tls-ja3s-string.c
Examining data/suricata-5.0.3/src/decode-udp.h
Examining data/suricata-5.0.3/src/detect-fragbits.c
Examining data/suricata-5.0.3/src/detect-detection-filter.c
Examining data/suricata-5.0.3/src/app-layer-smtp.h
Examining data/suricata-5.0.3/src/util-prefilter.h
Examining data/suricata-5.0.3/src/decode-vlan.c
Examining data/suricata-5.0.3/src/app-layer-dns-tcp.c
Examining data/suricata-5.0.3/src/alert-prelude.c
Examining data/suricata-5.0.3/src/source-erf-file.c
Examining data/suricata-5.0.3/src/runmode-erf-dag.c
Examining data/suricata-5.0.3/src/pkt-var.c
Examining data/suricata-5.0.3/src/log-tlsstore.h
Examining data/suricata-5.0.3/src/app-layer-smb.h
Examining data/suricata-5.0.3/src/source-nflog.c
Examining data/suricata-5.0.3/src/decode-mpls.h
Examining data/suricata-5.0.3/src/detect-engine-port.c
Examining data/suricata-5.0.3/src/detect-replace.h
Examining data/suricata-5.0.3/src/util-byte.h
Examining data/suricata-5.0.3/src/app-layer-enip.h
Examining data/suricata-5.0.3/src/detect-nfs-procedure.c
Examining data/suricata-5.0.3/src/util-atomic.h
Examining data/suricata-5.0.3/src/ippair-queue.h
Examining data/suricata-5.0.3/src/detect-engine-proto.h
Examining data/suricata-5.0.3/src/detect-filename.c
Examining data/suricata-5.0.3/src/detect-http-header-names.h
Examining data/suricata-5.0.3/src/decode-sctp.c
Examining data/suricata-5.0.3/src/stream-tcp-reassemble.h
Examining data/suricata-5.0.3/src/detect-engine-siggroup.h
Examining data/suricata-5.0.3/src/flow-manager.c
Examining data/suricata-5.0.3/src/output-json-drop.h
Examining data/suricata-5.0.3/src/util-thash.c
Examining data/suricata-5.0.3/src/respond-reject.c
Examining data/suricata-5.0.3/src/util-mpm-hs.c
Examining data/suricata-5.0.3/src/detect-engine-tag.c
Examining data/suricata-5.0.3/src/detect-snmp-version.h
Examining data/suricata-5.0.3/src/detect-fragoffset.h
Examining data/suricata-5.0.3/src/win32-service.h
Examining data/suricata-5.0.3/src/app-layer-dnp3.c
Examining data/suricata-5.0.3/src/detect-bypass.c
Examining data/suricata-5.0.3/src/app-layer-dcerpc.c
Examining data/suricata-5.0.3/src/decode-ipv4.c
Examining data/suricata-5.0.3/src/detect-tls-cert-validity.h
Examining data/suricata-5.0.3/src/detect-gid.c
Examining data/suricata-5.0.3/src/threadvars.h
Examining data/suricata-5.0.3/src/runmode-napatech.c
Examining data/suricata-5.0.3/src/util-buffer.h
Examining data/suricata-5.0.3/src/runmode-netmap.h
Examining data/suricata-5.0.3/src/defrag-config.c
Examining data/suricata-5.0.3/src/detect-http-location.h
Examining data/suricata-5.0.3/src/host-queue.c
Examining data/suricata-5.0.3/src/util-decode-mime.c
Examining data/suricata-5.0.3/src/detect-http-protocol.h
Examining data/suricata-5.0.3/src/util-reference-config.h
Examining data/suricata-5.0.3/src/detect-file-hash-common.c
Examining data/suricata-5.0.3/src/util-spm-bm.c
Examining data/suricata-5.0.3/src/detect-nfs-version.c
Examining data/suricata-5.0.3/src/util-ioctl.c
Examining data/suricata-5.0.3/src/output-json-email-common.h
Examining data/suricata-5.0.3/src/win32-syslog.h
Examining data/suricata-5.0.3/src/output-json-dnp3-objects.c
Examining data/suricata-5.0.3/src/detect-lua.c
Examining data/suricata-5.0.3/src/detect-tcp-ack.h
Examining data/suricata-5.0.3/src/detect-engine-profile.h
Examining data/suricata-5.0.3/src/runmode-nfq.c
Examining data/suricata-5.0.3/src/detect-classtype.c
Examining data/suricata-5.0.3/src/alert-fastlog.c
Examining data/suricata-5.0.3/src/detect-engine-build.c
Examining data/suricata-5.0.3/src/detect-engine-prefilter-common.h
Examining data/suricata-5.0.3/src/app-layer-events.c
Examining data/suricata-5.0.3/src/app-layer-nfs-udp.h
Examining data/suricata-5.0.3/src/ippair-storage.c
Examining data/suricata-5.0.3/src/detect-ipv4hdr.h
Examining data/suricata-5.0.3/src/detect-http-headers.h
Examining data/suricata-5.0.3/src/detect-ssl-state.c
Examining data/suricata-5.0.3/src/datasets-md5.h
Examining data/suricata-5.0.3/src/packet-queue.c
Examining data/suricata-5.0.3/src/log-pcap.c
Examining data/suricata-5.0.3/src/detect-urilen.h
Examining data/suricata-5.0.3/src/detect-ssl-version.c
Examining data/suricata-5.0.3/src/log-tlsstore.c
Examining data/suricata-5.0.3/src/app-layer-tftp.h
Examining data/suricata-5.0.3/src/util-luajit.c
Examining data/suricata-5.0.3/src/detect-target.c
Examining data/suricata-5.0.3/src/detect-tls-ja3-hash.h
Examining data/suricata-5.0.3/src/detect-engine-content-inspection.c
Examining data/suricata-5.0.3/src/detect-transform-compress-whitespace.h
Examining data/suricata-5.0.3/src/util-action.c
Examining data/suricata-5.0.3/src/runmode-erf-file.c
Examining data/suricata-5.0.3/src/detect-filename.h
Examining data/suricata-5.0.3/src/util-decode-asn1.h
Examining data/suricata-5.0.3/src/output.h
Examining data/suricata-5.0.3/src/detect-engine-dcepayload.c
Examining data/suricata-5.0.3/src/tm-queues.c
Examining data/suricata-5.0.3/src/output-json-http.h
Examining data/suricata-5.0.3/src/ippair-timeout.h
Examining data/suricata-5.0.3/src/detect-within.c
Examining data/suricata-5.0.3/src/detect-tls-cert-validity.c
Examining data/suricata-5.0.3/src/app-layer-rdp.c
Examining data/suricata-5.0.3/src/detect-tls-cert-serial.h
Examining data/suricata-5.0.3/src/detect-flowvar.c
Examining data/suricata-5.0.3/src/detect-engine-state.c
Examining data/suricata-5.0.3/src/datasets-string.c
Examining data/suricata-5.0.3/src/detect-engine-profile.c
Examining data/suricata-5.0.3/src/detect-engine-dns.h
Examining data/suricata-5.0.3/src/detect-id.h
Examining data/suricata-5.0.3/src/util-conf.h
Examining data/suricata-5.0.3/src/detect-distance.c
Examining data/suricata-5.0.3/src/detect-krb5-sname.h
Examining data/suricata-5.0.3/src/detect-cipservice.h
Examining data/suricata-5.0.3/src/util-coredump-config.c
Examining data/suricata-5.0.3/src/detect-offset.c
Examining data/suricata-5.0.3/src/util-lua.h
Examining data/suricata-5.0.3/src/runmode-unittests.c
Examining data/suricata-5.0.3/src/decode-tcp.h
Examining data/suricata-5.0.3/src/util-random.c
Examining data/suricata-5.0.3/src/detect-cipservice.c
Examining data/suricata-5.0.3/src/util-file-swf-decompression.h
Examining data/suricata-5.0.3/src/detect-rev.c
Examining data/suricata-5.0.3/src/runmode-napatech.h
Examining data/suricata-5.0.3/src/detect-tls-cert-issuer.h
Examining data/suricata-5.0.3/src/detect-engine-alert.c
Examining data/suricata-5.0.3/src/host-storage.c
Examining data/suricata-5.0.3/src/util-var.c
Examining data/suricata-5.0.3/src/detect-offset.h
Examining data/suricata-5.0.3/src/output-json-ssh.c
Examining data/suricata-5.0.3/src/util-running-modes.c
Examining data/suricata-5.0.3/src/detect-http-response-line.h
Examining data/suricata-5.0.3/src/app-layer-dnp3-objects.c
Examining data/suricata-5.0.3/src/detect-transform-dotprefix.h
Examining data/suricata-5.0.3/src/log-tcp-data.c
Examining data/suricata-5.0.3/src/output-json-dnp3-objects.h
Examining data/suricata-5.0.3/src/util-radix-tree.c
Examining data/suricata-5.0.3/src/detect-http-ua.c
Examining data/suricata-5.0.3/src/detect-dce-opnum.h
Examining data/suricata-5.0.3/src/detect-hostbits.h
Examining data/suricata-5.0.3/src/detect-tls.c
Examining data/suricata-5.0.3/src/stream-tcp-sack.c
Examining data/suricata-5.0.3/src/detect-engine-modbus.c
Examining data/suricata-5.0.3/src/util-vector.h
Examining data/suricata-5.0.3/src/detect-engine-file.c
Examining data/suricata-5.0.3/src/detect-app-layer-protocol.c
Examining data/suricata-5.0.3/src/flow.c
Examining data/suricata-5.0.3/src/detect-http-content-len.h
Examining data/suricata-5.0.3/src/detect-smb-share.h
Examining data/suricata-5.0.3/src/detect-filestore.h
Examining data/suricata-5.0.3/src/util-spm-hs.c
Examining data/suricata-5.0.3/src/util-spm-bm.h
Examining data/suricata-5.0.3/src/util-time.h
Examining data/suricata-5.0.3/src/util-lua-ja3.h
Examining data/suricata-5.0.3/src/runmode-pfring.c
Examining data/suricata-5.0.3/src/detect-lua-extensions.h
Examining data/suricata-5.0.3/src/log-filestore.c
Examining data/suricata-5.0.3/src/detect-threshold.h
Examining data/suricata-5.0.3/src/decode-null.c
Examining data/suricata-5.0.3/src/util-lua-smtp.h
Examining data/suricata-5.0.3/src/util-ja3.h
Examining data/suricata-5.0.3/src/util-memcpy.h
Examining data/suricata-5.0.3/src/detect-dsize.c
Examining data/suricata-5.0.3/src/detect-flowvar.h
Examining data/suricata-5.0.3/src/device-storage.c
Examining data/suricata-5.0.3/src/util-file-decompression.c
Examining data/suricata-5.0.3/src/app-layer-smb.c
Examining data/suricata-5.0.3/src/detect-http-accept-lang.h
Examining data/suricata-5.0.3/src/detect-sip-request-line.c
Examining data/suricata-5.0.3/src/app-layer-register.c
Examining data/suricata-5.0.3/src/stream-tcp-private.h
Examining data/suricata-5.0.3/src/detect-tos.h
Examining data/suricata-5.0.3/src/app-layer-dns-udp.h
Examining data/suricata-5.0.3/src/stream.h
Examining data/suricata-5.0.3/src/util-classification-config.h
Examining data/suricata-5.0.3/src/util-time.c
Examining data/suricata-5.0.3/src/detect-engine-dns.c
Examining data/suricata-5.0.3/src/unix-manager.c
Examining data/suricata-5.0.3/src/suricata-common.h
Examining data/suricata-5.0.3/src/app-layer-htp-body.c
Examining data/suricata-5.0.3/src/app-layer-htp-file.c
Examining data/suricata-5.0.3/src/app-layer-htp-libhtp.c
Examining data/suricata-5.0.3/src/app-layer-htp-libhtp.h
Examining data/suricata-5.0.3/src/app-layer-htp.c
Examining data/suricata-5.0.3/src/app-layer-smtp.c
Examining data/suricata-5.0.3/src/conf-yaml-loader.c
Examining data/suricata-5.0.3/src/detect-engine-mpm.c
Examining data/suricata-5.0.3/src/util-daemon.c
Examining data/suricata-5.0.3/src/util-decode-asn1.c
Examining data/suricata-5.0.3/src/util-privs.c
Examining data/suricata-5.0.3/src/source-af-packet.c
FINAL RESULTS:
data/suricata-5.0.3/src/unix-manager.c:195:11: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
ret = chmod(sockettarget, S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP);
data/suricata-5.0.3/src/util-logopenfile.c:284:21: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
int r = chmod(filename, mode);
data/suricata-5.0.3/src/alert-fastlog.c:151:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(proto, sizeof(proto), "PROTO:%03" PRIu32, IP_GET_IPPROTO(p));
data/suricata-5.0.3/src/alert-unified2-alert.c:1477:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(filename, PATH_MAX, "%s/%s.%" PRIu32, log_dir, prefix, (uint32_t)ts.tv_sec);
data/suricata-5.0.3/src/app-layer-dcerpc.c:102:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(addrstr, sizeof(addrstr), "%.4"PRIx64,
data/suricata-5.0.3/src/app-layer-dcerpc.c:105:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(addrstr, sizeof(addrstr), "%.4"PRIx32,
data/suricata-5.0.3/src/app-layer-htp.c:3894:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:4243:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be 2, is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:4328:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be 5, is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5013:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5040:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5066:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5182:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5209:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5349:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5376:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5486:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5596:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5706:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5817:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:5925:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-htp.c:6034:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("normalized uri len should be %"PRIuMAX", is %"PRIuMAX,
data/suricata-5.0.3/src/app-layer-smtp.c:4382:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for smtp failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/app-layer-smtp.c:4407:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for smtp failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/app-layer-smtp.c:4526:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for smtp failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/app-layer-smtp.c:4550:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for smtp failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/app-layer-smtp.c:4568:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for smtp failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/app-layer-ssl.c:489:18: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
i += snprintf(ssl_state->server_connp.cert0_fingerprint + i,
data/suricata-5.0.3/src/decode-ipv4.c:1308:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("defragged pseudo packet's and parent packet's pkt lens "
data/suricata-5.0.3/src/decode-ipv4.c:1596:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("defragged pseudo packet's and parent packet's pkt lens "
data/suricata-5.0.3/src/detect-bsize.c:129:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(_buf, sizeof(_buf), __VA_ARGS__); \
data/suricata-5.0.3/src/detect-dce-opnum.c:2223:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpcrequest1 failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2247:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpcresponse1 failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2264:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpcrequest2 failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2281:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpcresponse2 failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2298:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc request3 failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2315:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc response3 failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2496:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2512:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2525:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2555:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2585:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2615:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2787:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2815:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2844:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-dce-opnum.c:2872:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("AppLayerParse for dcerpc failed. Returned %" PRId32, r);
data/suricata-5.0.3/src/detect-engine-analyzer.c:566:37: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void __attribute__ ((format (printf, 2, 3)))
data/suricata-5.0.3/src/detect-engine-analyzer.c:573:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(str, sizeof(str), fmt, ap);
data/suricata-5.0.3/src/detect-engine-analyzer.c:582:37: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void __attribute__ ((format (printf, 2, 3)))
data/suricata-5.0.3/src/detect-engine-analyzer.c:589:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(str, sizeof(str), fmt, ap);
data/suricata-5.0.3/src/detect-engine-modbus.c:159:65: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
uint8_t access)
data/suricata-5.0.3/src/detect-engine-modbus.c:253:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access != MODBUS_TYP_NONE) {
data/suricata-5.0.3/src/detect-engine-modbus.c:254:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ((access & tx->type) && ((function == MODBUS_TYP_NONE) || (function & tx->type))) {
data/suricata-5.0.3/src/detect-engine-modbus.c:256:81: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
ret = DetectEngineInspectModbusAddress(tx, modbus->address, access);
data/suricata-5.0.3/src/detect-engine-modbus.c:262:90: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
SCLogDebug("looking for Modbus access type %d and function type %d", access, function);
data/suricata-5.0.3/src/detect.c:1030:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(_trace_buf, sizeof(_trace_buf), __VA_ARGS__); \
data/suricata-5.0.3/src/log-droplog.c:238:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_SYN(p) ? " SYN" : "");
data/suricata-5.0.3/src/log-droplog.c:239:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_ACK(p) ? " ACK" : "");
data/suricata-5.0.3/src/log-droplog.c:240:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_PUSH(p) ? " PSH" : "");
data/suricata-5.0.3/src/log-droplog.c:241:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_RST(p) ? " RST" : "");
data/suricata-5.0.3/src/log-droplog.c:242:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_URG(p) ? " URG" : "");
data/suricata-5.0.3/src/log-droplog.c:243:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(dlt->file_ctx->fp, TCP_ISSET_FLAG_FIN(p) ? " FIN" : "");
data/suricata-5.0.3/src/log-pcap.c:783:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tmp, PATH_MAX, "%"PRIu32, pl->thread_number);
data/suricata-5.0.3/src/log-pcap.c:1644:29: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, sizeof(str), "%"PRIu64, (uint64_t)thread_id);
data/suricata-5.0.3/src/log-pcap.c:1650:29: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, sizeof(str), "%"PRIu32, (uint32_t)ts.tv_sec);
data/suricata-5.0.3/src/log-pcap.c:1652:29: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, sizeof(str), "%"PRIu32".%"PRIu32,
data/suricata-5.0.3/src/log-pcap.c:1708:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, size, "%"PRIu64, num);
data/suricata-5.0.3/src/log-pcap.c:1745:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, size, "%"PRIu64, num);
data/suricata-5.0.3/src/log-tcp-data.c:110:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tx, sizeof(tx), "%"PRIu64, tx_id);
data/suricata-5.0.3/src/log-tlsstore.c:148:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(fp, PEMHEADER) < 0)
data/suricata-5.0.3/src/log-tlsstore.c:164:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(fp, PEMFOOTER) < 0)
data/suricata-5.0.3/src/output-json-flow.c:107:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(proto, sizeof(proto), "%03" PRIu32, f->proto);
data/suricata-5.0.3/src/output-json-netflow.c:114:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(proto, sizeof(proto), "%03" PRIu32, f->proto);
data/suricata-5.0.3/src/output-json.c:551:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(proto, sizeof(proto), "%03" PRIu32, IP_GET_IPPROTO(p));
data/suricata-5.0.3/src/output-lua.c:202:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(proto, sizeof(proto), "PROTO:%03" PRIu32, IP_GET_IPPROTO(p));
data/suricata-5.0.3/src/output-lua.c:273:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(proto, sizeof(proto), "PROTO:%03" PRIu32, IP_GET_IPPROTO(p));
data/suricata-5.0.3/src/runmode-unix-socket.c:529:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tstr, sizeof(tstr), "%" PRIuMAX, (uintmax_t)cfile->delay);
data/suricata-5.0.3/src/runmode-unix-socket.c:539:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(tstr, sizeof(tstr), "%" PRIuMAX, (uintmax_t)cfile->poll_interval);
data/suricata-5.0.3/src/source-napatech.c:252:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(string1, 16, (numa_max_node() >= 1 ? ",[%d, 16, 1]" : ""),
data/suricata-5.0.3/src/source-napatech.c:254:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(string2, 16, (numa_max_node() >= 2 ? ",[%d, 16, 2]" : ""),
data/suricata-5.0.3/src/source-napatech.c:256:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(string3, 16, (numa_max_node() >= 3 ? ",[%d, 16, 3]" : ""),
data/suricata-5.0.3/src/suricata.c:1091:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const char *mode = suri->system ? "SYSTEM" : "USER";
data/suricata-5.0.3/src/suricata.c:1189:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(str, W_OK) == 0)
data/suricata-5.0.3/src/suricata.h:146:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
bool system;
data/suricata-5.0.3/src/util-buffer.h:163:18: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int cw = snprintf((char *)(dst)->buffer + (dst)->offset, \
data/suricata-5.0.3/src/util-debug.h:219:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int _sc_log_ret = snprintf(_sc_log_msg, SC_LOG_MAX_LOG_MSG_LEN, __VA_ARGS__); \
data/suricata-5.0.3/src/util-debug.h:238:31: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int _sc_log_ret = snprintf(_sc_log_msg, SC_LOG_MAX_LOG_MSG_LEN, __VA_ARGS__); \
data/suricata-5.0.3/src/util-decode-asn1.c:322:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("%"PRIu8, (uint8_t)((byte >> (i - 1)) & 0x01));
data/suricata-5.0.3/src/util-pidfile.c:107:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(pid_filename, F_OK) == 0) {
data/suricata-5.0.3/src/util-print.h:30:18: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int cw = snprintf((buf) + *(buf_offset_ptr), \
data/suricata-5.0.3/src/util-profiling.c:127:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, size, "%"PRIu64, num);
data/suricata-5.0.3/src/util-reference-config.c:235:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
char system[REFERENCE_SYSTEM_NAME_MAX];
data/suricata-5.0.3/src/util-reference-config.c:253:56: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = pcre_copy_substring((char *)line, ov, 30, 1, system, sizeof(system));
data/suricata-5.0.3/src/util-reference-config.c:253:71: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ret = pcre_copy_substring((char *)line, ov, 30, 1, system, sizeof(system));
data/suricata-5.0.3/src/util-reference-config.c:267:44: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ref_new = SCRConfAllocSCRConfReference(system, url);
data/suricata-5.0.3/src/util-reference-config.c:354:60: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
SCRConfReference *SCRConfAllocSCRConfReference(const char *system,
data/suricata-5.0.3/src/util-reference-config.c:369:49: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ((ref->system = SCRConfStringToLowercase(system)) == NULL) {
data/suricata-5.0.3/src/util-reference-config.c:375:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
SCFree(ref->system);
data/suricata-5.0.3/src/util-reference-config.c:391:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (ref->system != NULL)
data/suricata-5.0.3/src/util-reference-config.c:392:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
SCFree(ref->system);
data/suricata-5.0.3/src/util-reference-config.c:419:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int len = strlen(ref->system);
data/suricata-5.0.3/src/util-reference-config.c:422:45: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
hash += tolower((unsigned char)ref->system[i]);
data/suricata-5.0.3/src/util-reference-config.c:456:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
len1 = strlen(ref1->system);
data/suricata-5.0.3/src/util-reference-config.c:457:25: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
len2 = strlen(ref2->system);
data/suricata-5.0.3/src/util-reference-config.c:459:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (len1 == len2 && memcmp(ref1->system, ref2->system, len1) == 0) {
data/suricata-5.0.3/src/util-reference-config.c:459:52: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (len1 == len2 && memcmp(ref1->system, ref2->system, len1) == 0) {
data/suricata-5.0.3/src/util-reference-config.h:35:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
char *system;
data/suricata-5.0.3/src/util-time.c:204:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, size, time_fmt, ts->tv_usec);
data/suricata-5.0.3/src/util-time.c:220:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str, size, time_fmt, ts->tv_usec);
data/suricata-5.0.3/src/win32-syscall.c:51:8: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef _snprintf
data/suricata-5.0.3/src/win32-syscall.c:52:9: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define _snprintf StringCbPrintfA
data/suricata-5.0.3/src/win32-syslog.h:78:9: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
#define syslog(__pri, __fmt, __param)
data/suricata-5.0.3/src/app-layer-parser.c:1629:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
bool do_dump = (getenv("SC_AFL_DUMP_FILES") != NULL);
data/suricata-5.0.3/src/app-layer-parser.c:1797:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
bool do_dump = (getenv("SC_AFL_DUMP_FILES") != NULL);
data/suricata-5.0.3/src/suricata.c:1569:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, short_opts, long_opts, &option_index)) != -1) {
data/suricata-5.0.3/src/util-cpu.c:79:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* envvar = getenv("NUMBER_OF_PROCESSORS");
data/suricata-5.0.3/src/util-debug.c:780:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *s = getenv(SC_LOG_ENV_LOG_FORMAT);
data/suricata-5.0.3/src/util-debug.c:797:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv(SC_LOG_ENV_LOG_LEVEL);
data/suricata-5.0.3/src/util-debug.c:909:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv(SC_LOG_ENV_LOG_LEVEL);
data/suricata-5.0.3/src/util-debug.c:957:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
format = getenv(SC_LOG_ENV_LOG_FORMAT);
data/suricata-5.0.3/src/util-debug.c:1003:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv(SC_LOG_ENV_LOG_OP_IFACE);
data/suricata-5.0.3/src/util-debug.c:1032:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv(SC_LOG_ENV_LOG_FILE);
data/suricata-5.0.3/src/util-debug.c:1044:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
s = getenv(SC_LOG_ENV_LOG_FACILITY);
data/suricata-5.0.3/src/util-debug.c:1073:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
filter = getenv(SC_LOG_ENV_LOG_OP_FILTER);
data/suricata-5.0.3/src/util-fmemopen.c:58:14: [3] (tmpfile) GetTempFileName:
Temporary file race condition in certain cases (e.g., if run as SYSTEM in
many versions of Windows) (CWE-377).
if (0 == GetTempFileName(temppath, "SC", 0, filename))
data/suricata-5.0.3/src/util-random.c:40:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(ts.tv_nsec ^ ts.tv_sec);
data/suricata-5.0.3/src/util-random.c:41:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long int value = random();
data/suricata-5.0.3/src/util-random.c:54:5: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(tv.tv_usec ^ tv.tv_sec);
data/suricata-5.0.3/src/util-random.c:55:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long int value = random();
data/suricata-5.0.3/src/win32-misc.c:35:30: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (overwrite || NULL == getenv(name)) {
data/suricata-5.0.3/ebpf/include/linux/bpf.h:309:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char build_id[BPF_BUILD_ID_SIZE];
data/suricata-5.0.3/ebpf/include/linux/bpf.h:329:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_name[BPF_OBJ_NAME_LEN];
data/suricata-5.0.3/ebpf/include/linux/bpf.h:356:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog_name[BPF_OBJ_NAME_LEN];
data/suricata-5.0.3/ebpf/include/linux/bpf.h:2710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BPF_OBJ_NAME_LEN];
data/suricata-5.0.3/ebpf/include/linux/bpf.h:2740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BPF_OBJ_NAME_LEN];
data/suricata-5.0.3/src/alert-debuglog.c:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/alert-debuglog.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46], dstip[46];
data/suricata-5.0.3/src/alert-debuglog.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/alert-fastlog.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/alert-fastlog.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46], dstip[46];
data/suricata-5.0.3/src/alert-fastlog.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alert_buffer[MAX_FASTLOG_BUFFER_SIZE];
data/suricata-5.0.3/src/alert-fastlog.c:147:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16] = "";
data/suricata-5.0.3/src/alert-prelude.c:275:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char saddr[128], daddr[128];
data/suricata-5.0.3/src/alert-prelude.c:630:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_key[128];
data/suricata-5.0.3/src/alert-syslog.c:221:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[16], dstip[16];
data/suricata-5.0.3/src/alert-syslog.c:277:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46], dstip[46];
data/suricata-5.0.3/src/alert-syslog.c:330:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_buf_hdr[512];
data/suricata-5.0.3/src/alert-syslog.c:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_buf_pkt[65] = "";
data/suricata-5.0.3/src/alert-syslog.c:332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_buf_tail[32];
data/suricata-5.0.3/src/alert-syslog.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alert[2048] = "";
data/suricata-5.0.3/src/alert-unified2-alert.c:328:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XFF_MAXLEN];
data/suricata-5.0.3/src/alert-unified2-alert.c:417:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fakehdr->ip6h.s_ip6_addrs, p->ip6h->s_ip6_addrs, 32);
data/suricata-5.0.3/src/alert-unified2-alert.c:419:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fakehdr->ip6h.s_ip6_src, p->ip6h->s_ip6_dst, 16);
data/suricata-5.0.3/src/alert-unified2-alert.c:420:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fakehdr->ip6h.s_ip6_dst, p->ip6h->s_ip6_src, 16);
data/suricata-5.0.3/src/alert-unified2-alert.c:489:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, ðhdr, 14);
data/suricata-5.0.3/src/alert-unified2-alert.c:511:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, &fakehdr, hdr_length);
data/suricata-5.0.3/src/alert-unified2-alert.c:530:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, ðhdr, 14);
data/suricata-5.0.3/src/alert-unified2-alert.c:547:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fakehdr.ip6h.s_ip6_dst, aun->xff_ip, 4 * sizeof(uint32_t));
data/suricata-5.0.3/src/alert-unified2-alert.c:549:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fakehdr.ip6h.s_ip6_src, aun->xff_ip, 4 * sizeof(uint32_t));
data/suricata-5.0.3/src/alert-unified2-alert.c:553:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, &fakehdr, hdr_length);
data/suricata-5.0.3/src/alert-unified2-alert.c:574:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, buf, buflen);
data/suricata-5.0.3/src/alert-unified2-alert.c:698:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, ðhdr, 14);
data/suricata-5.0.3/src/alert-unified2-alert.c:710:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data + aun->offset, GET_PKT_DATA(p), GET_PKT_LEN(p));
data/suricata-5.0.3/src/alert-unified2-alert.c:797:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( xff, aun->xff_ip, addr_size );
data/suricata-5.0.3/src/alert-unified2-alert.c:914:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XFF_MAXLEN];
data/suricata-5.0.3/src/alert-unified2-alert.c:942:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data, &hdr, sizeof(hdr));
data/suricata-5.0.3/src/alert-unified2-alert.c:943:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(phdr, &gphdr, sizeof(gphdr));
data/suricata-5.0.3/src/alert-unified2-alert.c:1102:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XFF_MAXLEN];
data/suricata-5.0.3/src/alert-unified2-alert.c:1130:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aun->data, &hdr, sizeof(hdr));
data/suricata-5.0.3/src/alert-unified2-alert.c:1131:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(phdr, &gphdr, sizeof(gphdr));
data/suricata-5.0.3/src/alert-unified2-alert.c:1481:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_ctx->fp = fopen(filename, "wb");
data/suricata-5.0.3/src/alert-unified2-alert.c:1483:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_ctx->fp = fopen(filename, "ab");
data/suricata-5.0.3/src/app-layer-dcerpc-udp.c:110:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*stub_data_buffer + *stub_data_buffer_len, input, stub_len);
data/suricata-5.0.3/src/app-layer-dcerpc-udp.c:265:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sstate->uuid_entry->uuid,
data/suricata-5.0.3/src/app-layer-dcerpc-udp.c:699:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sstate->uuid_entry->uuid,
data/suricata-5.0.3/src/app-layer-dcerpc.c:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytestr[4] = {0};
data/suricata-5.0.3/src/app-layer-dcerpc.c:95:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrstr[17] = {0};
data/suricata-5.0.3/src/app-layer-dcerpc.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexstr[ 16*3 + 5] = {0};
data/suricata-5.0.3/src/app-layer-dcerpc.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charstr[16*1 + 5] = {0};
data/suricata-5.0.3/src/app-layer-dcerpc.c:302:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcerpc->dcerpcbindbindack.uuid_entry->uuid,
data/suricata-5.0.3/src/app-layer-dcerpc.c:623:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcerpc->dcerpcbindbindack.uuid_entry->uuid,
data/suricata-5.0.3/src/app-layer-dcerpc.c:698:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcerpc->dcerpcbindbindack.uuid_entry,
data/suricata-5.0.3/src/app-layer-dcerpc.c:854:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcerpc->dcerpcbindbindack.uuid_entry,
data/suricata-5.0.3/src/app-layer-dcerpc.c:1229:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*stub_data_buffer + *stub_data_buffer_len, input, stub_len);
data/suricata-5.0.3/src/app-layer-detect-proto.c:161:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *alproto_names[ALPROTO_MAX];
data/suricata-5.0.3/src/app-layer-detect-proto.c:1313:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(struct_offset->content, content, content_len);
data/suricata-5.0.3/src/app-layer-detect-proto.c:1653:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[100];
data/suricata-5.0.3/src/app-layer-detect-proto.c:1896:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[100];
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6573:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->filename, *buf, object->filename_size);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6586:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->data, *buf, object->data_size);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6648:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->username, *buf, object->username_size);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6658:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->password, *buf, object->password_size);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6732:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->filename, *buf, object->filename_size);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6802:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->optional_text, *buf, object->optional_text_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6863:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->file_data, *buf, object->file_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6927:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->optional_text, *buf, object->optional_text_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:6995:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->filename, *buf, object->filename_size);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7050:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->file_specification, *buf, object->file_specification_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7195:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->vendor_code, *buf, 4);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7214:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->data_objects, *buf, object->length);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7375:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->challenge_data, *buf, object->challenge_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7439:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->mac_value, *buf, object->mac_value_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7597:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->challenge_data, *buf, object->challenge_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7611:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->mac_value, *buf, object->mac_value_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7675:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->wrapped_key_data, *buf, object->wrapped_key_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7744:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->error_text, *buf, object->error_text_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7809:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->certificate, *buf, object->certificate_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7863:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->mac_value, *buf, object->mac_value_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7937:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->username, *buf, object->username_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7951:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->user_public_key, *buf, object->user_public_key_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:7964:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->certification_data, *buf, object->certification_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:8023:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->username, *buf, object->username_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:8037:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->master_challenge_data, *buf, object->master_challenge_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:8100:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->challenge_data, *buf, object->challenge_data_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:8163:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->encrypted_update_key_data, *buf, object->encrypted_update_key_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:8221:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->digital_signature, *buf, object->digital_signature_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.c:8279:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(object->mac, *buf, object->mac_len);
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optional_text[255];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_data[255];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optional_text[255];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_specification[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor_code[5];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_text[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1379:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[65535];
data/suricata-5.0.3/src/app-layer-dnp3-objects.h:1388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char username[65535];
data/suricata-5.0.3/src/app-layer-dnp3.c:412:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*output + *output_len, input + offset,
data/suricata-5.0.3/src/app-layer-dnp3.c:601:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer->buffer + buffer->len, data, len);
data/suricata-5.0.3/src/app-layer-dnp3.c:2485:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(combined, unsol_response1, sizeof(unsol_response1));
data/suricata-5.0.3/src/app-layer-dnp3.c:2486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(combined + sizeof(unsol_response1), unsol_response2,
data/suricata-5.0.3/src/app-layer-ftp.c:383:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line_state->db, state->input, state->input_len);
data/suricata-5.0.3/src/app-layer-ftp.c:396:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line_state->db + line_state->db_len,
data/suricata-5.0.3/src/app-layer-ftp.c:419:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line_state->db + line_state->db_len,
data/suricata-5.0.3/src/app-layer-ftp.c:529:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(where, src, length);
data/suricata-5.0.3/src/app-layer-ftp.c:615:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->port_line, state->current_line,
data/suricata-5.0.3/src/app-layer-ftp.c:645:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->file_name, state->current_line + 5, state->current_line_len - 5);
data/suricata-5.0.3/src/app-layer-ftp.c:1446:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/app-layer-htp-xff.c:147:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xff_chain, bstr_ptr(h_xff->value), bstr_len(h_xff->value));
data/suricata-5.0.3/src/app-layer-htp-xff.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[16];
data/suricata-5.0.3/src/app-layer-htp-xff.c:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[16];
data/suricata-5.0.3/src/app-layer-htp-xff.c:281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp-xff.c:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp-xff.c:301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp-xff.c:311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp-xff.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp-xff.c:331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp-xff.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[46];
data/suricata-5.0.3/src/app-layer-htp.c:1160:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(htud->boundary, boundary, boundary_len);
data/suricata-5.0.3/src/app-layer-htp.c:1295:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(boundary + 2, htud->boundary, htud->boundary_len);
data/suricata-5.0.3/src/app-layer-htp.c:2337:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tx_ud->request_headers_raw + tx_ud->request_headers_raw_len,
data/suricata-5.0.3/src/app-layer-htp.c:2374:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tx_ud->response_headers_raw + tx_ud->response_headers_raw_len,
data/suricata-5.0.3/src/app-layer-htp.c:2779:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint32_t range = atoi(p->val);
data/suricata-5.0.3/src/app-layer-htp.c:3125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char method_buffer[32] = "";
data/suricata-5.0.3/src/app-layer-modbus.c:2400:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input, readCoilsReq, sizeof(readCoilsReq));
data/suricata-5.0.3/src/app-layer-modbus.c:2401:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input + sizeof(readCoilsReq), writeMultipleRegistersReq, sizeof(writeMultipleRegistersReq));
data/suricata-5.0.3/src/app-layer-modbus.c:2439:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input, readCoilsRsp, sizeof(readCoilsRsp));
data/suricata-5.0.3/src/app-layer-modbus.c:2440:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input + sizeof(readCoilsRsp), writeMultipleRegistersRsp, sizeof(writeMultipleRegistersRsp));
data/suricata-5.0.3/src/app-layer-parser.c:309:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[100];
data/suricata-5.0.3/src/app-layer-parser.c:1665:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/app-layer-parser.c:1676:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[256];
data/suricata-5.0.3/src/app-layer-parser.c:1679:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out_fp = fopen(outfilename, "w");
data/suricata-5.0.3/src/app-layer-parser.c:1713:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rmfilename[256];
data/suricata-5.0.3/src/app-layer-parser.c:1761:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/suricata-5.0.3/src/app-layer-parser.c:1764:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ((fp = fopen(filename, "r")) != NULL)
data/suricata-5.0.3/src/app-layer-parser.c:1833:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/app-layer-parser.c:1844:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[256];
data/suricata-5.0.3/src/app-layer-parser.c:1847:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out_fp = fopen(outfilename, "w");
data/suricata-5.0.3/src/app-layer-parser.c:1890:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rmfilename[256];
data/suricata-5.0.3/src/app-layer-parser.c:1937:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/suricata-5.0.3/src/app-layer-parser.c:1940:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ((fp = fopen(filename, "r")) != NULL)
data/suricata-5.0.3/src/app-layer-smtp.c:608:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->ts_db, state->input, state->input_len);
data/suricata-5.0.3/src/app-layer-smtp.c:621:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->ts_db + state->ts_db_len,
data/suricata-5.0.3/src/app-layer-smtp.c:644:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->ts_db + state->ts_db_len,
data/suricata-5.0.3/src/app-layer-smtp.c:710:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->tc_db, state->input, state->input_len);
data/suricata-5.0.3/src/app-layer-smtp.c:723:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->tc_db + state->tc_db_len,
data/suricata-5.0.3/src/app-layer-smtp.c:746:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->tc_db + state->tc_db_len,
data/suricata-5.0.3/src/app-layer-smtp.c:1146:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*target, state->current_line + i, spc_i - i);
data/suricata-5.0.3/src/app-layer-ssh.c:114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->proto_version, line_ptr, proto_ver_len);
data/suricata-5.0.3/src/app-layer-ssh.c:140:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->software_version, line_ptr, sw_ver_len);
data/suricata-5.0.3/src/app-layer-ssh.c:277:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->buf + header->buf_offset, input, input_len);
data/suricata-5.0.3/src/app-layer-ssh.c:287:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->buf + header->buf_offset, input, needed);
data/suricata-5.0.3/src/app-layer-ssh.c:379:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->banner_buffer + header->banner_len, input, tocopy);
data/suricata-5.0.3/src/app-layer-ssh.c:408:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header->banner_buffer + header->banner_len, input, tocopy);
data/suricata-5.0.3/src/app-layer-ssl.c:395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/suricata-5.0.3/src/app-layer-ssl.c:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/suricata-5.0.3/src/app-layer-ssl.c:439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/suricata-5.0.3/src/app-layer-ssl.c:732:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssl_state->curr_connp->session_id, input, session_id_length);
data/suricata-5.0.3/src/app-layer-ssl.c:929:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssl_state->curr_connp->sni, input, sni_strlen - 1);
data/suricata-5.0.3/src/app-layer-ssl.c:1477:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssl_state->curr_connp->trec +
data/suricata-5.0.3/src/app-layer-template.c:292:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tx->request_buffer, input, input_len);
data/suricata-5.0.3/src/app-layer-template.c:366:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tx->response_buffer, input, input_len);
data/suricata-5.0.3/src/app-layer.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_COUNTER_SIZE];
data/suricata-5.0.3/src/app-layer.c:77:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tx_name[MAX_COUNTER_SIZE];
data/suricata-5.0.3/src/conf-yaml-loader.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char include_filename[PATH_MAX];
data/suricata-5.0.3/src/conf-yaml-loader.c:142:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(include_filename, "r");
data/suricata-5.0.3/src/conf-yaml-loader.c:237:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sequence_node_name[DEFAULT_NAME_LEN];
data/suricata-5.0.3/src/conf-yaml-loader.c:350:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sequence_node_name[DEFAULT_NAME_LEN];
data/suricata-5.0.3/src/conf-yaml-loader.c:442:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(filename, "r");
data/suricata-5.0.3/src/conf-yaml-loader.c:520:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile = fopen(filename, "r");
data/suricata-5.0.3/src/conf-yaml-loader.c:822:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((config_file = fopen(config_filename, "w")) == NULL) {
data/suricata-5.0.3/src/conf-yaml-loader.c:830:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((config_file = fopen(include_filename, "w")) == NULL) {
data/suricata-5.0.3/src/conf.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[NODE_NAME_MAX];
data/suricata-5.0.3/src/conf.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[NODE_NAME_MAX];
data/suricata-5.0.3/src/conf.c:734:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[128*128];
data/suricata-5.0.3/src/conf.c:754:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *name[128];
data/suricata-5.0.3/src/counters.c:258:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stats_tts = (uint32_t) atoi(interval);
data/suricata-5.0.3/src/datasets-string.c:70:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_s->ptr, src_s->ptr, dst_s->len);
data/suricata-5.0.3/src/datasets.c:93:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3] = { 0, 0, 0 };
data/suricata-5.0.3/src/datasets.c:106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, hash, outs);
data/suricata-5.0.3/src/datasets.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw[ins + 1];
data/suricata-5.0.3/src/datasets.c:114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(raw, in, ins);
data/suricata-5.0.3/src/datasets.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptrs[1] = {NULL};
data/suricata-5.0.3/src/datasets.c:166:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(set->load, fopen_mode);
data/suricata-5.0.3/src/datasets.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/suricata-5.0.3/src/datasets.c:235:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(set->load, fopen_mode);
data/suricata-5.0.3/src/datasets.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/suricata-5.0.3/src/datasets.c:300:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(set->load, fopen_mode);
data/suricata-5.0.3/src/datasets.c:308:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/suricata-5.0.3/src/datasets.c:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/datasets.c:484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cnf_name[128];
data/suricata-5.0.3/src/datasets.c:547:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save[PATH_MAX] = "";
data/suricata-5.0.3/src/datasets.c:548:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char load[PATH_MAX] = "";
data/suricata-5.0.3/src/datasets.c:576:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conf_str[1024];
data/suricata-5.0.3/src/datasets.c:642:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/datasets.c:656:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/datasets.c:674:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(set->save, "w");
data/suricata-5.0.3/src/datasets.c:743:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.md5, data, data_len);
data/suricata-5.0.3/src/datasets.c:764:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.md5, data, data_len);
data/suricata-5.0.3/src/datasets.c:785:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.sha256, data, data_len);
data/suricata-5.0.3/src/datasets.c:806:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.sha256, data, data_len);
data/suricata-5.0.3/src/datasets.c:911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.md5, data, 16);
data/suricata-5.0.3/src/datasets.c:930:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.md5, data, 16);
data/suricata-5.0.3/src/datasets.c:949:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.sha256, data, 32);
data/suricata-5.0.3/src/datasets.c:967:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.sha256, data, 32);
data/suricata-5.0.3/src/datasets.c:1074:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.md5, data, 16);
data/suricata-5.0.3/src/datasets.c:1087:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lookup.sha256, data, 32);
data/suricata-5.0.3/src/datasets.h:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[DATASET_NAME_MAX_LEN + 1];
data/suricata-5.0.3/src/datasets.h:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char load[PATH_MAX];
data/suricata-5.0.3/src/datasets.h:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save[PATH_MAX];
data/suricata-5.0.3/src/decode-afl.c:85:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/decode-afl.c:89:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[256];
data/suricata-5.0.3/src/decode-afl.c:92:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out_fp = fopen(outfilename, "w");
data/suricata-5.0.3/src/decode-afl.c:119:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rmfilename[256];
data/suricata-5.0.3/src/decode-afl.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/suricata-5.0.3/src/decode-afl.c:153:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
while ((fp = fopen(filename, "r")) != NULL)
data/suricata-5.0.3/src/decode-icmpv4.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16], d[16];
data/suricata-5.0.3/src/decode-icmpv4.c:504:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16], d[16];
data/suricata-5.0.3/src/decode-icmpv4.c:579:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16], d[16];
data/suricata-5.0.3/src/decode-icmpv4.c:649:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16], d[16];
data/suricata-5.0.3/src/decode-icmpv6.c:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[46], d[46];
data/suricata-5.0.3/src/decode-ipv4.c:309:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "";
data/suricata-5.0.3/src/decode-ipv4.c:547:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16], d[16];
data/suricata-5.0.3/src/decode-ipv6.c:117:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fh_id, pkt+4, 4);
data/suricata-5.0.3/src/decode-ipv6.c:599:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[46], d[46];
data/suricata-5.0.3/src/decode.c:236:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(GET_PKT_DIRECT_DATA(p) + offset, data, datalen);
data/suricata-5.0.3/src/decode.c:245:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->ext_pkt, GET_PKT_DIRECT_DATA(p), GET_PKT_DIRECT_MAX_SIZE(p));
data/suricata-5.0.3/src/decode.c:247:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->ext_pkt + offset, data, datalen);
data/suricata-5.0.3/src/decode.c:250:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->ext_pkt + offset, data, datalen);
data/suricata-5.0.3/src/decode.c:553:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/suricata-5.0.3/src/decode.c:609:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16];
data/suricata-5.0.3/src/defrag.c:855:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->pkt, GET_PKT_DATA(p) + ltrim, GET_PKT_LEN(p) - ltrim);
data/suricata-5.0.3/src/detect-app-layer-event.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alproto_name[MAX_ALPROTO_NAME];
data/suricata-5.0.3/src/detect-app-layer-event.c:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alproto_name[MAX_ALPROTO_NAME];
data/suricata-5.0.3/src/detect-asn1.c:1090:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-asn1.c:1169:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-asn1.c:1228:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-asn1.c:1307:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-bsize.c:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[2048]; \
data/suricata-5.0.3/src/detect-bsize.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[11], *p = str1;
data/suricata-5.0.3/src/detect-bsize.c:223:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[11];
data/suricata-5.0.3/src/detect-bypass.c:183:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-byte-extract.c:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbytes_str[64] = "";
data/suricata-5.0.3/src/detect-byte-extract.c:243:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bed->nbytes = atoi(nbytes_str);
data/suricata-5.0.3/src/detect-byte-extract.c:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offset_str[64] = "";
data/suricata-5.0.3/src/detect-byte-extract.c:254:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int offset = atoi(offset_str);
data/suricata-5.0.3/src/detect-byte-extract.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname_str[256] = "";
data/suricata-5.0.3/src/detect-byte-extract.c:277:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt_str[64] = "";
data/suricata-5.0.3/src/detect-byte-extract.c:302:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char multiplier_str[16] = "";
data/suricata-5.0.3/src/detect-byte-extract.c:310:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int multiplier = atoi(multiplier_str);
data/suricata-5.0.3/src/detect-byte-extract.c:406:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char align_str[16] = "";
data/suricata-5.0.3/src/detect-byte-extract.c:414:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bed->align_value = atoi(align_str);
data/suricata-5.0.3/src/detect-bytejump.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[10][64];
data/suricata-5.0.3/src/detect-bytejump.c:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512] = "";
data/suricata-5.0.3/src/detect-bytejump.c:1175:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "boom", 4);
data/suricata-5.0.3/src/detect-bytetest.c:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[9] = {
data/suricata-5.0.3/src/detect-bytetest.c:1356:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "boom", 4);
data/suricata-5.0.3/src/detect-cipservice.c:143:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long num = atol(token);
data/suricata-5.0.3/src/detect-cipservice.c:349:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long cmd = atol(rulestr);
data/suricata-5.0.3/src/detect-cipservice.c:356:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enipcmdd->enipcommand = (uint16_t) atoi(rulestr);
data/suricata-5.0.3/src/detect-classtype.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e[esize];
data/suricata-5.0.3/src/detect-classtype.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parsed_ct_name[CLASSTYPE_NAME_MAX_LEN] = "";
data/suricata-5.0.3/src/detect-classtype.c:158:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/detect-content.c:186:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, str, slen);
data/suricata-5.0.3/src/detect-content.c:221:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cd->content, content, len);
data/suricata-5.0.3/src/detect-content.c:637:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rule[2048]; \
data/suricata-5.0.3/src/detect-datarep.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[strlen(str)+1];
data/suricata-5.0.3/src/detect-datarep.c:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[size];
data/suricata-5.0.3/src/detect-datarep.c:240:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-datarep.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/detect-datarep.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_str[16] = "", name[64] = "";
data/suricata-5.0.3/src/detect-datarep.c:281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char load[PATH_MAX];
data/suricata-5.0.3/src/detect-dataset.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[strlen(str)+1];
data/suricata-5.0.3/src/detect-dataset.c:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[size];
data/suricata-5.0.3/src/detect-dataset.c:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-dataset.c:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/detect-dataset.c:302:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/detect-dataset.c:318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd_str[16] = "", name[DATASET_NAME_MAX_LEN + 1] = "";
data/suricata-5.0.3/src/detect-dataset.c:320:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char load[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-dataset.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char save[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-dce-iface.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_str[128] = "";
data/suricata-5.0.3/src/detect-dce-iface.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_str[3] = "";
data/suricata-5.0.3/src/detect-dce-iface.c:183:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(copy_str);
data/suricata-5.0.3/src/detect-dce-opnum.c:178:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dor->range1 = atoi(dup_str_temp);
data/suricata-5.0.3/src/detect-dce-opnum.c:181:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dor->range2 = atoi(hyphen_token);
data/suricata-5.0.3/src/detect-dce-opnum.c:187:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dor->range1 = atoi(dup_str_temp);
data/suricata-5.0.3/src/detect-dce-opnum.c:206:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dor->range1 = atoi(dup_str);
data/suricata-5.0.3/src/detect-dce-opnum.c:209:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dor->range2 = atoi(hyphen_token);
data/suricata-5.0.3/src/detect-dce-opnum.c:215:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dor->range1 = atoi(dup_str);
data/suricata-5.0.3/src/detect-detection-filter.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[6] = { NULL, NULL, NULL, NULL, NULL, NULL};
data/suricata-5.0.3/src/detect-dnp3.c:258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[strlen(str) + 1];
data/suricata-5.0.3/src/detect-dnp3.c:355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char groupstr[size], *varstr, *sep;
data/suricata-5.0.3/src/detect-dsize.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[2] = "";
data/suricata-5.0.3/src/detect-dsize.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value1[6] = "";
data/suricata-5.0.3/src/detect-dsize.c:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value2[6] = "";
data/suricata-5.0.3/src/detect-dsize.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range[3] = "";
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:995:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:999:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1069:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1073:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1090:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1101:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1119:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1130:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1148:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1159:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1177:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1188:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1209:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1212:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1215:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1218:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1223:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1226:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1229:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1232:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1237:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1240:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1243:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1254:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1257:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1260:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1265:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1271:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1274:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1279:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1282:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1285:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1288:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1293:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1296:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1299:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1302:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1307:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1310:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1313:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1316:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1321:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1324:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1327:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1330:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1335:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1338:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1341:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1344:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1349:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1352:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1355:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1358:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1363:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1366:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1369:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1377:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1380:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1383:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1386:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1391:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1394:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1397:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1400:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1405:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1408:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1411:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1414:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1419:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1422:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1425:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1428:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1433:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1436:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1439:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1442:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1448:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1451:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1457:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1463:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1466:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1469:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1472:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1480:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1483:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1491:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1494:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1497:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1500:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1505:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1508:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1511:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1514:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1519:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1522:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1525:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1528:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1533:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1536:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1539:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1542:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1547:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1550:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1553:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1556:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1561:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1567:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1570:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1575:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1578:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1581:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1584:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1589:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1592:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1595:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1598:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1603:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1606:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1609:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1612:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1617:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1620:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1623:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1626:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1655:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1658:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1690:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1693:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1700:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1703:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1740:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1743:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1750:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1753:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1790:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1793:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1798:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1801:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1809:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1812:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1848:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1851:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1856:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1859:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1867:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address-ipv6.c:1870:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address.c:441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[256];
data/suricata-5.0.3/src/detect-engine-address.c:481:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int cidr = atoi(mask);
data/suricata-5.0.3/src/detect-engine-address.c:541:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int cidr = atoi(mask);
data/suricata-5.0.3/src/detect-engine-address.c:570:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dd->ip.address, &in6.s6_addr, sizeof(ip6addr));
data/suricata-5.0.3/src/detect-engine-address.c:575:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dd->ip2.address, &in6.s6_addr, sizeof(ip6addr));
data/suricata-5.0.3/src/detect-engine-address.c:746:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[8196] = "";
data/suricata-5.0.3/src/detect-engine-address.c:1776:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[16], mask[16];
data/suricata-5.0.3/src/detect-engine-address.c:1787:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[66], mask[66];
data/suricata-5.0.3/src/detect-engine-address.c:1845:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[46] = "", str2[46] = "";
data/suricata-5.0.3/src/detect-engine-address.c:2676:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address.c:2701:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address.c:2726:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address.c:2751:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-address.c:2776:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr));
data/suricata-5.0.3/src/detect-engine-alert.c:172:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->alerts.alerts[i], &p->alerts.alerts[i + 1], sizeof(PacketAlert));
data/suricata-5.0.3/src/detect-engine-alert.c:211:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p->alerts.alerts[i + 1], &p->alerts.alerts[i], sizeof(PacketAlert));
data/suricata-5.0.3/src/detect-engine-analyzer.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char log_path[PATH_MAX];
data/suricata-5.0.3/src/detect-engine-analyzer.c:243:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pat, fp_cd->content, fp_cd->content_len);
data/suricata-5.0.3/src/detect-engine-analyzer.c:256:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pat, fp_cd->content + fp_cd->fp_chop_offset, fp_cd->fp_chop_len);
data/suricata-5.0.3/src/detect-engine-analyzer.c:299:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_engine_analysis_FD = fopen(log_path, "w");
data/suricata-5.0.3/src/detect-engine-analyzer.c:348:39: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rule_engine_analysis_FD = fopen(log_path, "w");
data/suricata-5.0.3/src/detect-engine-analyzer.c:491:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pat, fp_cd->content, fp_cd->content_len);
data/suricata-5.0.3/src/detect-engine-analyzer.c:501:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pat, fp_cd->content + fp_cd->fp_chop_offset, fp_cd->fp_chop_len);
data/suricata-5.0.3/src/detect-engine-analyzer.c:570:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/suricata-5.0.3/src/detect-engine-analyzer.c:586:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/suricata-5.0.3/src/detect-engine-analyzer.c:639:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pat, cd->content, cd->content_len);
data/suricata-5.0.3/src/detect-engine-analyzer.c:911:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json_path[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-engine-analyzer.c:929:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(json_path, "a");
data/suricata-5.0.3/src/detect-engine-build.c:908:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_path[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-engine-build.c:912:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(log_path, "w");
data/suricata-5.0.3/src/detect-engine-event.c:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_str[128] = "";
data/suricata-5.0.3/src/detect-engine-event.c:230:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char drawstr[64] = "decoder.";
data/suricata-5.0.3/src/detect-engine-event.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srawstr[64] = "stream.";
data/suricata-5.0.3/src/detect-engine-iponly.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "";
data/suricata-5.0.3/src/detect-engine-iponly.c:173:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int cidr = atoi(mask);
data/suricata-5.0.3/src/detect-engine-iponly.c:283:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dd->netmask = atoi(mask);
data/suricata-5.0.3/src/detect-engine-iponly.c:285:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dd->ip, &in6.s6_addr, sizeof(ip6addr));
data/suricata-5.0.3/src/detect-engine-iponly.c:573:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->array, orig->array, orig->size);
data/suricata-5.0.3/src/detect-engine-iponly.c:612:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[8196] = "";
data/suricata-5.0.3/src/detect-engine-iponly.c:1232:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[64];
data/suricata-5.0.3/src/detect-engine-iponly.c:1841:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:1878:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:1919:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:1957:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:1994:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2031:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2073:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2112:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2189:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2233:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2264:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-iponly.c:2297:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[numsigs];
data/suricata-5.0.3/src/detect-engine-loader.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[128];
data/suricata-5.0.3/src/detect-engine-loader.c:122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[DETECT_MAX_RULE_SIZE] = "";
data/suricata-5.0.3/src/detect-engine-loader.c:129:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(sig_file, "r");
data/suricata-5.0.3/src/detect-engine-loader.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[128] = "rule-files";
data/suricata-5.0.3/src/detect-engine-loader.c:619:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/detect-engine-mpm.c:167:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&am->transforms, transforms, sizeof(*transforms));
data/suricata-5.0.3/src/detect-engine-mpm.c:172:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xforms[1024] = "";
data/suricata-5.0.3/src/detect-engine-mpm.c:174:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ttstr[64];
data/suricata-5.0.3/src/detect-engine-mpm.c:182:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toprint[space + 1];
data/suricata-5.0.3/src/detect-engine-mpm.c:233:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char confstring[256] = "detect.mpm.";
data/suricata-5.0.3/src/detect-engine-mpm.c:359:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&am->transforms, transforms, sizeof(*transforms));
data/suricata-5.0.3/src/detect-engine-mpm.c:400:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char confstring[256] = "detect.mpm.";
data/suricata-5.0.3/src/detect-engine-mpm.c:458:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char confstring[256] = "detect.mpm.";
data/suricata-5.0.3/src/detect-engine-mpm.c:1409:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sids, sids_array, max_sid);
data/suricata-5.0.3/src/detect-engine-mpm.c:1485:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sids, sids_array, max_sid);
data/suricata-5.0.3/src/detect-engine-mpm.c:1556:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sids, sids_array, max_sid);
data/suricata-5.0.3/src/detect-engine-mpm.c:1837:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(struct_offset->content, content, content_len);
data/suricata-5.0.3/src/detect-engine-port.c:842:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[1024] = "";
data/suricata-5.0.3/src/detect-engine-port.c:1278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[16];
data/suricata-5.0.3/src/detect-engine-port.c:1303:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dp->port = atoi(port);
data/suricata-5.0.3/src/detect-engine-port.c:1309:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dp->port2 = atoi(port2);
data/suricata-5.0.3/src/detect-engine-port.c:1324:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dp->port = dp->port2 = atoi(port);
data/suricata-5.0.3/src/detect-engine-profile.c:88:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig[256] = "";
data/suricata-5.0.3/src/detect-engine-profile.c:89:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chop[256] = "";
data/suricata-5.0.3/src/detect-engine-profile.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_path[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-engine-profile.c:129:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(log_path, "a");
data/suricata-5.0.3/src/detect-engine-proto.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullstr[1024];
data/suricata-5.0.3/src/detect-engine-sigorder.c:2049:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[2];
data/suricata-5.0.3/src/detect-engine-tag.c:625:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine-tag.c:739:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine-tag.c:860:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine-tag.c:994:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine-tag.c:1135:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine-tag.c:1281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine-tag.c:1423:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-engine.c:1142:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer->buf, buf, copy_size);
data/suricata-5.0.3/src/detect-engine.c:2362:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
de_ctx->inspection_recursion_limit = atoi(insp_recursion_limit);
data/suricata-5.0.3/src/detect-engine.c:3264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/suricata-5.0.3/src/detect-engine.c:3329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/suricata-5.0.3/src/detect-engine.c:3708:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/suricata-5.0.3/src/detect-engine.c:4049:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[128];
data/suricata-5.0.3/src/detect-fast-pattern.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg_substr[128] = "";
data/suricata-5.0.3/src/detect-fast-pattern.c:289:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int offset = atoi(arg_substr);
data/suricata-5.0.3/src/detect-fast-pattern.c:303:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int length = atoi(arg_substr);
data/suricata-5.0.3/src/detect-fast-pattern.c:18807:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[no_of_sigs];
data/suricata-5.0.3/src/detect-file-hash-common.c:60:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3] = { 0, 0, 0 };
data/suricata-5.0.3/src/detect-file-hash-common.c:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8192] = "";
data/suricata-5.0.3/src/detect-file-hash-common.c:239:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/suricata-5.0.3/src/detect-file-hash-common.c:245:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/detect-file-hash-common.c:247:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(path, "r");
data/suricata-5.0.3/src/detect-fileext.c:167:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ext, fileext->ext, fileext->len);
data/suricata-5.0.3/src/detect-filemagic.c:263:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, filemagic->name, filemagic->len);
data/suricata-5.0.3/src/detect-filemagic.c:324:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, filemagic->name, filemagic->len);
data/suricata-5.0.3/src/detect-filemagic.c:367:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd = fopen(filename, "r")) == NULL) {
data/suricata-5.0.3/src/detect-filename.c:194:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, filename->name, filename->len);
data/suricata-5.0.3/src/detect-filename.c:256:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, filename->name, filename->len);
data/suricata-5.0.3/src/detect-filesize.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullstr[1024];
data/suricata-5.0.3/src/detect-filestore.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[3] = {NULL,NULL,NULL};
data/suricata-5.0.3/src/detect-filestore.c:347:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_0[32];
data/suricata-5.0.3/src/detect-filestore.c:348:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_1[32];
data/suricata-5.0.3/src/detect-filestore.c:349:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_2[32];
data/suricata-5.0.3/src/detect-flow.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[3] = {NULL,NULL,NULL};
data/suricata-5.0.3/src/detect-flow.c:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[16] = "", str2[16] = "", str3[16] = "";
data/suricata-5.0.3/src/detect-flowbits.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fb_cmd_str[16] = "", fb_name[256] = "";
data/suricata-5.0.3/src/detect-flowbits.c:630:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_path[PATH_MAX] = "";
data/suricata-5.0.3/src/detect-flowbits.c:650:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(log_path, "w");
data/suricata-5.0.3/src/detect-flowbits.c:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[16] = "", name[16] = "";
data/suricata-5.0.3/src/detect-flowint.c:1113:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-flowint.c:1186:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-flowint.c:1259:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-flowvar.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[64], varcontent[64];
data/suricata-5.0.3/src/detect-flowvar.c:169:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fd->content, content, contentlen);
data/suricata-5.0.3/src/detect-fragbits.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[2] = { NULL, NULL};
data/suricata-5.0.3/src/detect-fragoffset.c:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *substr[3] = {NULL, NULL, NULL};
data/suricata-5.0.3/src/detect-ftpdata.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[5] = "";
data/suricata-5.0.3/src/detect-geoip.c:488:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[1] = {"US"};
data/suricata-5.0.3/src/detect-geoip.c:495:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[1] = {"US"};
data/suricata-5.0.3/src/detect-geoip.c:502:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[1] = {"US"};
data/suricata-5.0.3/src/detect-geoip.c:509:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[1] = {"US"};
data/suricata-5.0.3/src/detect-geoip.c:516:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[1] = {"US"};
data/suricata-5.0.3/src/detect-geoip.c:523:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[3] = {"US", "ES", "UK"};
data/suricata-5.0.3/src/detect-geoip.c:530:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ccodes[3] = {"US", "ES", "UK"};
data/suricata-5.0.3/src/detect-hostbits.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fb_cmd_str[16] = "", fb_name[256] = "";
data/suricata-5.0.3/src/detect-hostbits.c:328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hb_dir_str[16] = "";
data/suricata-5.0.3/src/detect-hostbits.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[16] = "", name[256] = "", dir[16] = "";
data/suricata-5.0.3/src/detect-http-header-names.c:137:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer + buf->len, bstr_ptr(h->name), bstr_size(h->name));
data/suricata-5.0.3/src/detect-http-header.c:129:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer + buf->len, bstr_ptr(h->name), bstr_size(h->name));
data/suricata-5.0.3/src/detect-http-header.c:133:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer + buf->len, bstr_ptr(h->value), bstr_size(h->value));
data/suricata-5.0.3/src/detect-http-start.c:120:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer + buf->len, bstr_ptr(line), bstr_size(line));
data/suricata-5.0.3/src/detect-http-start.c:140:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer + buf->len, bstr_ptr(h->name), bstr_size(h->name));
data/suricata-5.0.3/src/detect-http-start.c:144:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->buffer + buf->len, bstr_ptr(h->value), bstr_size(h->value));
data/suricata-5.0.3/src/detect-icmp-id.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *substr[3] = {NULL, NULL, NULL};
data/suricata-5.0.3/src/detect-icmp-seq.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *substr[3] = {NULL, NULL, NULL};
data/suricata-5.0.3/src/detect-icode.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[3] = {NULL, NULL, NULL};
data/suricata-5.0.3/src/detect-id.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_str[128] = "";
data/suricata-5.0.3/src/detect-id.c:156:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
temp = atoi((char *)tmp_str);
data/suricata-5.0.3/src/detect-id.c:375:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-ipproto.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[2] = { NULL, NULL };
data/suricata-5.0.3/src/detect-ipproto.c:484:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int value = atoi(value_str);
data/suricata-5.0.3/src/detect-ipproto.c:1872:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[4];
data/suricata-5.0.3/src/detect-iprep.c:326:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int ival = atoi(value);
data/suricata-5.0.3/src/detect-isdataat.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[3] = {NULL,NULL,NULL};
data/suricata-5.0.3/src/detect-isdataat.c:585:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[5];
data/suricata-5.0.3/src/detect-itype.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[3] = {NULL, NULL, NULL};
data/suricata-5.0.3/src/detect-krb5-errcode.c:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[4] = "";
data/suricata-5.0.3/src/detect-krb5-errcode.c:163:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
krb5d->err_code = (int32_t)atoi(arg1);
data/suricata-5.0.3/src/detect-krb5-msgtype.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[4] = "";
data/suricata-5.0.3/src/detect-krb5-msgtype.c:160:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
krb5d->msg_type = (uint8_t)atoi(arg1);
data/suricata-5.0.3/src/detect-lua-extensions.c:272:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, str, len);
data/suricata-5.0.3/src/detect-lua-extensions.c:326:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, str, len);
data/suricata-5.0.3/src/detect-lua-extensions.c:334:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keybuf, keystr, keylen);
data/suricata-5.0.3/src/detect-lua.c:283:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(v) == 1)
data/suricata-5.0.3/src/detect-lua.c:431:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(v) == 1)
data/suricata-5.0.3/src/detect-lua.c:533:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(v) == 1)
data/suricata-5.0.3/src/detect-metadata.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy[strlen(metadatastr)+1];
data/suricata-5.0.3/src/detect-modbus.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_SUBSTRINGS];
data/suricata-5.0.3/src/detect-modbus.c:198:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->address->min = atoi((const char*) (arg+1));
data/suricata-5.0.3/src/detect-modbus.c:201:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->address->min = atoi((const char*) (arg+1));
data/suricata-5.0.3/src/detect-modbus.c:204:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->address->min = atoi((const char*) arg);
data/suricata-5.0.3/src/detect-modbus.c:216:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->address->max = atoi((const char*) (arg+2));
data/suricata-5.0.3/src/detect-modbus.c:243:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->data->min = atoi((const char*) (arg+1));
data/suricata-5.0.3/src/detect-modbus.c:246:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->data->min = atoi((const char*) (arg+1));
data/suricata-5.0.3/src/detect-modbus.c:249:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->data->min = atoi((const char*) arg);
data/suricata-5.0.3/src/detect-modbus.c:261:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->data->max = atoi((const char*) (arg+2));
data/suricata-5.0.3/src/detect-modbus.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_SUBSTRINGS], *ptr = arg;
data/suricata-5.0.3/src/detect-modbus.c:314:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->function = atoi((const char*) ptr);
data/suricata-5.0.3/src/detect-modbus.c:337:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(modbus->subfunction) = atoi((const char*) arg);
data/suricata-5.0.3/src/detect-modbus.c:388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_SUBSTRINGS];
data/suricata-5.0.3/src/detect-modbus.c:431:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->unit_id->min = atoi((const char*) (arg+1));
data/suricata-5.0.3/src/detect-modbus.c:434:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->unit_id->min = atoi((const char*) (arg+1));
data/suricata-5.0.3/src/detect-modbus.c:437:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->unit_id->min = atoi((const char*) arg);
data/suricata-5.0.3/src/detect-modbus.c:449:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modbus->unit_id->max = atoi((const char*) (arg+2));
data/suricata-5.0.3/src/detect-msg.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[slen + 1];
data/suricata-5.0.3/src/detect-nfs-procedure.c:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[2] = "";
data/suricata-5.0.3/src/detect-nfs-procedure.c:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value1[20] = "";
data/suricata-5.0.3/src/detect-nfs-procedure.c:215:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value2[20] = "";
data/suricata-5.0.3/src/detect-nfs-procedure.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range[3] = "";
data/suricata-5.0.3/src/detect-nfs-procedure.c:294:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dd->lo = atoi(value1); //TODO
data/suricata-5.0.3/src/detect-nfs-procedure.c:305:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dd->hi = atoi(value2); // TODO
data/suricata-5.0.3/src/detect-nfs-version.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[2] = "";
data/suricata-5.0.3/src/detect-nfs-version.c:205:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value1[20] = "";
data/suricata-5.0.3/src/detect-nfs-version.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value2[20] = "";
data/suricata-5.0.3/src/detect-nfs-version.c:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range[3] = "";
data/suricata-5.0.3/src/detect-nfs-version.c:285:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dd->lo = atoi(value1); //TODO
data/suricata-5.0.3/src/detect-nfs-version.c:296:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dd->hi = atoi(value2); // TODO
data/suricata-5.0.3/src/detect-parse.c:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char action[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char protocol[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char direction[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:109:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sp[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dp[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opts[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:1120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *index, dup[DETECT_MAX_RULE_SIZE];
data/suricata-5.0.3/src/detect-parse.c:1231:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[buffer_size];
data/suricata-5.0.3/src/detect-parse.c:1232:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[buffer_size];
data/suricata-5.0.3/src/detect-parse.c:1234:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input, parser->opts, strlen(parser->opts)+1);
data/suricata-5.0.3/src/detect-parse.c:1243:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input, output, buffer_size);
data/suricata-5.0.3/src/detect-parse.c:2420:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/suricata-5.0.3/src/detect-parse.c:2436:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/detect-parse.c:3366:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/detect-pcre.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char op_str[64] = "";
data/suricata-5.0.3/src/detect-pcre.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char re[slen];
data/suricata-5.0.3/src/detect-pcre.c:699:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_str[16] = "";
data/suricata-5.0.3/src/detect-pcre.c:701:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name_array[DETECT_PCRE_CAPTURE_MAX] = { NULL };
data/suricata-5.0.3/src/detect-pcre.c:765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char capture_str[cap_buffer_len];
data/suricata-5.0.3/src/detect-pcre.c:832:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char capture_names[1024] = "";
data/suricata-5.0.3/src/detect-priority.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_str[128] = "";
data/suricata-5.0.3/src/detect-reference.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[REFERENCE_SYSTEM_NAME_MAX] = "";
data/suricata-5.0.3/src/detect-reference.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[REFERENCE_CONTENT_NAME_MAX] = "";
data/suricata-5.0.3/src/detect-reference.c:146:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/suricata-5.0.3/src/detect-replace.c:149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ud->replace, content, len);
data/suricata-5.0.3/src/detect-replace.c:213:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(replist->found, replist->cd->replace, replist->cd->replace_len);
data/suricata-5.0.3/src/detect-replace.c:308:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pp, GET_PKT_DATA(p), GET_PKT_LEN(p));
data/suricata-5.0.3/src/detect-rpc.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[3] = {NULL,NULL,NULL};
data/suricata-5.0.3/src/detect-snmp-pdu_type.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value1[20] = "";
data/suricata-5.0.3/src/detect-snmp-version.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[2] = "";
data/suricata-5.0.3/src/detect-snmp-version.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value1[20] = "";
data/suricata-5.0.3/src/detect-ssl-state.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[64];
data/suricata-5.0.3/src/detect-ssl-state.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[64];
data/suricata-5.0.3/src/detect-ssl-version.c:221:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver_ptr[64];
data/suricata-5.0.3/src/detect-stream_size.c:248:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sd->ssize = (uint32_t)atoi(value);
data/suricata-5.0.3/src/detect-tag.c:265:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(real_td, &td, sizeof(DetectTagData));
data/suricata-5.0.3/src/detect-target.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[10];
data/suricata-5.0.3/src/detect-tcp-flags.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[16] = "";
data/suricata-5.0.3/src/detect-tcp-flags.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[16] = "";
data/suricata-5.0.3/src/detect-tcp-flags.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg3[16] = "";
data/suricata-5.0.3/src/detect-tcp-seq.c:270:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[2];
data/suricata-5.0.3/src/detect-tcp-window.c:126:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copy_str[128] = "";
data/suricata-5.0.3/src/detect-tcp-window.c:311:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[2];
data/suricata-5.0.3/src/detect-tcpmss.c:184:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcpmssd->arg1 = (uint16_t) atoi(arg3);
data/suricata-5.0.3/src/detect-tcpmss.c:196:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcpmssd->arg1 = (uint16_t) atoi(arg3);
data/suricata-5.0.3/src/detect-tcpmss.c:210:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcpmssd->arg1 = (uint16_t) atoi(arg1);
data/suricata-5.0.3/src/detect-tcpmss.c:212:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcpmssd->arg2 = (uint16_t) atoi(arg3);
data/suricata-5.0.3/src/detect-tcpmss.c:227:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcpmssd->arg1 = (uint16_t) atoi(arg1);
data/suricata-5.0.3/src/detect-tcpmss.c:237:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcpmssd->arg1 = (uint16_t) atoi(arg1);
data/suricata-5.0.3/src/detect-template.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[4] = "";
data/suricata-5.0.3/src/detect-template.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[4] = "";
data/suricata-5.0.3/src/detect-template.c:161:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
templated->arg1 = (uint8_t)atoi(arg1);
data/suricata-5.0.3/src/detect-template.c:162:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
templated->arg2 = (uint8_t)atoi(arg2);
data/suricata-5.0.3/src/detect-template2.c:190:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
template2d->arg1 = (uint8_t) atoi(arg3);
data/suricata-5.0.3/src/detect-template2.c:202:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
template2d->arg1 = (uint8_t) atoi(arg3);
data/suricata-5.0.3/src/detect-template2.c:216:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
template2d->arg1 = (uint8_t) atoi(arg1);
data/suricata-5.0.3/src/detect-template2.c:218:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
template2d->arg2 = (uint8_t) atoi(arg3);
data/suricata-5.0.3/src/detect-template2.c:233:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
template2d->arg1 = (uint8_t) atoi(arg1);
data/suricata-5.0.3/src/detect-template2.c:243:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
template2d->arg1 = (uint8_t) atoi(arg1);
data/suricata-5.0.3/src/detect-threshold.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[9] = { NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL };
data/suricata-5.0.3/src/detect-tls-cert-validity.c:281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[inlen + 1];
data/suricata-5.0.3/src/detect-tls-cert-validity.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[2] = "";
data/suricata-5.0.3/src/detect-tls-cert-validity.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value1[20] = "";
data/suricata-5.0.3/src/detect-tls-cert-validity.c:318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value2[20] = "";
data/suricata-5.0.3/src/detect-tls-cert-validity.c:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char range[3] = "";
data/suricata-5.0.3/src/detect-tls-version.c:167:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver_ptr[64];
data/suricata-5.0.3/src/detect-tos.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tosbytes_str[64] = "";
data/suricata-5.0.3/src/detect-tos.c:334:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[4];
data/suricata-5.0.3/src/detect-transform-dotprefix.c:113:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output[1], buffer->inspect, input_len);
data/suricata-5.0.3/src/detect-ttl.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[6] = "";
data/suricata-5.0.3/src/detect-ttl.c:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[6] = "";
data/suricata-5.0.3/src/detect-ttl.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg3[6] = "";
data/suricata-5.0.3/src/detect-ttl.c:184:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl1 = atoi(arg3);
data/suricata-5.0.3/src/detect-ttl.c:196:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl1 = atoi(arg3);
data/suricata-5.0.3/src/detect-ttl.c:208:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl1 = atoi(arg1);
data/suricata-5.0.3/src/detect-ttl.c:209:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl2 = atoi(arg3);
data/suricata-5.0.3/src/detect-ttl.c:225:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl1 = atoi(arg1);
data/suricata-5.0.3/src/detect-ttl.c:235:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ttl1 = atoi(arg1);
data/suricata-5.0.3/src/detect-urilen.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullstr[1024];
data/suricata-5.0.3/src/detect-xbits.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fb_cmd_str[16] = "", fb_name[256] = "";
data/suricata-5.0.3/src/detect-xbits.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hb_dir_str[16] = "";
data/suricata-5.0.3/src/detect-xbits.c:245:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expire_str[16] = "";
data/suricata-5.0.3/src/detect-xbits.c:252:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire = atoi(expire_str);
data/suricata-5.0.3/src/detect.c:1029:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _trace_buf[2048]; \
data/suricata-5.0.3/src/detect.h:607:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pname[32]; /**< name used in profiling */
data/suricata-5.0.3/src/detect.h:891:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_prefix[64];
data/suricata-5.0.3/src/flow-manager.c:918:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/flow-manager.c:1079:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/flow-manager.c:1438:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&backup, &flow_config, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow-manager.c:1471:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&flow_config, &backup, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow.c:1230:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&backup, &flow_config, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow.c:1258:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&flow_config, &backup, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow.c:1277:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&backup, &flow_config, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow.c:1305:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&flow_config, &backup, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow.c:1324:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&backup, &flow_config, sizeof(FlowConfig));
data/suricata-5.0.3/src/flow.c:1351:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&flow_config, &backup, sizeof(FlowConfig));
data/suricata-5.0.3/src/log-cf-common.c:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128] = {0};
data/suricata-5.0.3/src/log-cf-common.h:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[LOG_NODE_STRLEN]; /**< optional data. ie: http header name */
data/suricata-5.0.3/src/log-droplog.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/log-droplog.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = "";
data/suricata-5.0.3/src/log-droplog.c:205:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstip[46] = "";
data/suricata-5.0.3/src/log-filestore.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_logfile_base_dir[PATH_MAX] = "/tmp";
data/suricata-5.0.3/src/log-filestore.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_working_file_suffix[PATH_MAX] = ".tmp";
data/suricata-5.0.3/src/log-filestore.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char metafilename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:227:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(metafilename, "w+");
data/suricata-5.0.3/src/log-filestore.c:229:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/log-filestore.c:238:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46], dstip[46];
data/suricata-5.0.3/src/log-filestore.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_expression[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:300:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final_metafilename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:308:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char working_metafilename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:313:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(working_metafilename, "a");
data/suricata-5.0.3/src/log-filestore.c:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_expression[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:372:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:376:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char working_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:388:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final_metafilename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:392:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char working_metafilename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:410:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_expression[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:432:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-filestore.c:448:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ff->fd = open(filename, O_CREAT | O_TRUNC | O_NOFOLLOW | O_WRONLY, 0644);
data/suricata-5.0.3/src/log-filestore.c:455:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_fd = open(filename, O_CREAT | O_TRUNC | O_NOFOLLOW | O_WRONLY, 0644);
data/suricata-5.0.3/src/log-filestore.c:468:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_fd = open(filename, O_APPEND | O_NOFOLLOW | O_WRONLY);
data/suricata-5.0.3/src/log-httplog.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/suricata-5.0.3/src/log-httplog.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/log-httplog.c:392:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46], dstip[46];
data/suricata-5.0.3/src/log-pcap.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[PATH_MAX]; /**< pcap log directory */
data/suricata-5.0.3/src/log-pcap.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *filename_parts[MAX_TOKS];
data/suricata-5.0.3/src/log-pcap.c:412:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
comp->file = fopen(pl->filename, "w");
data/suricata-5.0.3/src/log-pcap.c:721:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/suricata-5.0.3/src/log-pcap.c:757:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[PATH_MAX];
data/suricata-5.0.3/src/log-pcap.c:782:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[PATH_MAX];
data/suricata-5.0.3/src/log-pcap.c:835:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/log-pcap.c:1069:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *toks[MAX_TOKS] = { NULL };
data/suricata-5.0.3/src/log-pcap.c:1071:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_FILENAMELEN] = "";
data/suricata-5.0.3/src/log-pcap.c:1570:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[32], dirfull[PATH_MAX] = "";
data/suricata-5.0.3/src/log-pcap.c:1633:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64] = "";
data/suricata-5.0.3/src/log-pcap.c:1719:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ticks_str[32] = "n/a";
data/suricata-5.0.3/src/log-pcap.c:1720:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cnt_str[32] = "n/a";
data/suricata-5.0.3/src/log-pcap.c:1721:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char avg_str[32] = "n/a";
data/suricata-5.0.3/src/log-pcap.c:1762:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_pcaplog_file_name, profiling_pcaplog_file_mode);
data/suricata-5.0.3/src/log-pcap.c:1790:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes_str[32];
data/suricata-5.0.3/src/log-pcap.c:1799:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ticks_per_mib_str[32] = "n/a";
data/suricata-5.0.3/src/log-pcap.c:1807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ticks_per_gib_str[32] = "n/a";
data/suricata-5.0.3/src/log-stats.c:115:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/suricata-5.0.3/src/log-stats.c:144:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/suricata-5.0.3/src/log-tcp-data.c:97:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = "", dstip[46] = "";
data/suricata-5.0.3/src/log-tcp-data.c:106:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/suricata-5.0.3/src/log-tcp-data.c:108:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tx[64] = { 0 };
data/suricata-5.0.3/src/log-tcp-data.c:119:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(name, mode);
data/suricata-5.0.3/src/log-tcp-data.c:140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = "", dstip[46] = "";
data/suricata-5.0.3/src/log-tcp-data.c:149:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[PATH_MAX];
data/suricata-5.0.3/src/log-tcp-data.c:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-tcp-data.c:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[32] = "";
data/suricata-5.0.3/src/log-tcp-data.c:291:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirfull[PATH_MAX];
data/suricata-5.0.3/src/log-tlslog.c:290:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssl_version[SSL_VERSION_MAX_STRLEN];
data/suricata-5.0.3/src/log-tlslog.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64] = {0};
data/suricata-5.0.3/src/log-tlslog.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/log-tlslog.c:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/suricata-5.0.3/src/log-tlslog.c:507:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[PRINT_BUF_LEN], dstip[PRINT_BUF_LEN];
data/suricata-5.0.3/src/log-tlsstore.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tls_logfile_base_dir[PATH_MAX] = "/tmp";
data/suricata-5.0.3/src/log-tlsstore.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/suricata-5.0.3/src/log-tlsstore.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX] = "";
data/suricata-5.0.3/src/log-tlsstore.c:114:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "w");
data/suricata-5.0.3/src/log-tlsstore.c:170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filename + (strlen(filename) - 3), "meta", 4);
data/suricata-5.0.3/src/log-tlsstore.c:171:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpmeta = fopen(filename, "w");
data/suricata-5.0.3/src/log-tlsstore.c:174:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[PRINT_BUF_LEN], dstip[PRINT_BUF_LEN];
data/suricata-5.0.3/src/log-tlsstore.c:175:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-filedata.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_waldo[PATH_MAX] = "";
data/suricata-5.0.3/src/output-filedata.c:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16] = "";
data/suricata-5.0.3/src/output-filedata.c:254:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(path, "r");
data/suricata-5.0.3/src/output-filedata.c:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[16] = "";
data/suricata-5.0.3/src/output-filedata.c:284:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(path, "w");
data/suricata-5.0.3/src/output-filestore.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[FILESTORE_PREFIX_MAX];
data/suricata-5.0.3/src/output-filestore.c:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpdir[FILESTORE_PREFIX_MAX];
data/suricata-5.0.3/src/output-filestore.c:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha256string[(SHA256_LENGTH * 2) + 1];
data/suricata-5.0.3/src/output-filestore.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/output-filestore.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char final_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/output-filestore.c:162:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char js_metadata_filename[PATH_MAX];
data/suricata-5.0.3/src/output-filestore.c:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX] = "";
data/suricata-5.0.3/src/output-filestore.c:201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_filename[PATH_MAX] = "";
data/suricata-5.0.3/src/output-filestore.c:207:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_fd = open(filename, O_CREAT | O_TRUNC | O_NOFOLLOW | O_WRONLY,
data/suricata-5.0.3/src/output-filestore.c:229:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_fd = open(filename, O_APPEND | O_NOFOLLOW | O_WRONLY);
data/suricata-5.0.3/src/output-filestore.c:354:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char leaf[PATH_MAX];
data/suricata-5.0.3/src/output-filestore.c:374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpdir[PATH_MAX];
data/suricata-5.0.3/src/output-filestore.c:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_directory[PATH_MAX] = "";
data/suricata-5.0.3/src/output-json-alert.c:572:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XFF_MAXLEN];
data/suricata-5.0.3/src/output-json-alert.c:619:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-anomaly.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2132:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->filename_size + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2133:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->filename, data->filename_size);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2144:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->data_size + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2145:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->data, data->data_size);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2168:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->username_size + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2169:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->username, data->username_size);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2178:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->password_size + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2179:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->password, data->password_size);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2210:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->filename_size + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2211:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->filename, data->filename_size);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2234:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->optional_text_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2235:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->optional_text, data->optional_text_len);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2252:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->file_data_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2253:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->file_data, data->file_data_len);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2272:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->optional_text_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2273:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->optional_text, data->optional_text_len);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2300:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->filename_size + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2301:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->filename, data->filename_size);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2314:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->file_specification_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2315:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->file_specification, data->file_specification_len);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2485:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->error_text_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2486:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->error_text, data->error_text_len);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2539:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->username_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2540:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->username, data->username_len);
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2571:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[data->username_len + 1];
data/suricata-5.0.3/src/output-json-dnp3-objects.c:2572:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, data->username, data->username_len);
data/suricata-5.0.3/src/output-json-email-common.c:142:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5[MD5_LENGTH];
data/suricata-5.0.3/src/output-json-email-common.c:143:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smd5[256];
data/suricata-5.0.3/src/output-json-email-common.c:162:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256];
data/suricata-5.0.3/src/output-json-file.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_string[filename_size];
data/suricata-5.0.3/src/output-json-file.c:171:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/output-json-file.c:180:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/output-json-file.c:203:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/output-json-file.c:225:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XFF_MAXLEN];
data/suricata-5.0.3/src/output-json-flow.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-flow.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = {0}, dstip[46] = {0};
data/suricata-5.0.3/src/output-json-flow.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16];
data/suricata-5.0.3/src/output-json-flow.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf1[64];
data/suricata-5.0.3/src/output-json-flow.c:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf2[64];
data/suricata-5.0.3/src/output-json-flow.c:319:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexflags[3];
data/suricata-5.0.3/src/output-json-http.c:207:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:226:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:236:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:245:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:256:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:266:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:337:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:346:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:354:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:362:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_string[status_size];
data/suricata-5.0.3/src/output-json-http.c:371:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[size];
data/suricata-5.0.3/src/output-json-http.c:385:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_SIZE_HEADER_NAME] = {0};
data/suricata-5.0.3/src/output-json-http.c:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_SIZE_HEADER_VALUE] = {0};
data/suricata-5.0.3/src/output-json-http.c:403:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, bstr_ptr(h->name), size_name);
data/suricata-5.0.3/src/output-json-http.c:408:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, bstr_ptr(h->value), size_value);
data/suricata-5.0.3/src/output-json-http.c:538:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[XFF_MAXLEN];
data/suricata-5.0.3/src/output-json-netflow.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-netflow.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = {0}, dstip[46] = {0};
data/suricata-5.0.3/src/output-json-netflow.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16];
data/suricata-5.0.3/src/output-json-netflow.c:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf1[64], timebuf2[64];
data/suricata-5.0.3/src/output-json-netflow.c:229:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexflags[3];
data/suricata-5.0.3/src/output-json-netflow.c:255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf1[64], timebuf2[64];
data/suricata-5.0.3/src/output-json-netflow.c:284:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexflags[3];
data/suricata-5.0.3/src/output-json-stats.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-stats.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[predot_len];
data/suricata-5.0.3/src/output-json-stats.c:242:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deltaname[strlen(shortname) + strlen(delta_suffix) + 1];
data/suricata-5.0.3/src/output-json-stats.c:269:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/suricata-5.0.3/src/output-json-stats.c:278:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deltaname[strlen(shortname) + strlen(delta_suffix) + 1];
data/suricata-5.0.3/src/output-json-stats.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-tls.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssl_version[SSL_VERSION_MAX_STRLEN];
data/suricata-5.0.3/src/output-json-tls.c:177:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json-tls.c:189:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retbuf[MAX_JSON_SIZE] = {0};
data/suricata-5.0.3/src/output-json.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[size + 1];
data/suricata-5.0.3/src/output-json.c:146:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuf, string, size);
data/suricata-5.0.3/src/output-json.c:457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = {0}, dstip[46] = {0};
data/suricata-5.0.3/src/output-json.c:459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16];
data/suricata-5.0.3/src/output-json.c:622:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char base64buf[64] = "1:";
data/suricata-5.0.3/src/output-json.c:668:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipv6.src, &f->src.addr_data32, 16);
data/suricata-5.0.3/src/output-json.c:669:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipv6.dst, &f->dst.addr_data32, 16);
data/suricata-5.0.3/src/output-json.c:673:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipv6.src, &f->dst.addr_data32, 16);
data/suricata-5.0.3/src/output-json.c:674:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ipv6.dst, &f->src.addr_data32, 16);
data/suricata-5.0.3/src/output-json.c:683:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char base64buf[64] = "1:";
data/suricata-5.0.3/src/output-json.c:713:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-json.c:987:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[1024];
data/suricata-5.0.3/src/output-lua.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX]; /**< contains script-dir */
data/suricata-5.0.3/src/output-lua.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-lua.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16] = "";
data/suricata-5.0.3/src/output-lua.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/output-lua.c:269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proto[16] = "";
data/suricata-5.0.3/src/output-lua.c:690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX] = "";
data/suricata-5.0.3/src/output-lua.c:774:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX] = "";
data/suricata-5.0.3/src/reputation.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptrs[2] = {NULL,NULL};
data/suricata-5.0.3/src/reputation.c:254:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int c = atoi(ptrs[0]);
data/suricata-5.0.3/src/reputation.c:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptrs[3] = {NULL,NULL,NULL};
data/suricata-5.0.3/src/reputation.c:308:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int c = atoi(ptrs[1]);
data/suricata-5.0.3/src/reputation.c:313:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(ptrs[2]);
data/suricata-5.0.3/src/reputation.c:338:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char srep_cat_table[SREP_MAX_CATS][SREP_SHORTNAME_LEN];
data/suricata-5.0.3/src/reputation.c:354:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/reputation.c:370:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8192] = "";
data/suricata-5.0.3/src/reputation.c:399:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortname[SREP_SHORTNAME_LEN];
data/suricata-5.0.3/src/reputation.c:420:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/reputation.c:437:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8192] = "";
data/suricata-5.0.3/src/reputation.c:468:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[16];
data/suricata-5.0.3/src/reputation.c:472:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[128];
data/suricata-5.0.3/src/respond-reject-libnet11.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[LIBNET_ERRBUF_SIZE];
data/suricata-5.0.3/src/respond-reject-libnet11.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[LIBNET_ERRBUF_SIZE];
data/suricata-5.0.3/src/respond-reject-libnet11.c:298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[LIBNET_ERRBUF_SIZE];
data/suricata-5.0.3/src/respond-reject-libnet11.c:341:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.src6.libnet_s6_addr, GET_IPV6_DST_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:342:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.dst6.libnet_s6_addr, GET_IPV6_SRC_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:353:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.src6.libnet_s6_addr, GET_IPV6_SRC_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:354:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.dst6.libnet_s6_addr, GET_IPV6_DST_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:421:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[LIBNET_ERRBUF_SIZE];
data/suricata-5.0.3/src/respond-reject-libnet11.c:444:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.src6.libnet_s6_addr, GET_IPV6_DST_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:445:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.dst6.libnet_s6_addr, GET_IPV6_SRC_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:448:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.src6.libnet_s6_addr, GET_IPV6_SRC_ADDR(p), 16);
data/suricata-5.0.3/src/respond-reject-libnet11.c:449:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpacket.dst6.libnet_s6_addr, GET_IPV6_DST_ADDR(p), 16);
data/suricata-5.0.3/src/runmode-af-packet.c:198:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
aconf->threads = atoi(threadsstr);
data/suricata-5.0.3/src/runmode-af-packet.c:293:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
aconf->cluster_id = (uint16_t)atoi(tmpclusterid);
data/suricata-5.0.3/src/runmode-af-packet.c:480:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ebt, &(aconf->ebpf_t_config), sizeof(struct ebpf_timeout_config));
data/suricata-5.0.3/src/runmode-erf-file.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/runmode-erf-file.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[TM_QUEUE_NAME_MAX];
data/suricata-5.0.3/src/runmode-napatech.c:172:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->stream_id = atoi(device + 2);
data/suricata-5.0.3/src/runmode-netmap.c:152:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns->threads = atoi(threadsstr);
data/suricata-5.0.3/src/runmode-netmap.c:291:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_name[sizeof(aconf->in.iface)];
data/suricata-5.0.3/src/runmode-pcap-file.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/runmode-pcap-file.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/runmode-pcap-file.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[TM_QUEUE_NAME_MAX];
data/suricata-5.0.3/src/runmode-pcap.c:147:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
aconf->threads = atoi(threadsstr);
data/suricata-5.0.3/src/runmode-pfring.c:126:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pfconf->threads = atoi(threadsstr);
data/suricata-5.0.3/src/runmode-pfring.c:144:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pfconf->cluster_id = (uint16_t)atoi(tmpclusterid);
data/suricata-5.0.3/src/runmode-pfring.c:258:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pfconf->threads = atoi(threadsstr);
data/suricata-5.0.3/src/runmode-pfring.c:270:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pfconf->cluster_id = (uint16_t)atoi(tmpclusterid);
data/suricata-5.0.3/src/runmode-pfring.c:286:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pfconf->cluster_id = (uint16_t)atoi(tmpclusterid);
data/suricata-5.0.3/src/runmode-unix-socket.c:528:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[32];
data/suricata-5.0.3/src/runmode-unix-socket.c:538:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[32];
data/suricata-5.0.3/src/runmode-unix-socket.c:549:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[16];
data/suricata-5.0.3/src/runmode-unix-socket.c:960:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/suricata-5.0.3/src/runmode-unix-socket.c:1034:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/suricata-5.0.3/src/runmode-unix-socket.c:1089:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[64];
data/suricata-5.0.3/src/runmode-unix-socket.c:1413:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[150];
data/suricata-5.0.3/src/runmode-unix-socket.c:1428:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memuse[50];
data/suricata-5.0.3/src/runmode-unix-socket.c:1464:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[50];
data/suricata-5.0.3/src/runmode-unix-socket.c:1509:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[50];
data/suricata-5.0.3/src/runmodes.c:629:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subname[256];
data/suricata-5.0.3/src/source-af-packet.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[AFP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-af-packet.c:296:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_iface[AFP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-af-packet.c:608:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(struct tpacket_auxdata))];
data/suricata-5.0.3/src/source-af-packet.c:762:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socket_address.sll_addr, p->ethh, 6);
data/suricata-5.0.3/src/source-af-packet.c:1301:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(struct tpacket_auxdata))];
data/suricata-5.0.3/src/source-af-packet.c:2267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE];
data/suricata-5.0.3/src/source-af-packet.h:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[AFP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-af-packet.h:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[AFP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-erf-dag.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dagname[DAGNAME_BUFSIZE];
data/suricata-5.0.3/src/source-erf-file.c:221:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *erf = fopen((const char *)initdata, "r");
data/suricata-5.0.3/src/source-napatech.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string0[16];
data/suricata-5.0.3/src/source-napatech.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string1[16];
data/suricata-5.0.3/src/source-napatech.c:227:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string2[16];
data/suricata-5.0.3/src/source-napatech.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string3[16];
data/suricata-5.0.3/src/source-napatech.c:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buffer[100];
data/suricata-5.0.3/src/source-netmap.c:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[32];
data/suricata-5.0.3/src/source-netmap.c:194:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/netmap", O_RDWR);
data/suricata-5.0.3/src/source-netmap.c:237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_name[IFNAMSIZ];
data/suricata-5.0.3/src/source-netmap.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char optstr[16];
data/suricata-5.0.3/src/source-netmap.c:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[128];
data/suricata-5.0.3/src/source-netmap.c:477:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE];
data/suricata-5.0.3/src/source-netmap.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[NETMAP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-netmap.h:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface_name[NETMAP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-nflog.h:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numgroup[NFLOG_GROUP_NAME_LENGTH];
data/suricata-5.0.3/src/source-nfq.c:821:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char queue[10] = { 0 };
data/suricata-5.0.3/src/source-pcap-file-directory-helper.c:331:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuff[PATH_MAX] = {0};
data/suricata-5.0.3/src/source-pcap-file-helper.c:109:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcap_filename[PATH_MAX] = "unknown";
data/suricata-5.0.3/src/source-pcap-file-helper.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE] = "";
data/suricata-5.0.3/src/source-pcap.c:365:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE];
data/suricata-5.0.3/src/source-pcap.c:625:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE];
data/suricata-5.0.3/src/source-pcap.h:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[PCAP_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-pfring.h:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[PFRING_IFACE_NAME_LENGTH];
data/suricata-5.0.3/src/source-windivert.c:330:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wd_num_str[6];
data/suricata-5.0.3/src/source-windivert.h:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter_str[WINDIVERT_FILTER_MAXLEN + 1];
data/suricata-5.0.3/src/stream-tcp-inline.c:152:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->payload+poff, seg_data+toff, range);
data/suricata-5.0.3/src/stream-tcp-list.c:405:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + seg_offset, list_data + list_offset, list_len);
data/suricata-5.0.3/src/stream-tcp-list.c:510:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, p->payload, p->payload_len);
data/suricata-5.0.3/src/stream-tcp-sack.c:258:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rec, data, sizeof(TCPOptSackRecord) * records);
data/suricata-5.0.3/src/stream-tcp.c:6147:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&np->ts, &parent->ts, sizeof(struct timeval));
data/suricata-5.0.3/src/stream-tcp.c:7322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conf_var_type_name[15] = "host-os-policy";
data/suricata-5.0.3/src/stream-tcp.c:7377:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/stream-tcp.c:7779:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/stream-tcp.c:7946:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/stream-tcp.c:8116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/stream-tcp.c:8272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/stream-tcp.c:8321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/stream-tcp.c:8373:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "linux";
data/suricata-5.0.3/src/stream-tcp.c:8425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "linux";
data/suricata-5.0.3/src/stream-tcp.c:8477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_policy_name[10] = "windows";
data/suricata-5.0.3/src/suricata.c:528:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename,"r");
data/suricata-5.0.3/src/suricata.c:688:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char features[2048] = "";
data/suricata-5.0.3/src/suricata.c:2182:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/suricata-5.0.3/src/suricata.c:2546:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev[128]; /* need to be able to support GUID names on Windows */
data/suricata-5.0.3/src/suricata.h:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcap_dev[128];
data/suricata-5.0.3/src/tests/detect-engine-content-inspection.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rule[2048]; \
data/suricata-5.0.3/src/tests/detect-http-client-body.c:728:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(http_buf + i * strlen(request_buffer), request_buffer,
data/suricata-5.0.3/src/tests/reputation.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[16];
data/suricata-5.0.3/src/tests/reputation.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortname[SREP_SHORTNAME_LEN];
data/suricata-5.0.3/src/threads.h:268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[16] = ""; \
data/suricata-5.0.3/src/threads.h:289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[THREAD_NAME_LEN + 1] = ""; \
data/suricata-5.0.3/src/threadvars.h:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/suricata-5.0.3/src/unix-manager.c:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sockettarget[PATH_MAX];
data/suricata-5.0.3/src/unix-manager.c:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[UNIX_PROTO_VERSION_LENGTH + 1];
data/suricata-5.0.3/src/unix-manager.c:547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/suricata-5.0.3/src/util-action.c:451:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:522:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:594:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:667:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:737:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:806:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:881:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:950:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1014:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1078:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1147:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1222:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1297:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1366:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1441:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-action.c:1516:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *sigs[3];
data/suricata-5.0.3/src/util-affinity.c:283:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
taf->nb_threads = atoi(node->val);
data/suricata-5.0.3/src/util-buffer.h:144:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((dst)->buffer + (dst)->offset, (raw_buffer), write_len); \
data/suricata-5.0.3/src/util-byte.c:59:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, bytes, nbytes);
data/suricata-5.0.3/src/util-byte.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[n];
data/suricata-5.0.3/src/util-byte.c:103:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string, bytes, nbytes);
data/suricata-5.0.3/src/util-byte.c:197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[24];
data/suricata-5.0.3/src/util-byte.c:206:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strbuf, str, len);
data/suricata-5.0.3/src/util-byte.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuf[24];
data/suricata-5.0.3/src/util-byte.c:325:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strbuf, str, len);
data/suricata-5.0.3/src/util-classification-config.c:134:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd = fopen(filename, "r")) == NULL) {
data/suricata-5.0.3/src/util-classification-config.c:163:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_value[256];
data/suricata-5.0.3/src/util-classification-config.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct_name[CLASSTYPE_NAME_MAX_LEN];
data/suricata-5.0.3/src/util-classification-config.c:245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct_desc[CLASSTYPE_DESC_MAX_LEN];
data/suricata-5.0.3/src/util-classification-config.c:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct_priority_str[16];
data/suricata-5.0.3/src/util-classification-config.c:288:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ct_priority = atoi(ct_priority_str);
data/suricata-5.0.3/src/util-classification-config.c:352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/suricata-5.0.3/src/util-classification-config.c:562:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[strlen(ct_name) + 1];
data/suricata-5.0.3/src/util-conf.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[size];
data/suricata-5.0.3/src/util-cpu.c:80:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nprocs = (NULL != envvar) ? atoi(envvar) : 0;
data/suricata-5.0.3/src/util-crypt.c:159:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md-> sha1 .buf + md-> sha1.curlen, in, (size_t)n);
data/suricata-5.0.3/src/util-crypt.h:72:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/suricata-5.0.3/src/util-crypt.h:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[1];
data/suricata-5.0.3/src/util-daemon.c:89:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open("/dev/null", O_RDWR);
data/suricata-5.0.3/src/util-debug.c:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/util-debug.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char local_format[strlen(log_format) + 1];
data/suricata-5.0.3/src/util-debug.c:523:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
op_iface_ctx->file_d = fopen(op_iface_ctx->file, "a");
data/suricata-5.0.3/src/util-debug.c:545:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[SC_LOG_MAX_LOG_MSG_LEN] = "";
data/suricata-5.0.3/src/util-debug.c:717:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (iface_ctx->file_d = fopen(file, "a")) == NULL) {
data/suricata-5.0.3/src/util-debug.c:1671:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[4096];
data/suricata-5.0.3/src/util-debug.h:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[SC_LOG_MAX_LOG_MSG_LEN];
data/suricata-5.0.3/src/util-debug.h:217:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _sc_log_msg[SC_LOG_MAX_LOG_MSG_LEN]; \
data/suricata-5.0.3/src/util-debug.h:236:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _sc_log_msg[SC_LOG_MAX_LOG_MSG_LEN]; \
data/suricata-5.0.3/src/util-decode-der-get.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yy[3];
data/suricata-5.0.3/src/util-decode-der-get.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/suricata-5.0.3/src/util-decode-der-get.c:269:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/suricata-5.0.3/src/util-decode-der.c:510:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a->str, (const char*)d_ptr, length);
data/suricata-5.0.3/src/util-decode-der.c:655:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a->str, (const char*)d_ptr, length);
data/suricata-5.0.3/src/util-decode-der.c:718:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a->str, (const char*)d_ptr, length);
data/suricata-5.0.3/src/util-decode-der.c:789:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a->str, (const char*)d_ptr, length);
data/suricata-5.0.3/src/util-decode-der.c:1046:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/util-decode-mime.c:659:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val + offset, curr->value, curr->value_len);
data/suricata-5.0.3/src/util-decode-mime.c:665:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val + offset, CRLF, 2);
data/suricata-5.0.3/src/util-decode-mime.c:912:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempIp[MAX_IP4_CHARS + 1];
data/suricata-5.0.3/src/util-decode-mime.c:929:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempIp, urlhost, i);
data/suricata-5.0.3/src/util-decode-mime.c:950:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempIp[MAX_IP6_CHARS + 1];
data/suricata-5.0.3/src/util-decode-mime.c:966:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tempIp, urlhost, i);
data/suricata-5.0.3/src/util-decode-mime.c:1221:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->bvremain + state->bvr_len, buf, remainder);
data/suricata-5.0.3/src/util-decode-mime.c:1317:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->bvremain, buf + (len - rem2), rem2);
data/suricata-5.0.3/src/util-decode-mime.c:1453:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->data_chunk + state->data_chunk_len, CRLF, EOL_LEN);
data/suricata-5.0.3/src/util-decode-mime.c:1491:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->data_chunk + state->data_chunk_len,
data/suricata-5.0.3/src/util-decode-mime.c:1576:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->data_chunk + state->data_chunk_len, buf + offset, tobuf);
data/suricata-5.0.3/src/util-decode-mime.c:1581:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->data_chunk + state->data_chunk_len, CRLF, EOL_LEN);
data/suricata-5.0.3/src/util-decode-mime.c:1747:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dv->value, buf, vlen);
data/suricata-5.0.3/src/util-decode-mime.c:1786:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->hname, hname, hlen);
data/suricata-5.0.3/src/util-decode-mime.c:1817:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->hvalue->value, hval, vlen);
data/suricata-5.0.3/src/util-decode-mime.c:1948:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entity->filename, bptr, blen);
data/suricata-5.0.3/src/util-decode-mime.c:1978:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->stack->top->bdef, bptr, blen);
data/suricata-5.0.3/src/util-decode-mime.c:1996:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entity->filename, bptr, blen);
data/suricata-5.0.3/src/util-decode-mime.c:2322:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, "--", 2);
data/suricata-5.0.3/src/util-decode-mime.c:2323:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + 2, node->bdef, node->bdef_len);
data/suricata-5.0.3/src/util-decode-mime.c:2699:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/suricata-5.0.3/src/util-device.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_short[MAX_DEVNAME + 1];
data/suricata-5.0.3/src/util-ebpf.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[IFNAMSIZ];
data/suricata-5.0.3/src/util-ebpf.c:90:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pinnedpath[PATH_MAX];
data/suricata-5.0.3/src/util-ebpf.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pinnedpath[1024];
data/suricata-5.0.3/src/util-ebpf.c:347:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_buf[128];
data/suricata-5.0.3/src/util-ebpf.c:395:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[129];
data/suricata-5.0.3/src/util-ebpf.c:434:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/suricata-5.0.3/src/util-ebpf.c:489:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[129];
data/suricata-5.0.3/src/util-ebpf.c:544:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mkey, key, skey);
data/suricata-5.0.3/src/util-ebpf.c:573:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mkey, key, skey);
data/suricata-5.0.3/src/util-file-decompression.c:150:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out_buffer->buf + 4, &decompressed_swf_len, 4);
data/suricata-5.0.3/src/util-file-decompression.c:176:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(compressed_data, buffer + 12, 5);
data/suricata-5.0.3/src/util-file-decompression.c:180:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(compressed_data + 13, buffer + offset, compressed_data_len - 13);
data/suricata-5.0.3/src/util-file.c:486:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new->name, name, name_len);
data/suricata-5.0.3/src/util-fmemopen.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temppath[MAX_PATH - 13];
data/suricata-5.0.3/src/util-fmemopen.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH + 1];
data/suricata-5.0.3/src/util-fmemopen.c:61:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename, "wb");
data/suricata-5.0.3/src/util-fmemopen.c:68:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(filename, mode);
data/suricata-5.0.3/src/util-host-info.c:86:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kmajor = atoi(list[1]);
data/suricata-5.0.3/src/util-host-info.c:87:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kminor = atoi(list[2]);
data/suricata-5.0.3/src/util-host-os-info.c:189:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
netmask_value = atoi(netmask_str);
data/suricata-5.0.3/src/util-host-os-info.c:215:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
netmask_value = atoi(netmask_str);
data/suricata-5.0.3/src/util-ip.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[4][4];
data/suricata-5.0.3/src/util-ip.c:68:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int a = atoi(addr[x]);
data/suricata-5.0.3/src/util-ja3.c:238:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5[MD5_LENGTH];
data/suricata-5.0.3/src/util-log-redis.c:517:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
log_ctx->redis_setup.port = atoi(redis_port);
data/suricata-5.0.3/src/util-logopenfile.c:274:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ret = fopen(filename, "a");
data/suricata-5.0.3/src/util-logopenfile.c:276:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ret = fopen(filename, "w");
data/suricata-5.0.3/src/util-logopenfile.c:310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_path[PATH_MAX];
data/suricata-5.0.3/src/util-lua-common.c:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/util-lua-common.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/util-lua-common.c:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = "", dstip[46] = "";
data/suricata-5.0.3/src/util-lua-common.c:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcip[46] = "", dstip[46] = "";
data/suricata-5.0.3/src/util-lua-common.c:719:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5[33] = "";
data/suricata-5.0.3/src/util-lua-common.c:724:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char one[3] = "";
data/suricata-5.0.3/src/util-lua-common.c:729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha1[41] = "";
data/suricata-5.0.3/src/util-lua-common.c:734:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char one[3] = "";
data/suricata-5.0.3/src/util-lua-common.c:739:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha256[65] = "";
data/suricata-5.0.3/src/util-lua-common.c:744:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char one[3] = "";
data/suricata-5.0.3/src/util-lua-dns.c:99:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rcode_str[16] = "";
data/suricata-5.0.3/src/util-lua-tls.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssl_version[SSL_VERSION_MAX_STRLEN];
data/suricata-5.0.3/src/util-lua-tls.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssl_version[SSL_VERSION_MAX_STRLEN];
data/suricata-5.0.3/src/util-lua.c:289:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, input, input_len);
data/suricata-5.0.3/src/util-magic.c:76:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd = fopen(filename, "r")) == NULL) {
data/suricata-5.0.3/src/util-memcmp.h:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char scmemcmp_uppercase[16] __attribute__((aligned(16))) = {
data/suricata-5.0.3/src/util-misc.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/suricata-5.0.3/src/util-misc.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[128];
data/suricata-5.0.3/src/util-misc.c:239:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2] = "";
data/suricata-5.0.3/src/util-mpm-ac-bs.c:746:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_loc, temp_states, k * sizeof(SC_AC_BS_STATE_TYPE_U16));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:820:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr_loc, temp_states, k * sizeof(SC_AC_BS_STATE_TYPE_U32));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:940:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->pid_pat_list[ctx->parray[i]->id].cs,
data/suricata-5.0.3/src/util-mpm-ac-ks.c:846:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(search_ctx->translate_table, ctx->translate_table, sizeof(ctx->translate_table));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:944:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string_space, ctx->parray[i]->original_pat, len);
data/suricata-5.0.3/src/util-mpm-ac.c:826:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->pid_pat_list[ctx->parray[i]->id].cs,
data/suricata-5.0.3/src/util-mpm-hs.c:309:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->original_pat, pat, patlen);
data/suricata-5.0.3/src/util-mpm.c:529:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->original_pat, pat, patlen);
data/suricata-5.0.3/src/util-mpm.c:552:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->cs, pat, patlen);
data/suricata-5.0.3/src/util-napatech.c:75:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80]; // Error buffer
data/suricata-5.0.3/src/util-napatech.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buffer[80]; // Error buffer
data/suricata-5.0.3/src/util-napatech.c:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buffer[80]; // Error buffer
data/suricata-5.0.3/src/util-napatech.c:370:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copystr[16];
data/suricata-5.0.3/src/util-napatech.c:373:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(copystr);
data/suricata-5.0.3/src/util-napatech.c:374:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end = atoi(strchr(copystr, '-') + 1);
data/suricata-5.0.3/src/util-napatech.c:398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buffer[80]; // Error buffer
data/suricata-5.0.3/src/util-napatech.c:518:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copystr[16];
data/suricata-5.0.3/src/util-napatech.c:521:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(copystr);
data/suricata-5.0.3/src/util-napatech.c:522:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end = atoi(strchr(copystr, '-') + 1);
data/suricata-5.0.3/src/util-napatech.c:531:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stream_config[instance_cnt].stream_id = atoi(stream->val);
data/suricata-5.0.3/src/util-napatech.c:592:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buffer[NT_ERRBUF_SIZE]; // Error buffer
data/suricata-5.0.3/src/util-napatech.c:654:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pktCntStr[4096];
data/suricata-5.0.3/src/util-napatech.c:835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntpl_cmd[64];
data/suricata-5.0.3/src/util-napatech.c:862:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntpl_cmd[64];
data/suricata-5.0.3/src/util-napatech.c:904:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pktCntStr[4096];
data/suricata-5.0.3/src/util-napatech.c:929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ports_spec[PORTS_SPEC_SIZE];
data/suricata-5.0.3/src/util-napatech.c:934:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntpl_cmd[128];
data/suricata-5.0.3/src/util-napatech.c:979:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copystr[16];
data/suricata-5.0.3/src/util-napatech.c:982:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(copystr);
data/suricata-5.0.3/src/util-napatech.c:983:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end = atoi(strchr(copystr, '-') + 1);
data/suricata-5.0.3/src/util-napatech.c:1000:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[PORTS_SPEC_SIZE];
data/suricata-5.0.3/src/util-napatech.c:1034:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp1[256];
data/suricata-5.0.3/src/util-napatech.c:1035:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp2[256];
data/suricata-5.0.3/src/util-napatech.c:1056:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ntpl_cmd[64];
data/suricata-5.0.3/src/util-napatech.h:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorBuffer[1024]; \
data/suricata-5.0.3/src/util-napatech.h:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorBuffer[1024]; \
data/suricata-5.0.3/src/util-path.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[PATH_MAX];
data/suricata-5.0.3/src/util-pidfile.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[16];
data/suricata-5.0.3/src/util-pidfile.c:54:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pidfd = open(pidfile, O_CREAT | O_TRUNC | O_NOFOLLOW | O_WRONLY, 0644);
data/suricata-5.0.3/src/util-pidfile.c:112:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pf = fopen(pid_filename, "r");
data/suricata-5.0.3/src/util-print.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[BUFFER_LENGTH] = "";
data/suricata-5.0.3/src/util-print.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[BUFFER_LENGTH] = "";
data/suricata-5.0.3/src/util-print.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_part[6];
data/suricata-5.0.3/src/util-print.c:249:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x, src, 16);
data/suricata-5.0.3/src/util-print.c:276:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_src, src, sizeof(struct in_addr));
data/suricata-5.0.3/src/util-privs.c:160:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
userid = atoi(user_name);
data/suricata-5.0.3/src/util-privs.c:182:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
groupid = atoi(group_name);
data/suricata-5.0.3/src/util-privs.c:222:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
grpid = atoi(group_name);
data/suricata-5.0.3/src/util-profiling-keywords.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profiling_file_name[PATH_MAX];
data/suricata-5.0.3/src/util-profiling-keywords.c:168:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_file_name, profiling_file_mode);
data/suricata-5.0.3/src/util-profiling-locks.c:161:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_locks_file_name, profiling_locks_file_mode);
data/suricata-5.0.3/src/util-profiling-locks.c:202:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128] = "";
data/suricata-5.0.3/src/util-profiling-prefilter.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profiling_file_name[PATH_MAX];
data/suricata-5.0.3/src/util-profiling-prefilter.c:147:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_file_name, profiling_file_mode);
data/suricata-5.0.3/src/util-profiling-rulegroups.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profiling_file_name[PATH_MAX];
data/suricata-5.0.3/src/util-profiling-rulegroups.c:105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/util-profiling-rulegroups.c:236:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_file_name, profiling_file_mode);
data/suricata-5.0.3/src/util-profiling-rules.c:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profiling_file_name[PATH_MAX] = "";
data/suricata-5.0.3/src/util-profiling-rules.c:295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[64];
data/suricata-5.0.3/src/util-profiling-rules.c:431:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_file_name, profiling_file_mode);
data/suricata-5.0.3/src/util-profiling.c:107:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char profiling_packets_file_name[PATH_MAX];
data/suricata-5.0.3/src/util-profiling.c:216:41: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
packet_profile_csv_fp = fopen(profiling_csv_file_name, "w");
data/suricata-5.0.3/src/util-profiling.c:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char totalstr[256];
data/suricata-5.0.3/src/util-profiling.c:356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char totalstr[256];
data/suricata-5.0.3/src/util-profiling.c:363:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(profiling_packets_file_name, profiling_packets_file_mode);
data/suricata-5.0.3/src/util-proto-name.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *known_proto[256];
data/suricata-5.0.3/src/util-proto-name.c:46:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(PROTO_FILE,"r");
data/suricata-5.0.3/src/util-proto-name.c:48:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[200];
data/suricata-5.0.3/src/util-proto-name.c:63:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int proto = atoi(proto_ch);
data/suricata-5.0.3/src/util-proto-name.h:35:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char *known_proto[256];
data/suricata-5.0.3/src/util-radix-tree.c:154:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(prefix->stream, key_stream, key_bitlen / 8);
data/suricata-5.0.3/src/util-radix-tree.c:940:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_str[32]; /* Max length for full ipv4/mask string with NUL */
data/suricata-5.0.3/src/util-radix-tree.c:959:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cidr = atoi(mask_str);
data/suricata-5.0.3/src/util-radix-tree.c:988:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_str[80]; /* Max length for full ipv6/mask string with NUL */
data/suricata-5.0.3/src/util-radix-tree.c:1007:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cidr = atoi(mask_str);
data/suricata-5.0.3/src/util-radix-tree.c:1418:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_stream, key_stream, key_bitlen / 8);
data/suricata-5.0.3/src/util-reference-config.c:126:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = fopen(filename, "r")) == NULL) {
data/suricata-5.0.3/src/util-reference-config.c:155:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_value[256];
data/suricata-5.0.3/src/util-reference-config.c:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char system[REFERENCE_SYSTEM_NAME_MAX];
data/suricata-5.0.3/src/util-reference-config.c:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[REFERENCE_CONTENT_NAME_MAX];
data/suricata-5.0.3/src/util-reference-config.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/suricata-5.0.3/src/util-rohash.c:166:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)item + sizeof(ROHashTableItem), value, table->item_size);
data/suricata-5.0.3/src/util-rohash.c:237:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(table->data + offset, (void *)item + sizeof(*item), table->item_size);
data/suricata-5.0.3/src/util-rule-vars.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conf_var_full_name[2048];
data/suricata-5.0.3/src/util-runmodes.c:66:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[TM_QUEUE_NAME_MAX];
data/suricata-5.0.3/src/util-runmodes.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/util-runmodes.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[TM_QUEUE_NAME_MAX];
data/suricata-5.0.3/src/util-runmodes.c:302:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/util-runmodes.c:449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/util-runmodes.c:450:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qname[TM_QUEUE_NAME_MAX];
data/suricata-5.0.3/src/util-runmodes.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[TM_THREAD_NAME_MAX];
data/suricata-5.0.3/src/util-spm-bm.c:416:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sctx->needle, needle, needle_len);
data/suricata-5.0.3/src/util-spm.c:398:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(needle, in_needle, needlelen);
data/suricata-5.0.3/src/util-spm.c:551:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(needle, in_needle, needlelen);
data/suricata-5.0.3/src/util-spm.c:763:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *text[26][27];
data/suricata-5.0.3/src/util-spm.c:1142:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *needle[26];
data/suricata-5.0.3/src/util-spm.c:1199:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *text[26][27];
data/suricata-5.0.3/src/util-spm.c:1578:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *needle[26];
data/suricata-5.0.3/src/util-spm.c:1636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:1654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:1704:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:1722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:1770:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:1788:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:1838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:1857:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:1913:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:1931:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:1979:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:1986:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2022:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2029:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2068:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2086:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2245:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2376:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2419:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[16];
data/suricata-5.0.3/src/util-spm.c:2426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *needle[16];
data/suricata-5.0.3/src/util-spm.c:2636:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(haystack + prefix, d.needle, d.needle_len);
data/suricata-5.0.3/src/util-streaming-buffer.c:562:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sb->buf + sb->buf_offset, data, data_len);
data/suricata-5.0.3/src/util-streaming-buffer.c:604:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sb->buf + sb->buf_offset, data, data_len);
data/suricata-5.0.3/src/util-streaming-buffer.c:645:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sb->buf + sb->buf_offset, data, data_len);
data/suricata-5.0.3/src/util-streaming-buffer.c:690:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sb->buf + rel_offset, data, data_len);
data/suricata-5.0.3/src/util-strptime.c:70:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const nast[5] = {
data/suricata-5.0.3/src/util-strptime.c:73:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const nadt[5] = {
data/suricata-5.0.3/src/util-strptime.c:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const am_pm[2] = {
data/suricata-5.0.3/src/util-strptime.c:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const day[7] = {
data/suricata-5.0.3/src/util-strptime.c:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const abday[7] = {
data/suricata-5.0.3/src/util-strptime.c:85:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const mon[12] = {
data/suricata-5.0.3/src/util-strptime.c:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const abmon[12] = {
data/suricata-5.0.3/src/util-thash.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[256];
data/suricata-5.0.3/src/util-thash.c:397:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_string[1024] = "";
data/suricata-5.0.3/src/util-threshold-config.c:204:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_value[256];
data/suricata-5.0.3/src/util-threshold-config.c:247:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd = fopen(filename, "r")) == NULL) {
data/suricata-5.0.3/src/util-threshold-config.c:678:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char th_rule_type[32];
data/suricata-5.0.3/src/util-threshold-config.c:679:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char th_gid[16];
data/suricata-5.0.3/src/util-threshold-config.c:680:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char th_sid[16];
data/suricata-5.0.3/src/util-threshold-config.c:681:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rule_extend[1024];
data/suricata-5.0.3/src/util-threshold-config.c:1104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8192] = "";
data/suricata-5.0.3/src/util-time.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_fmt[64] = { 0 };
data/suricata-5.0.3/src/util-time.c:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_fmt[64] = { 0 };
data/suricata-5.0.3/src/util-time.c:280:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static __thread char cached_local_time[2][MAX_LOCAL_TIME_STRING];
data/suricata-5.0.3/src/util-time.c:344:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, &cached_local_tm[mru], sizeof(struct tm));
data/suricata-5.0.3/src/util-time.c:407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, cached_str, cached_len);
data/suricata-5.0.3/src/util-time.c:529:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PATH_MAX] = { 0 };
data/suricata-5.0.3/src/util-var-name.c:279:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newvar, var, sizeof(*newvar));
data/suricata-5.0.3/src/util-var.h:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var_name[256];
data/suricata-5.0.3/src/win32-misc.c:64:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&in.sin_addr, src, sizeof(struct in_addr));
data/suricata-5.0.3/src/win32-misc.c:73:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&in6.sin6_addr, src, sizeof(struct in_addr6));
data/suricata-5.0.3/src/win32-misc.c:104:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &in->sin_addr, 4);
data/suricata-5.0.3/src/win32-misc.c:108:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &in6->sin6_addr, 16);
data/suricata-5.0.3/src/win32-service.c:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/suricata-5.0.3/src/win32-service.c:337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048];
data/suricata-5.0.3/src/win32-syscall.c:176:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t buf[20];
data/suricata-5.0.3/src/alert-fastlog.c:271:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/alert-fastlog.c:315:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/alert-prelude.c:498:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = prelude_string_ncat(p_str, meaning, strlen(meaning));
data/suricata-5.0.3/src/alert-prelude.c:510:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = prelude_string_ncat(p_str, data, strlen(data));
data/suricata-5.0.3/src/app-layer-dcerpc.c:117:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(hexstr, bytestr, sizeof(hexstr)-strlen(hexstr)-1);
data/suricata-5.0.3/src/app-layer-dcerpc.c:121:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(charstr, bytestr, sizeof(charstr)-strlen(charstr)-1);
data/suricata-5.0.3/src/app-layer-dcerpc.c:130:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(hexstr, " ", sizeof(hexstr)-strlen(hexstr)-1);
data/suricata-5.0.3/src/app-layer-dcerpc.c:131:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(charstr, " ", sizeof(charstr)-strlen(charstr)-1);
data/suricata-5.0.3/src/app-layer-dcerpc.c:136:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hexstr) > 0) {
data/suricata-5.0.3/src/app-layer-detect-proto.c:2054:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(alpd_ctx.alproto_names[a]) == strlen(alproto_name) &&
data/suricata-5.0.3/src/app-layer-detect-proto.c:2054:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(alpd_ctx.alproto_names[a]) == strlen(alproto_name) &&
data/suricata-5.0.3/src/app-layer-detect-proto.c:2055:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(SCMemcmp(alpd_ctx.alproto_names[a], alproto_name, strlen(alproto_name)) == 0))
data/suricata-5.0.3/src/app-layer-dnp3.c:261:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return BasicSearch(input, len, (uint8_t *)banner, strlen(banner)) != NULL;
data/suricata-5.0.3/src/app-layer-htp-xff.c:52:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(input);
data/suricata-5.0.3/src/app-layer-htp.c:641:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(htp_warnings[idx].msg)) == 0)
data/suricata-5.0.3/src/app-layer-htp.c:666:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(htp_errors[idx].msg)) == 0)
data/suricata-5.0.3/src/app-layer-htp.c:2662:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p->val) == 1) {
data/suricata-5.0.3/src/app-layer-htp.c:3139:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ALPROTO_HTTP, method_buffer, strlen(method_buffer)-3, 0, STREAM_TOSERVER);
data/suricata-5.0.3/src/app-layer-htp.c:3149:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ALPROTO_HTTP, versions[versions_pos], strlen(versions[versions_pos]),
data/suricata-5.0.3/src/app-layer-htp.c:3947:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:4032:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:4435:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PrintRawUriFp(stdout, (uint8_t *)value, strlen(value));
data/suricata-5.0.3/src/app-layer-htp.c:4479:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:4659:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:4764:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:4893:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:4964:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5133:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5300:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5437:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5547:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5657:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5768:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5876:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:5985:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:6143:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:6235:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:6251:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t o = strlen(httpbuf);
data/suricata-5.0.3/src/app-layer-htp.c:6335:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-htp.c:6352:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t o = strlen(httpbuf);
data/suricata-5.0.3/src/app-layer-htp.c:7177:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER | STREAM_START, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7180:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7183:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7186:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7189:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7192:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7195:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7198:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7203:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT | STREAM_START, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7206:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7209:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7212:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7215:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7218:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7221:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7224:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7237:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOSERVER | STREAM_EOF, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7248:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STREAM_TOCLIENT | STREAM_EOF, (uint8_t *)str, strlen(str));
data/suricata-5.0.3/src/app-layer-htp.c:7283:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/app-layer-modbus.c:598:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ModbusExtractUint16(modbus, &(tx->read.address), input, input_len, offset))
data/suricata-5.0.3/src/app-layer-modbus.c:602:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ModbusExtractUint16(modbus, &(tx->read.quantity), input, input_len, offset))
data/suricata-5.0.3/src/app-layer-modbus.c:604:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
quantity = tx->read.quantity;
data/suricata-5.0.3/src/app-layer-modbus.c:657:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(count != CEIL(tx->read.quantity)))
data/suricata-5.0.3/src/app-layer-modbus.c:662:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(count != (2 * (tx->read.quantity))))
data/suricata-5.0.3/src/app-layer-modbus.c:1812:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.address == 0x7890);
data/suricata-5.0.3/src/app-layer-modbus.c:1813:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.quantity == 19);
data/suricata-5.0.3/src/app-layer-modbus.c:1941:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.address == 0x03);
data/suricata-5.0.3/src/app-layer-modbus.c:1942:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.quantity == 6);
data/suricata-5.0.3/src/app-layer-modbus.c:2294:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.address == 0x7890);
data/suricata-5.0.3/src/app-layer-modbus.c:2295:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.quantity == 19);
data/suricata-5.0.3/src/app-layer-modbus.c:2361:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.address == 0x7890);
data/suricata-5.0.3/src/app-layer-modbus.c:2362:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FAIL_IF_NOT(tx->read.quantity == 19);
data/suricata-5.0.3/src/app-layer-modbus.h:105:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} read;
data/suricata-5.0.3/src/app-layer-smtp.c:1268:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t*) msgname, strlen(msgname), NULL, 0,
data/suricata-5.0.3/src/app-layer-smtp.c:3842:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->ts_db_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:3843:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->ts_db, request1_str, strlen(request1_str)) != 0 ||
data/suricata-5.0.3/src/app-layer-smtp.c:3863:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->current_line_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:3864:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->current_line, request1_str, strlen(request1_str)) != 0) {
data/suricata-5.0.3/src/app-layer-smtp.c:3957:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->ts_db_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:3958:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->ts_db, request1_str, strlen(request1_str)) != 0 ||
data/suricata-5.0.3/src/app-layer-smtp.c:3978:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->current_line_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:3979:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->current_line, request1_str, strlen(request1_str)) != 0) {
data/suricata-5.0.3/src/app-layer-smtp.c:4072:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->ts_db_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:4073:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->ts_db, request1_str, strlen(request1_str)) != 0 ||
data/suricata-5.0.3/src/app-layer-smtp.c:4093:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->current_line_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:4094:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->current_line, request1_str, strlen(request1_str)) != 0) {
data/suricata-5.0.3/src/app-layer-smtp.c:4187:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->ts_db_len != (int32_t)strlen(request1_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:4188:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->ts_db, request1_str, strlen(request1_str)) != 0 ||
data/suricata-5.0.3/src/app-layer-smtp.c:4208:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->current_line_len != (int32_t)strlen(request2_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:4209:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->current_line, request2_str, strlen(request2_str)) != 0) {
data/suricata-5.0.3/src/app-layer-smtp.c:4280:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->current_line, request1_str, strlen(request1_str)) != 0) {
data/suricata-5.0.3/src/app-layer-smtp.c:4298:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smtp_state->current_line_len != (int32_t)strlen(request2_str) ||
data/suricata-5.0.3/src/app-layer-smtp.c:4299:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcmp(smtp_state->current_line, request2_str, strlen(request2_str)) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:719:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:724:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:786:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:791:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:906:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:911:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:973:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:978:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1100:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1105:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1182:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1187:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1254:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1259:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1336:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1341:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1409:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1414:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1495:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1500:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1585:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1590:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1690:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1695:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1795:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1800:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->cli_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1881:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1886:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1975:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.software_version, "MySSHClient-0.5.1", strlen("MySSHClient-0.5.1")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:1980:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:2177:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = '\0'; // strip \r
data/suricata-5.0.3/src/app-layer-ssh.c:2184:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:2286:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:2385:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/app-layer-ssh.c:2512:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp((char*)ssh_state->srv_hdr.proto_version, "2.0", strlen("2.0")) != 0) {
data/suricata-5.0.3/src/conf-yaml-loader.c:232:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (state == CONF_KEY && strlen(value) == 0) {
data/suricata-5.0.3/src/conf-yaml-loader.c:568:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/conf-yaml-loader.c:625:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/conf-yaml-loader.c:718:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ConfYamlLoadString(input, strlen(input)) != -1)
data/suricata-5.0.3/src/conf-yaml-loader.c:754:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ConfYamlLoadString(input, strlen(input)) != 0)
data/suricata-5.0.3/src/conf-yaml-loader.c:825:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(config_file_contents, strlen(config_file_contents), 1,
data/suricata-5.0.3/src/conf-yaml-loader.c:833:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(include_file_contents, strlen(include_file_contents), 1,
data/suricata-5.0.3/src/conf-yaml-loader.c:911:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ConfYamlLoadString(config, strlen(config)) != 0)
data/suricata-5.0.3/src/conf-yaml-loader.c:950:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ConfYamlLoadString(config, strlen(config)) != 0)
data/suricata-5.0.3/src/conf.c:258:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (isspace((int)name[strlen(name) - 1])) {
data/suricata-5.0.3/src/conf.c:259:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = '\0';
data/suricata-5.0.3/src/conf.c:866:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(child->val, key, strlen(child->val))) {
data/suricata-5.0.3/src/conf.c:911:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = sizeof(char) * (strlen(defaultpath) +
data/suricata-5.0.3/src/conf.c:912:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(file) + 2);
data/suricata-5.0.3/src/conf.c:917:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[strlen(path) - 1] != '/')
data/suricata-5.0.3/src/counters.c:1025:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(t->string);
data/suricata-5.0.3/src/counters.c:1048:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(t1->string);
data/suricata-5.0.3/src/counters.c:1049:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(t2->string);
data/suricata-5.0.3/src/datasets-string.c:42:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(out);
data/suricata-5.0.3/src/datasets-string.c:58:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(out);
data/suricata-5.0.3/src/datasets.c:143:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t r = ByteExtractString(&v, 10, strlen(ptrs[0]), ptrs[0]);
data/suricata-5.0.3/src/datasets.c:144:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (r != strlen(ptrs[0]) || v > (uint64_t)USHRT_MAX) {
data/suricata-5.0.3/src/datasets.c:157:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->load) == 0)
data/suricata-5.0.3/src/datasets.c:162:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->save) > 0 && strcmp(set->save, set->load) == 0) {
data/suricata-5.0.3/src/datasets.c:177:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 33) {
data/suricata-5.0.3/src/datasets.c:178:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/suricata-5.0.3/src/datasets.c:192:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(line) > 33 && line[32] == ',') {
data/suricata-5.0.3/src/datasets.c:193:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/suricata-5.0.3/src/datasets.c:202:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ParseRepLine(line+33, strlen(line)-33, &rep) < 0)
data/suricata-5.0.3/src/datasets.c:215:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint32_t)strlen(line), line);
data/suricata-5.0.3/src/datasets.c:226:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->load) == 0)
data/suricata-5.0.3/src/datasets.c:231:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->save) > 0 && strcmp(set->save, set->load) == 0) {
data/suricata-5.0.3/src/datasets.c:246:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 65) {
data/suricata-5.0.3/src/datasets.c:247:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/suricata-5.0.3/src/datasets.c:261:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(line) > 65 && line[64] == ',') {
data/suricata-5.0.3/src/datasets.c:262:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/suricata-5.0.3/src/datasets.c:271:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ParseRepLine(line+65, strlen(line)-65, &rep) < 0)
data/suricata-5.0.3/src/datasets.c:291:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->load) == 0)
data/suricata-5.0.3/src/datasets.c:296:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->save) > 0 && strcmp(set->save, set->load) == 0) {
data/suricata-5.0.3/src/datasets.c:310:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) <= 1)
data/suricata-5.0.3/src/datasets.c:315:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/suricata-5.0.3/src/datasets.c:318:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t decoded[strlen(line)];
data/suricata-5.0.3/src/datasets.c:319:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = DecodeBase64(decoded, (const uint8_t *)line, strlen(line), 1);
data/suricata-5.0.3/src/datasets.c:329:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/suricata-5.0.3/src/datasets.c:334:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t decoded[strlen(line)];
data/suricata-5.0.3/src/datasets.c:335:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = DecodeBase64(decoded, (const uint8_t *)line, strlen(line), 1);
data/suricata-5.0.3/src/datasets.c:344:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ParseRepLine(r, strlen(r), &rep) < 0)
data/suricata-5.0.3/src/datasets.c:419:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > DATASET_NAME_MAX_LEN) {
data/suricata-5.0.3/src/datasets.c:438:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((save == NULL || strlen(save) == 0) &&
data/suricata-5.0.3/src/datasets.c:439:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(load == NULL || strlen(load) == 0)) {
data/suricata-5.0.3/src/datasets.c:443:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((save == NULL && strlen(set->save) > 0) ||
data/suricata-5.0.3/src/datasets.c:450:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((load == NULL && strlen(set->load) > 0) ||
data/suricata-5.0.3/src/datasets.c:475:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (save && strlen(save)) {
data/suricata-5.0.3/src/datasets.c:479:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (load && strlen(load)) {
data/suricata-5.0.3/src/datasets.c:551:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set_name) > DATASET_NAME_MAX_LEN) {
data/suricata-5.0.3/src/datasets.c:648:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(out);
data/suricata-5.0.3/src/datasets.c:662:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(out);
data/suricata-5.0.3/src/datasets.c:671:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(set->save) == 0)
data/suricata-5.0.3/src/datasets.c:1022:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t decoded[strlen(string)];
data/suricata-5.0.3/src/datasets.c:1023:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = DecodeBase64(decoded, (const uint8_t *)string, strlen(string), 1);
data/suricata-5.0.3/src/datasets.c:1031:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) != 32)
data/suricata-5.0.3/src/datasets.c:1039:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) != 64)
data/suricata-5.0.3/src/datasets.c:1103:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t decoded[strlen(string)];
data/suricata-5.0.3/src/datasets.c:1104:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = DecodeBase64(decoded, (const uint8_t *)string, strlen(string), 1);
data/suricata-5.0.3/src/datasets.c:1112:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) != 32)
data/suricata-5.0.3/src/datasets.c:1120:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) != 64)
data/suricata-5.0.3/src/defrag-hash.c:205:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/defrag-hash.c:216:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/detect-app-layer-event.c:184:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(data->arg) > MAX_ALPROTO_NAME) {
data/suricata-5.0.3/src/detect-app-layer-event.c:227:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg) > MAX_ALPROTO_NAME) {
data/suricata-5.0.3/src/detect-asn1.c:675:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t len = strlen((char *)buf)-1;
data/suricata-5.0.3/src/detect-asn1.c:735:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t len = strlen((char *)buf)-1;
data/suricata-5.0.3/src/detect-asn1.c:1060:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf) - 1;
data/suricata-5.0.3/src/detect-asn1.c:1080:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen2 = strlen((char *)buf2) - 1;
data/suricata-5.0.3/src/detect-asn1.c:1139:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf) - 1;
data/suricata-5.0.3/src/detect-asn1.c:1159:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen2 = strlen((char *)buf2) - 1;
data/suricata-5.0.3/src/detect-asn1.c:1277:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf) - 1;
data/suricata-5.0.3/src/detect-asn1.c:1297:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen2 = strlen((char *)buf2) - 1;
data/suricata-5.0.3/src/detect-base64-decode.c:117:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pcre_rc = pcre_exec(decode_pcre, decode_pcre_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-base64-decode.c:521:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (det_ctx->base64_decoded_len != (int)strlen(decoded)) {
data/suricata-5.0.3/src/detect-base64-decode.c:524:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(det_ctx->base64_decoded, decoded, strlen(decoded))) {
data/suricata-5.0.3/src/detect-base64-decode.c:638:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (det_ctx->base64_decoded_len != (int)strlen(decoded)) {
data/suricata-5.0.3/src/detect-base64-decode.c:641:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(det_ctx->base64_decoded, decoded, strlen(decoded))) {
data/suricata-5.0.3/src/detect-bsize.c:150:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/suricata-5.0.3/src/detect-bsize.c:157:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/suricata-5.0.3/src/detect-byte-extract.c:220:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(arg), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-bytejump.c:331:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(optstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-bytejump.c:396:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&nbytes, 10, strlen(args[0]), args[0]) <= 0) {
data/suricata-5.0.3/src/detect-bytejump.c:413:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringInt32(&data->offset, 0, strlen(args[1]), args[1]) <= 0) {
data/suricata-5.0.3/src/detect-bytejump.c:445:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(args[i]) - 11,
data/suricata-5.0.3/src/detect-bytejump.c:453:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(args[i]) - 12,
data/suricata-5.0.3/src/detect-bytejump.c:1114:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytejump.c:1204:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytejump.c:1227:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytejump.c:1250:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytejump.c:1273:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytetest.c:262:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(optstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-bytetest.c:1296:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytetest.c:1328:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytetest.c:1386:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-bytetest.c:1416:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-classtype.c:72:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(rawstr);
data/suricata-5.0.3/src/detect-classtype.c:89:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(e) >= CLASSTYPE_NAME_MAX_LEN) {
data/suricata-5.0.3/src/detect-content.c:84:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(contentstr);
data/suricata-5.0.3/src/detect-content.c:751:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(cd->content, teststringparsed, strlen(teststringparsed)) != 0) {
data/suricata-5.0.3/src/detect-content.c:782:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(cd->content, teststringparsed, strlen(teststringparsed)) != 0) {
data/suricata-5.0.3/src/detect-content.c:813:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(cd->content, teststringparsed, strlen(teststringparsed)) != 0) {
data/suricata-5.0.3/src/detect-content.c:844:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t len = (cd->content_len > strlen(teststringparsed));
data/suricata-5.0.3/src/detect-content.c:901:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t len = (cd->content_len > strlen(teststringparsed));
data/suricata-5.0.3/src/detect-content.c:2199:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-content.c:2466:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-content.c:2801:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-csum.c:191:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (key[0] == '\"' && key[strlen(key) - 1] == '\"') {
data/suricata-5.0.3/src/detect-csum.c:196:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(key) - 2] = '\0';
data/suricata-5.0.3/src/detect-datarep.c:106:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char copy[strlen(str)+1];
data/suricata-5.0.3/src/detect-datarep.c:125:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 0) {
data/suricata-5.0.3/src/detect-datarep.c:146:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(rep_value, 10, 0, key) != (int)strlen(key))
data/suricata-5.0.3/src/detect-datarep.c:181:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(load) > 0 && *type == DATASET_TYPE_NOTSET) {
data/suricata-5.0.3/src/detect-datarep.c:194:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(name) > 0 && isblank(name[strlen(name) - 1])) {
data/suricata-5.0.3/src/detect-datarep.c:194:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(name) > 0 && isblank(name[strlen(name) - 1])) {
data/suricata-5.0.3/src/detect-datarep.c:195:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = '\0';
data/suricata-5.0.3/src/detect-datarep.c:199:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = 0; i < strlen(name); i++) {
data/suricata-5.0.3/src/detect-datarep.c:213:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in) == 0) {
data/suricata-5.0.3/src/detect-datarep.c:217:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(in) + 1;
data/suricata-5.0.3/src/detect-datarep.c:302:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(load) != 0) {
data/suricata-5.0.3/src/detect-datarep.c:336:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd_str, strlen(name) ? name : "(none)");
data/suricata-5.0.3/src/detect-dataset.c:116:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char copy[strlen(str)+1];
data/suricata-5.0.3/src/detect-dataset.c:135:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 0) {
data/suricata-5.0.3/src/detect-dataset.c:214:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(name) > 0 && isblank(name[strlen(name) - 1])) {
data/suricata-5.0.3/src/detect-dataset.c:214:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(name) > 0 && isblank(name[strlen(name) - 1])) {
data/suricata-5.0.3/src/detect-dataset.c:215:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = '\0';
data/suricata-5.0.3/src/detect-dataset.c:219:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = 0; i < strlen(name); i++) {
data/suricata-5.0.3/src/detect-dataset.c:233:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in) == 0) {
data/suricata-5.0.3/src/detect-dataset.c:237:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(in) + 1;
data/suricata-5.0.3/src/detect-dataset.c:357:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(save) == 0 && strlen(load) != 0) {
data/suricata-5.0.3/src/detect-dataset.c:357:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(save) == 0 && strlen(load) != 0) {
data/suricata-5.0.3/src/detect-dataset.c:362:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(save) != 0 && strlen(load) == 0) {
data/suricata-5.0.3/src/detect-dataset.c:362:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(save) != 0 && strlen(load) == 0) {
data/suricata-5.0.3/src/detect-dataset.c:367:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(save) != 0 && strlen(load) != 0 &&
data/suricata-5.0.3/src/detect-dataset.c:367:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(save) != 0 && strlen(load) != 0 &&
data/suricata-5.0.3/src/detect-dataset.c:390:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd_str, strlen(name) ? name : "(none)");
data/suricata-5.0.3/src/detect-dce-iface.c:132:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, arg, strlen(arg), 0, 0, ov,
data/suricata-5.0.3/src/detect-dce-iface.c:151:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(copy_str);
data/suricata-5.0.3/src/detect-dce-opnum.c:131:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, arg, strlen(arg), 0, 0, ov,
data/suricata-5.0.3/src/detect-depth.c:117:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&cd->depth, 0, 0, str) != (int)strlen(str))
data/suricata-5.0.3/src/detect-detection-filter.c:114:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos < strlen(copy_str) && df_opt != NULL;
data/suricata-5.0.3/src/detect-detection-filter.c:130:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-detection-filter.c:153:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"by_dst",strlen("by_dst")) == 0)
data/suricata-5.0.3/src/detect-detection-filter.c:155:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"by_src",strlen("by_src")) == 0)
data/suricata-5.0.3/src/detect-detection-filter.c:157:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"count",strlen("count")) == 0)
data/suricata-5.0.3/src/detect-detection-filter.c:159:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"seconds",strlen("seconds")) == 0)
data/suricata-5.0.3/src/detect-detection-filter.c:167:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&df->count, 10, strlen(args[count_pos]),
data/suricata-5.0.3/src/detect-detection-filter.c:172:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&df->seconds, 10, strlen(args[seconds_pos]),
data/suricata-5.0.3/src/detect-distance.c:116:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringInt32(&cd->distance, 0, 0, str) != (int)strlen(str)) {
data/suricata-5.0.3/src/detect-dnp3.c:135:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *end = str + strlen(str) - 1;
data/suricata-5.0.3/src/detect-dnp3.c:198:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint8(fc, 10, strlen(str), str) >= 0) {
data/suricata-5.0.3/src/detect-dnp3.c:258:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char tmp[strlen(str) + 1];
data/suricata-5.0.3/src/detect-dnp3.c:290:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(flags, 0, strlen(str), str) > 0) {
data/suricata-5.0.3/src/detect-dnp3.c:354:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(str) + 1;
data/suricata-5.0.3/src/detect-dnp3.c:365:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint8(group, 0, strlen(groupstr), groupstr) < 0) {
data/suricata-5.0.3/src/detect-dnp3.c:369:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint8(var, 0, strlen(varstr), varstr) < 0) {
data/suricata-5.0.3/src/detect-dsize.c:149:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-dsize.c:194:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) > 0) {
data/suricata-5.0.3/src/detect-dsize.c:204:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-dsize.c:212:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&dd->dsize,10,strlen(value1),value1) <= 0) {
data/suricata-5.0.3/src/detect-dsize.c:218:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value2) > 0) {
data/suricata-5.0.3/src/detect-dsize.c:224:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&dd->dsize2,10,strlen(value2),value2) <= 0) {
data/suricata-5.0.3/src/detect-engine-address.c:476:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t u = 0; u < strlen(mask); u++) {
data/suricata-5.0.3/src/detect-engine-address.c:745:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(s);
data/suricata-5.0.3/src/detect-engine-address.c:876:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_var_address) == 0) {
data/suricata-5.0.3/src/detect-engine-address.c:886:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_rule_var_address = SCMalloc(strlen(rule_var_address) + 3);
data/suricata-5.0.3/src/detect-engine-address.c:889:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(temp_rule_var_address, strlen(rule_var_address) + 3,
data/suricata-5.0.3/src/detect-engine-address.c:945:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_var_address) == 0) {
data/suricata-5.0.3/src/detect-engine-address.c:955:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_rule_var_address = SCMalloc(strlen(rule_var_address) + 3);
data/suricata-5.0.3/src/detect-engine-address.c:958:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(temp_rule_var_address, strlen(rule_var_address) + 3,
data/suricata-5.0.3/src/detect-engine-address.c:1313:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash = hashlittle_safe(map->string, strlen(map->string), 0);
data/suricata-5.0.3/src/detect-engine-address.c:4672:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/detect-engine-address.c:4708:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/detect-engine-address.c:4744:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/detect-engine-address.c:4780:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/detect-engine-address.c:4816:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/detect-engine-analyzer.c:598:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CHECK(pat) if (strlen((pat)) <= len && memcmp((pat), buf, MIN(len, strlen((pat)))) == 0) return true;
data/suricata-5.0.3/src/detect-engine-analyzer.c:598:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define CHECK(pat) if (strlen((pat)) <= len && memcmp((pat), buf, MIN(len, strlen((pat)))) == 0) return true;
data/suricata-5.0.3/src/detect-engine-event.c:127:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-engine-iponly.c:168:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (u = 0; u < strlen(mask); u++) {
data/suricata-5.0.3/src/detect-engine-iponly.c:611:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(s);
data/suricata-5.0.3/src/detect-engine-iponly.c:659:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_rule_var_address = SCMalloc(strlen(rule_var_address) + 3);
data/suricata-5.0.3/src/detect-engine-iponly.c:664:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(temp_rule_var_address, strlen(rule_var_address) + 3,
data/suricata-5.0.3/src/detect-engine-iponly.c:721:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_rule_var_address = SCMalloc(strlen(rule_var_address) + 3);
data/suricata-5.0.3/src/detect-engine-iponly.c:725:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(temp_rule_var_address, strlen(rule_var_address) + 3,
data/suricata-5.0.3/src/detect-engine-iponly.c:1832:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:1869:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:1910:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:1948:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:1985:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2022:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2063:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2102:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2170:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2224:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2255:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-iponly.c:2285:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-loader.c:71:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/detect-engine-loader.c:82:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = sizeof(char) * (strlen(defaultpath) +
data/suricata-5.0.3/src/detect-engine-loader.c:83:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(sig_file) + 2);
data/suricata-5.0.3/src/detect-engine-loader.c:89:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[strlen(path) - 1] != '\\')
data/suricata-5.0.3/src/detect-engine-loader.c:92:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[strlen(path) - 1] != '/')
data/suricata-5.0.3/src/detect-engine-loader.c:138:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/suricata-5.0.3/src/detect-engine-loader.c:158:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/suricata-5.0.3/src/detect-engine-loader.c:287:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/detect-engine-modbus.c:169:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tx->read.address + 1,
data/suricata-5.0.3/src/detect-engine-modbus.c:170:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tx->read.quantity - 1);
data/suricata-5.0.3/src/detect-engine-mpm.c:179:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xforms[strlen(xforms)-1] = '\0';
data/suricata-5.0.3/src/detect-engine-mpm.c:181:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t space = sizeof(am->pname) - strlen(am->name) - 3;
data/suricata-5.0.3/src/detect-engine-mpm.c:184:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (space < strlen(xforms)) {
data/suricata-5.0.3/src/detect-engine-payload.c:381:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:403:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:425:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:448:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:473:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:498:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:523:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:549:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:573:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:598:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:623:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:648:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:692:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:769:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:791:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:814:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:1185:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:1208:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:1229:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:1252:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:1275:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-payload.c:1298:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-port.c:841:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(s);
data/suricata-5.0.3/src/detect-engine-port.c:902:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_var_port) == 0) {
data/suricata-5.0.3/src/detect-engine-port.c:910:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alloc_rule_var_port = SCMalloc(strlen(rule_var_port) + 3);
data/suricata-5.0.3/src/detect-engine-port.c:913:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(alloc_rule_var_port, strlen(rule_var_port) + 3,
data/suricata-5.0.3/src/detect-engine-port.c:972:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_var_port) == 0) {
data/suricata-5.0.3/src/detect-engine-port.c:980:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
alloc_rule_var_port = SCMalloc(strlen(rule_var_port) + 3);
data/suricata-5.0.3/src/detect-engine-port.c:983:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(alloc_rule_var_port, strlen(rule_var_port) + 3,
data/suricata-5.0.3/src/detect-engine-prefilter.c:459:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t hash = strlen(ctx->name);
data/suricata-5.0.3/src/detect-engine-prefilter.c:462:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (u = 0; u < strlen(ctx->name); u++) {
data/suricata-5.0.3/src/detect-engine-profile.c:96:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(chop) > 0) {
data/suricata-5.0.3/src/detect-engine-register.c:330:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name != NULL && strlen(name) > 0) {
data/suricata-5.0.3/src/detect-engine-register.c:345:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name != NULL && strlen(name) > 0) {
data/suricata-5.0.3/src/detect-engine-register.c:370:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name != NULL && strlen(name) > 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:172:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0 && write == 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:176:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read > 0 && write > 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:233:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0 && write == 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:237:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read > 0 && write > 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:293:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0 && write == 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:297:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read > 0 && write > 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:351:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0 && write == 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:355:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read > 0 && write > 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:422:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read > 0 && write == 0) {
data/suricata-5.0.3/src/detect-engine-sigorder.c:426:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
} else if (read > 0 && write > 0) {
data/suricata-5.0.3/src/detect-engine-tag.c:599:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:600:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine-tag.c:696:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:697:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine-tag.c:817:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:818:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine-tag.c:934:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:935:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine-tag.c:1075:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:1076:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine-tag.c:1221:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:1222:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine-tag.c:1363:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len = strlen((char *)buf);
data/suricata-5.0.3/src/detect-engine-tag.c:1364:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf_len2 = strlen((char *)buf2);
data/suricata-5.0.3/src/detect-engine.c:745:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hash = hashlittle_safe(map->string, strlen(map->string), 0);
data/suricata-5.0.3/src/detect-engine.c:1893:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/suricata-5.0.3/src/detect-engine.c:1901:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/suricata-5.0.3/src/detect-engine.c:1926:21: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100);
data/suricata-5.0.3/src/detect-engine.c:2044:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (prefix == NULL || strlen(prefix) == 0)
data/suricata-5.0.3/src/detect-engine.c:2132:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/detect-engine.c:2289:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(max_uniq_toclient_groups_str),
data/suricata-5.0.3/src/detect-engine.c:2306:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(max_uniq_toserver_groups_str),
data/suricata-5.0.3/src/detect-engine.c:3481:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&tenant_id, 10, strlen(tenant_id_node->val),
data/suricata-5.0.3/src/detect-engine.c:3541:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&tenant_id, 10, strlen(tenant_id_node->val),
data/suricata-5.0.3/src/detect-engine.c:3550:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&vlan_id, 10, strlen(vlan_id_node->val),
data/suricata-5.0.3/src/detect-engine.c:3697:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&tenant_id, 10, strlen(id_node->val),
data/suricata-5.0.3/src/detect-engine.c:4278:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ConfYamlLoadString(conf, strlen(conf));
data/suricata-5.0.3/src/detect-fast-pattern.c:263:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(arg), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-fast-pattern.c:515:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-file-hash-common.c:52:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) != expected_len) {
data/suricata-5.0.3/src/detect-file-hash-common.c:213:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) && str[0] == '!') {
data/suricata-5.0.3/src/detect-file-hash-common.c:266:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t valid = 0, len = strlen(line);
data/suricata-5.0.3/src/detect-filemagic.c:257:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(file->magic) + 1, filemagic->bm_ctx) != NULL)
data/suricata-5.0.3/src/detect-filemagic.c:359:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) == 0) {
data/suricata-5.0.3/src/detect-filemagic.c:519:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t data_len = (uint32_t)strlen(cur_file->magic);
data/suricata-5.0.3/src/detect-filesize.c:151:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, str, strlen(str),
data/suricata-5.0.3/src/detect-filesize.c:210:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) != 0) {
data/suricata-5.0.3/src/detect-filesize.c:224:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg4 != NULL && strlen(arg4) > 0) {
data/suricata-5.0.3/src/detect-filestore.c:346:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str != NULL && strlen(str) > 0) {
data/suricata-5.0.3/src/detect-filestore.c:352:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-flow.c:178:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, flowstr, strlen(flowstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-flow.c:944:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-flowbits.c:159:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-flowbits.c:182:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(name) > 0 && isblank(name[strlen(name) - 1])) {
data/suricata-5.0.3/src/detect-flowbits.c:182:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(name) > 0 && isblank(name[strlen(name) - 1])) {
data/suricata-5.0.3/src/detect-flowbits.c:183:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = '\0';
data/suricata-5.0.3/src/detect-flowbits.c:187:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = 0; i < strlen(name); i++) {
data/suricata-5.0.3/src/detect-flowbits.c:230:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fb_name) != 0)
data/suricata-5.0.3/src/detect-flowbits.c:240:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fb_name) == 0)
data/suricata-5.0.3/src/detect-flowbits.c:254:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd->idx, fb_cmd_str, strlen(fb_name) ? fb_name : "(none)");
data/suricata-5.0.3/src/detect-flowbits.c:868:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-flowbits.c:942:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-flowbits.c:1018:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-flowint.c:237:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr),
data/suricata-5.0.3/src/detect-flowvar.c:129:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-flowvar.c:148:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(varcontent) >= 2) {
data/suricata-5.0.3/src/detect-flowvar.c:151:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (varcontent[strlen(varcontent)-1] == '"')
data/suricata-5.0.3/src/detect-flowvar.c:152:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
varcontent[strlen(varcontent)-1] = '\0';
data/suricata-5.0.3/src/detect-fragbits.c:177:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-fragbits.c:206:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (args[0] && strlen(args[0])) {
data/suricata-5.0.3/src/detect-fragoffset.c:150:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, fragoffsetstr, strlen(fragoffsetstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-ftpdata.c:152:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ftpcommandstr, strlen(ftpcommandstr),
data/suricata-5.0.3/src/detect-geoip.c:300:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str);
data/suricata-5.0.3/src/detect-hostbits.c:286:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-hostbits.c:335:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hb_dir_str) > 0) {
data/suricata-5.0.3/src/detect-hostbits.c:369:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fb_name) != 0)
data/suricata-5.0.3/src/detect-hostbits.c:379:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fb_name) == 0)
data/suricata-5.0.3/src/detect-hostbits.c:395:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd->idx, fb_cmd_str, strlen(fb_name) ? fb_name : "(none)");
data/suricata-5.0.3/src/detect-hostbits.c:473:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF(strlen(dir));
data/suricata-5.0.3/src/detect-hostbits.c:555:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:657:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:736:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:793:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:855:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:959:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:1065:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-hostbits.c:1144:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-icmp-id.c:164:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, icmpidstr, strlen(icmpidstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-icmp-id.c:186:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (substr[0]!= NULL && strlen(substr[0]) != 0) {
data/suricata-5.0.3/src/detect-icmp-seq.c:168:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, icmpseqstr, strlen(icmpseqstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-icmp-seq.c:189:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (substr[0] != NULL && strlen(substr[0]) != 0) {
data/suricata-5.0.3/src/detect-icode.c:155:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, icodestr, strlen(icodestr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-icode.c:180:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (args[0] != NULL && strlen(args[0]) != 0) {
data/suricata-5.0.3/src/detect-id.c:128:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, idstr, strlen(idstr), 0, 0,
data/suricata-5.0.3/src/detect-id.c:151:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str[strlen(tmp_str) - 1] = '\0';
data/suricata-5.0.3/src/detect-id.c:357:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-ipopts.c:134:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-ipproto.c:92:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(optstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-ipproto.c:1867:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-iprep.c:248:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-iprep.c:306:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (op_str == NULL || strlen(op_str) != 1) {
data/suricata-5.0.3/src/detect-iprep.c:325:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (value != NULL && strlen(value) > 0) {
data/suricata-5.0.3/src/detect-iprep.c:396:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/detect-iprep.c:410:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/detect-iprep.c:422:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/detect-iprep.c:436:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/detect-isdataat.c:104:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, isdataatstr, strlen(isdataatstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-isdataat.c:156:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(args[0]), args[0]) < 0 ) {
data/suricata-5.0.3/src/detect-isdataat.c:576:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-isdataat.c:623:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-isdataat.c:655:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-itype.c:155:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, itypestr, strlen(itypestr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-itype.c:180:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (args[0] != NULL && strlen(args[0]) != 0) {
data/suricata-5.0.3/src/detect-krb5-errcode.c:147:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
krb5str, strlen(krb5str),
data/suricata-5.0.3/src/detect-krb5-msgtype.c:144:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
krb5str, strlen(krb5str),
data/suricata-5.0.3/src/detect-lua.c:619:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status = luaL_loadbuffer(t->luastate, ut_script, strlen(ut_script), "unittest");
data/suricata-5.0.3/src/detect-lua.c:679:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) && str[0] == '!') {
data/suricata-5.0.3/src/detect-lua.c:711:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status = luaL_loadbuffer(luastate, ut_script, strlen(ut_script), "unittest");
data/suricata-5.0.3/src/detect-mark.c:87:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-metadata.c:82:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * hstring = (char *)HashTableLookup(de_ctx->metadata_table, (void *)string, strlen(string));
data/suricata-5.0.3/src/detect-metadata.c:92:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (HashTableAdd(de_ctx->metadata_table, (void *)astring, strlen(astring)) == 0) {
data/suricata-5.0.3/src/detect-metadata.c:93:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (char *)HashTableLookup(de_ctx->metadata_table, (void *)astring, strlen(astring));
data/suricata-5.0.3/src/detect-metadata.c:102:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char copy[strlen(metadatastr)+1];
data/suricata-5.0.3/src/detect-metadata.c:122:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 0 || strlen(val) == 0) {
data/suricata-5.0.3/src/detect-metadata.c:122:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 0 || strlen(val) == 0) {
data/suricata-5.0.3/src/detect-modbus.c:129:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(access_parse_regex, access_parse_regex_study, str, strlen(str), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-modbus.c:297:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(function_parse_regex, function_parse_regex_study, str, strlen(str), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-modbus.c:391:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(unit_id_parse_regex, unit_id_parse_regex_study, str, strlen(str), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-msg.c:54:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(msgstr);
data/suricata-5.0.3/src/detect-nfs-procedure.c:218:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0,
data/suricata-5.0.3/src/detect-nfs-procedure.c:266:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) == 1) {
data/suricata-5.0.3/src/detect-nfs-procedure.c:271:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(mode) == 2) {
data/suricata-5.0.3/src/detect-nfs-procedure.c:278:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) > 0) {
data/suricata-5.0.3/src/detect-nfs-procedure.c:283:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) != 0 && strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-nfs-procedure.c:283:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) != 0 && strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-nfs-procedure.c:297:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value2) > 0) {
data/suricata-5.0.3/src/detect-nfs-version.c:209:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0,
data/suricata-5.0.3/src/detect-nfs-version.c:257:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) == 1) {
data/suricata-5.0.3/src/detect-nfs-version.c:262:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(mode) == 2) {
data/suricata-5.0.3/src/detect-nfs-version.c:269:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) > 0) {
data/suricata-5.0.3/src/detect-nfs-version.c:274:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) != 0 && strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-nfs-version.c:274:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) != 0 && strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-nfs-version.c:288:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value2) > 0) {
data/suricata-5.0.3/src/detect-offset.c:109:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&cd->offset, 0, 0, str) != (int)strlen(str))
data/suricata-5.0.3/src/detect-parse.c:674:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = strlen(optvalptr); i > 0; i--) {
data/suricata-5.0.3/src/detect-parse.c:686:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = strlen(optstr); i > 0; i--) {
data/suricata-5.0.3/src/detect-parse.c:703:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (optvalue == NULL || strlen(optvalue) == 0) {
data/suricata-5.0.3/src/detect-parse.c:726:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (optvalue != NULL && strlen(optvalue) > 0) {
data/suricata-5.0.3/src/detect-parse.c:727:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ovlen = strlen(optvalue);
data/suricata-5.0.3/src/detect-parse.c:826:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(optend) > 0) {
data/suricata-5.0.3/src/detect-parse.c:1042:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = *input == NULL ? 0 : strlen(*input);
data/suricata-5.0.3/src/detect-parse.c:1078:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = *input != NULL ? strlen(*input) : 0;
data/suricata-5.0.3/src/detect-parse.c:1154:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = strlen(index); i > 0; i--) {
data/suricata-5.0.3/src/detect-parse.c:1229:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(parser->opts) > 0) {
data/suricata-5.0.3/src/detect-parse.c:1230:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buffer_size = strlen(parser->opts) + 1;
data/suricata-5.0.3/src/detect-parse.c:1234:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(input, parser->opts, strlen(parser->opts)+1);
data/suricata-5.0.3/src/detect-pcre.c:296:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(re);
data/suricata-5.0.3/src/detect-pcre.c:348:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(regexstr) + 1;
data/suricata-5.0.3/src/detect-pcre.c:377:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (capture_names[strlen(capture_names)-1] == '"')
data/suricata-5.0.3/src/detect-pcre.c:378:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
capture_names[strlen(capture_names)-1] = '\0';
data/suricata-5.0.3/src/detect-pcre.c:613:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (capture_names == NULL || strlen(capture_names) == 0)
data/suricata-5.0.3/src/detect-pcre.c:700:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *orig_right_edge = regexstr + strlen(regexstr);
data/suricata-5.0.3/src/detect-pcre.c:710:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ret == 0 && capture_cnt && strlen(capture_names) > 0)
data/suricata-5.0.3/src/detect-pcre.c:764:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t cap_buffer_len = strlen(regexstr) + 1;
data/suricata-5.0.3/src/detect-pcre.c:774:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_capture_regex, parse_capture_regex_study, regexstr, strlen(regexstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-pcre.c:789:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(capture_str) == 0 || strlen(type_str) == 0) {
data/suricata-5.0.3/src/detect-pcre.c:789:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(capture_str) == 0 || strlen(type_str) == 0) {
data/suricata-5.0.3/src/detect-pcre.c:1633:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-pcre.c:1696:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-pcre.c:1751:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-pcre.c:2017:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-pcre.c:2038:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-pcre.c:2055:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-pktvar.c:99:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-pktvar.c:124:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(varcontent) >= 2 && varcontent[0] == '"' &&
data/suricata-5.0.3/src/detect-pktvar.c:125:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
varcontent[strlen(varcontent) - 1] == '"')
data/suricata-5.0.3/src/detect-pktvar.c:128:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
varcontent[strlen(varcontent) - 1] = '\0';
data/suricata-5.0.3/src/detect-priority.c:67:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(regex, regex_study, rawstr, strlen(rawstr), 0, 0, ov, 30);
data/suricata-5.0.3/src/detect-reference.c:105:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr),
data/suricata-5.0.3/src/detect-reference.c:130:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 0 || strlen(content) == 0)
data/suricata-5.0.3/src/detect-reference.c:130:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) == 0 || strlen(content) == 0)
data/suricata-5.0.3/src/detect-rpc.c:153:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rpcstr, strlen(rpcstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-rpc.c:199:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&rd->program, 10, strlen(args[i]), args[i]) <= 0) {
data/suricata-5.0.3/src/detect-rpc.c:207:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&rd->program_version, 10, strlen(args[i]), args[i]) <= 0) {
data/suricata-5.0.3/src/detect-rpc.c:216:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&rd->procedure, 10, strlen(args[i]), args[i]) <= 0) {
data/suricata-5.0.3/src/detect-sameip.c:127:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-snmp-pdu_type.c:152:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0,
data/suricata-5.0.3/src/detect-snmp-version.c:194:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0,
data/suricata-5.0.3/src/detect-snmp-version.c:219:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) == 1) {
data/suricata-5.0.3/src/detect-snmp-version.c:224:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(mode) == 2) {
data/suricata-5.0.3/src/detect-ssh-proto-version.c:161:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-ssh-proto-version.c:199:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssh->len = strlen((char *) ssh->ver);
data/suricata-5.0.3/src/detect-ssh-proto.c:79:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t data_len = strlen((char *)protocol);
data/suricata-5.0.3/src/detect-ssh-software-version.c:164:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-ssh-software-version.c:191:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssh->len = strlen((char *)ssh->software_ver);
data/suricata-5.0.3/src/detect-ssh-software.c:79:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t data_len = strlen((char *)software);
data/suricata-5.0.3/src/detect-ssl-state.c:174:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex1, parse_regex1_study, arg, strlen(arg), 0, 0,
data/suricata-5.0.3/src/detect-ssl-state.c:227:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex2, parse_regex2_study, str1, strlen(str1), 0, 0,
data/suricata-5.0.3/src/detect-ssl-version.c:202:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-ssl-version.c:234:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str[strlen(tmp_str) - 1] = '\0';
data/suricata-5.0.3/src/detect-stream_size.c:192:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, streamstr, strlen(streamstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-stream_size.c:227:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) == 0)
data/suricata-5.0.3/src/detect-tag.c:162:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, tagstr, strlen(tagstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-tag.c:199:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&td.count, 10, strlen(str_ptr),
data/suricata-5.0.3/src/detect-target.c:88:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
targetstr, strlen(targetstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-tcp-flags.c:182:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr),
data/suricata-5.0.3/src/detect-tcp-flags.c:211:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg2) == 0) {
data/suricata-5.0.3/src/detect-tcp-flags.c:293:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg2) > 0) {
data/suricata-5.0.3/src/detect-tcp-flags.c:382:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg3) > 0) {
data/suricata-5.0.3/src/detect-tcp-seq.c:256:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-tcp-window.c:115:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, windowstr, strlen(windowstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-tcp-window.c:296:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-tcpmss.c:135:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, tcpmssstr, strlen(tcpmssstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-tcpmss.c:187:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) > 0)
data/suricata-5.0.3/src/detect-tcpmss.c:199:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) > 0)
data/suricata-5.0.3/src/detect-tcpmss.c:204:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg1 == NULL || strlen(arg1)== 0)
data/suricata-5.0.3/src/detect-tcpmss.c:206:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg3 == NULL || strlen(arg3)== 0)
data/suricata-5.0.3/src/detect-tcpmss.c:222:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg2 != NULL && strlen(arg2) > 0) ||
data/suricata-5.0.3/src/detect-tcpmss.c:223:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg3 != NULL && strlen(arg3) > 0) ||
data/suricata-5.0.3/src/detect-tcpmss.c:224:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg1 == NULL ||strlen(arg1) == 0))
data/suricata-5.0.3/src/detect-tcpmss.c:233:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg3 != NULL && strlen(arg3) > 0) ||
data/suricata-5.0.3/src/detect-tcpmss.c:234:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg1 == NULL ||strlen(arg1) == 0))
data/suricata-5.0.3/src/detect-template.c:136:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
templatestr, strlen(templatestr),
data/suricata-5.0.3/src/detect-template2.c:141:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, template2str, strlen(template2str), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-template2.c:193:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) > 0)
data/suricata-5.0.3/src/detect-template2.c:205:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) > 0)
data/suricata-5.0.3/src/detect-template2.c:210:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg1 == NULL || strlen(arg1)== 0)
data/suricata-5.0.3/src/detect-template2.c:212:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg3 == NULL || strlen(arg3)== 0)
data/suricata-5.0.3/src/detect-template2.c:228:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg2 != NULL && strlen(arg2) > 0) ||
data/suricata-5.0.3/src/detect-template2.c:229:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg3 != NULL && strlen(arg3) > 0) ||
data/suricata-5.0.3/src/detect-template2.c:230:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg1 == NULL ||strlen(arg1) == 0))
data/suricata-5.0.3/src/detect-template2.c:239:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((arg3 != NULL && strlen(arg3) > 0) ||
data/suricata-5.0.3/src/detect-template2.c:240:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(arg1 == NULL ||strlen(arg1) == 0))
data/suricata-5.0.3/src/detect-threshold.c:128:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos < strlen(copy_str) && threshold_opt != NULL;
data/suricata-5.0.3/src/detect-threshold.c:146:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-threshold.c:170:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"limit",strlen("limit")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:172:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"both",strlen("both")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:174:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"threshold",strlen("threshold")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:176:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"by_dst",strlen("by_dst")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:178:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"by_src",strlen("by_src")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:180:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"count",strlen("count")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:182:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(args[i],"seconds",strlen("seconds")) == 0)
data/suricata-5.0.3/src/detect-threshold.c:190:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&de->count, 10, strlen(args[count_pos]),
data/suricata-5.0.3/src/detect-threshold.c:195:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&de->seconds, 10, strlen(args[second_pos]),
data/suricata-5.0.3/src/detect-tls-cert-fingerprint.c:141:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->server_connp.cert0_fingerprint);
data/suricata-5.0.3/src/detect-tls-cert-issuer.c:131:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->server_connp.cert0_issuerdn);
data/suricata-5.0.3/src/detect-tls-cert-serial.c:140:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->server_connp.cert0_serial);
data/suricata-5.0.3/src/detect-tls-cert-subject.c:130:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->server_connp.cert0_subject);
data/suricata-5.0.3/src/detect-tls-cert-validity.c:228:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(string) == 0)
data/suricata-5.0.3/src/detect-tls-cert-validity.c:275:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oldlen = inlen = strlen(string);
data/suricata-5.0.3/src/detect-tls-cert-validity.c:321:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0,
data/suricata-5.0.3/src/detect-tls-cert-validity.c:373:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mode) > 0) {
data/suricata-5.0.3/src/detect-tls-cert-validity.c:380:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) > 0) {
data/suricata-5.0.3/src/detect-tls-cert-validity.c:385:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) != 0 && strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-tls-cert-validity.c:385:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(range) != 0 && strlen(mode) != 0) {
data/suricata-5.0.3/src/detect-tls-cert-validity.c:401:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value2) > 0) {
data/suricata-5.0.3/src/detect-tls-ja3-hash.c:153:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->client_connp.ja3_hash);
data/suricata-5.0.3/src/detect-tls-ja3-string.c:143:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->client_connp.ja3_str->data);
data/suricata-5.0.3/src/detect-tls-ja3s-hash.c:151:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->server_connp.ja3_hash);
data/suricata-5.0.3/src/detect-tls-ja3s-string.c:142:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->server_connp.ja3_str->data);
data/suricata-5.0.3/src/detect-tls-sni.c:129:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const uint32_t data_len = strlen(ssl_state->client_connp.sni);
data/suricata-5.0.3/src/detect-tls-version.c:158:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-tls-version.c:185:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str[strlen(tmp_str) - 1] = '\0';
data/suricata-5.0.3/src/detect-tls-version.c:197:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ((strncmp("0x", tmp_str, 2) == 0) && (strlen(str) == 6)) {
data/suricata-5.0.3/src/detect-tls.c:248:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(subject_parse_regex, subject_parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-tls.c:282:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str[strlen(tmp_str) - 1] = '\0';
data/suricata-5.0.3/src/detect-tls.c:448:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(issuerdn_parse_regex, issuerdn_parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-tls.c:482:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str[strlen(tmp_str) - 1] = '\0';
data/suricata-5.0.3/src/detect-tls.c:581:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(fingerprint_parse_regex, fingerprint_parse_regex_study, str, strlen(str), 0, 0,
data/suricata-5.0.3/src/detect-tls.c:615:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_str[strlen(tmp_str) - 1] = '\0';
data/suricata-5.0.3/src/detect-tos.c:115:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, arg, strlen(arg), 0, 0,
data/suricata-5.0.3/src/detect-tos.c:324:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-transform-compress-whitespace.c:130:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-compress-whitespace.c:145:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-dotprefix.c:122:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-dotprefix.c:125:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t result_len = strlen((char *)result);
data/suricata-5.0.3/src/detect-transform-dotprefix.c:142:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-dotprefix.c:145:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t result_len = strlen((char *)result);
data/suricata-5.0.3/src/detect-transform-md5.c:109:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-sha1.c:109:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-sha256.c:109:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-strip-whitespace.c:121:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-transform-strip-whitespace.c:136:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t input_len = strlen((char *)input);
data/suricata-5.0.3/src/detect-ttl.c:142:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = pcre_exec(parse_regex, parse_regex_study, ttlstr, strlen(ttlstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-ttl.c:177:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg2) > 0) {
data/suricata-5.0.3/src/detect-ttl.c:180:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg3) == 0)
data/suricata-5.0.3/src/detect-ttl.c:187:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) > 0)
data/suricata-5.0.3/src/detect-ttl.c:192:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg3) == 0)
data/suricata-5.0.3/src/detect-ttl.c:199:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) > 0)
data/suricata-5.0.3/src/detect-ttl.c:204:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) == 0 || strlen(arg3) == 0)
data/suricata-5.0.3/src/detect-ttl.c:204:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) == 0 || strlen(arg3) == 0)
data/suricata-5.0.3/src/detect-ttl.c:220:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(arg2) > 0) ||
data/suricata-5.0.3/src/detect-ttl.c:221:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(arg3) > 0) ||
data/suricata-5.0.3/src/detect-ttl.c:222:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(arg1) == 0))
data/suricata-5.0.3/src/detect-ttl.c:231:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(arg3) > 0) ||
data/suricata-5.0.3/src/detect-ttl.c:232:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(arg1) == 0))
data/suricata-5.0.3/src/detect-urilen.c:103:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, urilenstr, strlen(urilenstr),
data/suricata-5.0.3/src/detect-urilen.c:171:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(arg1) != 0) {
data/suricata-5.0.3/src/detect-urilen.c:179:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&urilend->urilen1,10,strlen(arg2),arg2) <= 0){
data/suricata-5.0.3/src/detect-urilen.c:185:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (arg4 != NULL && strlen(arg4) > 0) {
data/suricata-5.0.3/src/detect-urilen.c:192:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ByteExtractStringUint16(&urilend->urilen2,10,strlen(arg4),arg4) <= 0)
data/suricata-5.0.3/src/detect-within.c:116:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringInt32(&cd->within, 0, 0, str) != (int)strlen(str)) {
data/suricata-5.0.3/src/detect-within.c:177:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-within.c:196:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/detect-xbits.c:203:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/detect-xbits.c:228:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hb_dir_str) > 0) {
data/suricata-5.0.3/src/detect-xbits.c:286:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fb_name) != 0)
data/suricata-5.0.3/src/detect-xbits.c:298:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fb_name) == 0)
data/suricata-5.0.3/src/detect-xbits.c:314:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd->idx, fb_cmd_str, strlen(fb_name) ? fb_name : "(none)");
data/suricata-5.0.3/src/detect-xbits.c:458:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/flow-bypass.c:122:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/suricata-5.0.3/src/flow-manager.c:164:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(thread_name_flow_mgr)) == 0)
data/suricata-5.0.3/src/flow-manager.c:188:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(thread_name_flow_mgr)) == 0)
data/suricata-5.0.3/src/flow-manager.c:1120:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10);
data/suricata-5.0.3/src/flow-manager.c:1134:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(thread_name_flow_rec)) == 0)
data/suricata-5.0.3/src/flow-manager.c:1159:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(thread_name_flow_rec)) == 0)
data/suricata-5.0.3/src/flow.c:592:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/flow.c:604:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/flow.c:809:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(new), new) > 0) {
data/suricata-5.0.3/src/flow.c:814:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(established),
data/suricata-5.0.3/src/flow.c:820:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(closed),
data/suricata-5.0.3/src/flow.c:827:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(bypassed),
data/suricata-5.0.3/src/flow.c:833:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(emergency_new),
data/suricata-5.0.3/src/flow.c:840:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_established),
data/suricata-5.0.3/src/flow.c:847:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_closed),
data/suricata-5.0.3/src/flow.c:854:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_bypassed),
data/suricata-5.0.3/src/flow.c:877:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(new), new) > 0) {
data/suricata-5.0.3/src/flow.c:882:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(established),
data/suricata-5.0.3/src/flow.c:888:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(closed),
data/suricata-5.0.3/src/flow.c:895:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(bypassed),
data/suricata-5.0.3/src/flow.c:901:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(emergency_new),
data/suricata-5.0.3/src/flow.c:908:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_established),
data/suricata-5.0.3/src/flow.c:915:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_closed),
data/suricata-5.0.3/src/flow.c:922:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_bypassed),
data/suricata-5.0.3/src/flow.c:942:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(new), new) > 0) {
data/suricata-5.0.3/src/flow.c:947:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(established),
data/suricata-5.0.3/src/flow.c:954:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(bypassed),
data/suricata-5.0.3/src/flow.c:960:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(emergency_new),
data/suricata-5.0.3/src/flow.c:967:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_established),
data/suricata-5.0.3/src/flow.c:974:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_bypassed),
data/suricata-5.0.3/src/flow.c:994:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(new), new) > 0) {
data/suricata-5.0.3/src/flow.c:999:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(established),
data/suricata-5.0.3/src/flow.c:1006:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(bypassed),
data/suricata-5.0.3/src/flow.c:1012:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&configval, 10, strlen(emergency_new),
data/suricata-5.0.3/src/flow.c:1019:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_established),
data/suricata-5.0.3/src/flow.c:1026:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(emergency_bypassed),
data/suricata-5.0.3/src/host.c:214:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/host.c:222:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/ippair.c:209:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/ippair.c:217:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/log-cf-common.c:223:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer->size, (uint8_t *)buf,strlen(buf));
data/suricata-5.0.3/src/log-droplog.c:366:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/log-droplog.c:430:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/log-filestore.c:625:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s_base_dir == NULL || strlen(s_base_dir) == 0) {
data/suricata-5.0.3/src/log-httplog.c:117:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cookiename) == (unsigned int) (cv-cn-1) &&
data/suricata-5.0.3/src/log-httplog.c:166:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aft->buffer->size, (uint8_t *)buf, MIN(strlen(buf),6));
data/suricata-5.0.3/src/log-httplog.c:171:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aft->buffer->size, (uint8_t *)srcip,strlen(srcip));
data/suricata-5.0.3/src/log-httplog.c:176:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aft->buffer->size, (uint8_t *)dstip,strlen(dstip));
data/suricata-5.0.3/src/log-pcap.c:724:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename, strlen(filename), 0, 0, pcre_ovec,
data/suricata-5.0.3/src/log-pcap.c:763:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pattern[strlen(pattern) - 1] != '/') {
data/suricata-5.0.3/src/log-pcap.c:769:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (part == NULL || strlen(part) == 0) {
data/suricata-5.0.3/src/log-pcap.c:772:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (part[0] != '%' || strlen(part) < 2) {
data/suricata-5.0.3/src/log-pcap.c:1078:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = strlen(filename);
data/suricata-5.0.3/src/log-pcap.c:1084:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int)strlen(filename); i++) {
data/suricata-5.0.3/src/log-pcap.c:1104:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i+1 < (int)strlen(filename)) {
data/suricata-5.0.3/src/log-pcap.c:1628:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pl->filename_parts[i] == NULL ||strlen(pl->filename_parts[i]) == 0)
data/suricata-5.0.3/src/log-pcap.c:1634:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pl->filename_parts[i]) < 2)
data/suricata-5.0.3/src/log-tcp-data.c:155:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aft->buffer->size, (uint8_t *)name,strlen(name));
data/suricata-5.0.3/src/log-tlslog.c:407:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MIN(strlen(buf),6));
data/suricata-5.0.3/src/log-tlslog.c:413:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)srcip,strlen(srcip));
data/suricata-5.0.3/src/log-tlslog.c:419:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)dstip, strlen(dstip));
data/suricata-5.0.3/src/log-tlsstore.c:109:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) == 0) {
data/suricata-5.0.3/src/log-tlsstore.c:170:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(filename + (strlen(filename) - 3), "meta", 4);
data/suricata-5.0.3/src/log-tlsstore.c:390:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s_base_dir == NULL || strlen(s_base_dir) == 0) {
data/suricata-5.0.3/src/output-filedata.c:291:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(line, strlen(line), 1, fp) != 1) {
data/suricata-5.0.3/src/output-filedata.c:374:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (waldo != NULL && strlen(waldo) > 0) {
data/suricata-5.0.3/src/output-filedata.c:410:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(g_waldo) > 0) {
data/suricata-5.0.3/src/output-json-email-common.c:147:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HASH_HashBuf(HASH_AlgMD5, md5, (unsigned char *)value, strlen(value));
data/suricata-5.0.3/src/output-json-email-common.c:285:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * sp = SkipWhiteSpaceTill(s, s + strlen(s));
data/suricata-5.0.3/src/output-json-stats.c:175:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dot) > 2) {
data/suricata-5.0.3/src/output-json-stats.c:242:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char deltaname[strlen(shortname) + strlen(delta_suffix) + 1];
data/suricata-5.0.3/src/output-json-stats.c:242:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char deltaname[strlen(shortname) + strlen(delta_suffix) + 1];
data/suricata-5.0.3/src/output-json-stats.c:278:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char deltaname[strlen(shortname) + strlen(delta_suffix) + 1];
data/suricata-5.0.3/src/output-json-stats.c:278:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char deltaname[strlen(shortname) + strlen(delta_suffix) + 1];
data/suricata-5.0.3/src/output-json.c:89:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
traffic_id_prefix_len = strlen(TRAFFIC_ID_PREFIX);
data/suricata-5.0.3/src/output-json.c:90:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
traffic_label_prefix_len = strlen(TRAFFIC_LABEL_PREFIX);
data/suricata-5.0.3/src/output-json.c:117:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (u = 0; u < strlen(val); u++) {
data/suricata-5.0.3/src/output-json.c:215:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(s, prefix, strlen(prefix)) == 0) {
data/suricata-5.0.3/src/output-json.c:938:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
json_ctx->file_ctx->prefix_len = strlen(prefix);
data/suricata-5.0.3/src/output-lua.c:461:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status = luaL_loadbuffer(luastate, ut_script, strlen(ut_script), "unittest");
data/suricata-5.0.3/src/output-lua.c:607:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
status = luaL_loadbuffer(t->luastate, ut_script, strlen(ut_script), "unittest");
data/suricata-5.0.3/src/output-lua.c:691:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = snprintf(path, sizeof(path),"%s%s%s", dir, strlen(dir) ? "/" : "", conf->val);
data/suricata-5.0.3/src/output-lua.c:775:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(path, sizeof(path),"%s%s%s", dir, strlen(dir) ? "/" : "", script->val);
data/suricata-5.0.3/src/reputation.c:221:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line);
data/suricata-5.0.3/src/reputation.c:239:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 0)
data/suricata-5.0.3/src/reputation.c:272:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line);
data/suricata-5.0.3/src/reputation.c:290:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 0)
data/suricata-5.0.3/src/reputation.c:379:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/suricata-5.0.3/src/reputation.c:390:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/suricata-5.0.3/src/reputation.c:410:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(srep_cat_table[i]) == 0)
data/suricata-5.0.3/src/reputation.c:443:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/suricata-5.0.3/src/reputation.c:454:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/suricata-5.0.3/src/reputation.c:542:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t path_len = sizeof(char) * (strlen(defaultpath) +
data/suricata-5.0.3/src/reputation.c:543:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(file) + 2);
data/suricata-5.0.3/src/reputation.c:549:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[strlen(path) - 1] != '\\')
data/suricata-5.0.3/src/reputation.c:552:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path[strlen(path) - 1] != '/')
data/suricata-5.0.3/src/runmode-af-packet.c:161:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/runmode-af-packet.c:204:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(out_iface) > 0) {
data/suricata-5.0.3/src/runmode-af-packet.c:267:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(copymodestr) <= 0) {
data/suricata-5.0.3/src/runmode-af-packet.c:368:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/runmode-napatech.c:157:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int dev_len = strlen(device);
data/suricata-5.0.3/src/runmode-netmap.c:103:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(ns->iface);
data/suricata-5.0.3/src/runmode-netmap.c:124:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/runmode-netmap.c:160:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/runmode-netmap.c:273:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(out_iface) > 0) {
data/suricata-5.0.3/src/runmode-netmap.c:295:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_name[strlen(base_name) - 1] = '\0';
data/suricata-5.0.3/src/runmode-pfring.c:295:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/runmode-pfring.c:307:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/source-af-packet.c:429:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(AFP_PEERS_WAIT);
data/suricata-5.0.3/src/source-af-packet.c:1502:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/suricata-5.0.3/src/source-af-packet.c:1550:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(AFP_RECONNECT_TIMEOUT);
data/suricata-5.0.3/src/source-erf-dag.c:354:21: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10 * 1000);
data/suricata-5.0.3/src/source-ipfw.c:719:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ByteExtractStringUint16(&port_num, 10, strlen(queue), queue)) < 0)
data/suricata-5.0.3/src/source-napatech.c:284:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000 * ntv->stream_id);
data/suricata-5.0.3/src/source-netmap.c:232:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
NetmapDevice **pdevice, int verbose, int read, bool zerocopy)
data/suricata-5.0.3/src/source-netmap.c:239:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(base_name) > 0 &&
data/suricata-5.0.3/src/source-netmap.c:240:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(base_name[strlen(base_name)-1] == '^' ||
data/suricata-5.0.3/src/source-netmap.c:241:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_name[strlen(base_name)-1] == '*'))
data/suricata-5.0.3/src/source-netmap.c:243:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base_name[strlen(base_name)-1] = '\0';
data/suricata-5.0.3/src/source-netmap.c:281:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const int direction = (read != 1);
data/suricata-5.0.3/src/source-netmap.c:317:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ns->iface, ring, strlen(optstr) ? "/" : "", optstr);
data/suricata-5.0.3/src/source-netmap.c:318:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(ns->iface) > 5 && strncmp(ns->iface, "vale", 4) == 0 && isdigit(ns->iface[4])) {
data/suricata-5.0.3/src/source-netmap.c:320:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (ns->iface[strlen(ns->iface)-1] == '*' ||
data/suricata-5.0.3/src/source-netmap.c:321:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ns->iface[strlen(ns->iface)-1] == '^') {
data/suricata-5.0.3/src/source-netmap.c:328:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ns->iface, strlen(optstr) ? "/" : "", optstr);
data/suricata-5.0.3/src/source-netmap.c:331:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ns->iface, ring, strlen(optstr) ? "/" : "", optstr);
data/suricata-5.0.3/src/source-pcap.c:275:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(PCAP_RECONNECT_TIMEOUT);
data/suricata-5.0.3/src/source-pcap.c:368:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(errbuf)) {
data/suricata-5.0.3/src/source-windivert.c:304:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t filter_len = strlen(filter_str);
data/suricata-5.0.3/src/stream-tcp-reassemble.c:363:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&prealloc, 10, strlen(seg->val), seg->val) == -1)
data/suricata-5.0.3/src/stream-tcp.c:7330:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
conf_var_full_name = (char *)SCMalloc(strlen(conf_var_type_name) +
data/suricata-5.0.3/src/stream-tcp.c:7331:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(conf_var_name) + 2);
data/suricata-5.0.3/src/stream-tcp.c:7336:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(conf_var_type_name) + strlen(conf_var_name) + 2, "%s.%s",
data/suricata-5.0.3/src/stream-tcp.c:7336:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(conf_var_type_name) + strlen(conf_var_name) + 2, "%s.%s",
data/suricata-5.0.3/src/stream-tcp.c:7398:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/stream-tcp.c:7800:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:7967:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:8137:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:8292:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:8341:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:8393:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:8445:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/stream-tcp.c:8497:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string1, strlen(dummy_conf_string1));
data/suricata-5.0.3/src/suricata.c:456:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpf_len+=strlen(argv[tmpindex]) + 1;
data/suricata-5.0.3/src/suricata.c:484:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/suricata.c:551:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/suricata.c:570:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(bpf_filter) > 0 &&
data/suricata-5.0.3/src/suricata.c:571:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpf_filter[strlen(bpf_filter)-1] == ' ')
data/suricata-5.0.3/src/suricata.c:573:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bpf_filter[strlen(bpf_filter)-1] = '\0';
data/suricata-5.0.3/src/suricata.c:575:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bpf_filter) > 0) {
data/suricata-5.0.3/src/suricata.c:761:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(features) == 0) {
data/suricata-5.0.3/src/suricata.c:778:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(features) == 0) {
data/suricata-5.0.3/src/suricata.c:800:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(features) == 0) {
data/suricata-5.0.3/src/suricata.c:949:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pcap_dev) == 0) {
data/suricata-5.0.3/src/suricata.c:959:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pcap_dev)) {
data/suricata-5.0.3/src/suricata.c:971:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pcap_dev)) {
data/suricata-5.0.3/src/suricata.c:987:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pcap_dev)) {
data/suricata-5.0.3/src/suricata.c:1153:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(in_arg) > 9 && strncmp(in_arg, "DeviceNPF", 9) == 0) {
data/suricata-5.0.3/src/suricata.c:1162:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(suri->pcap_dev) > 0 && isdigit((unsigned char)suri->pcap_dev[0])) {
data/suricata-5.0.3/src/suricata.c:1579:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(optarg) < sizeof(suri->pcap_dev)) ?
data/suricata-5.0.3/src/suricata.c:1580:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(optarg) + 1) : sizeof(suri->pcap_dev)));
data/suricata-5.0.3/src/suricata.c:1626:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(optarg) < sizeof(suri->pcap_dev)) ?
data/suricata-5.0.3/src/suricata.c:1627:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(optarg) + 1) : sizeof(suri->pcap_dev)));
data/suricata-5.0.3/src/suricata.c:2098:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(suri->regex_arg) == 0)
data/suricata-5.0.3/src/suricata.c:2550:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dev);
data/suricata-5.0.3/src/suricata.c:2788:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint16(&mask, 8, strlen(custom_umask),
data/suricata-5.0.3/src/suricata.c:2790:13: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask((mode_t)mask);
data/suricata-5.0.3/src/suricata.c:2949:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10* 1000);
data/suricata-5.0.3/src/tests/detect-http-client-body.c:132:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(yaml, strlen(yaml));
data/suricata-5.0.3/src/tests/detect-http-client-body.c:169:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b->input_size ? b->input_size : strlen((const char *)b->input));
data/suricata-5.0.3/src/tests/detect-http-client-body.c:724:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t *http_buf = SCMalloc(TOTAL_REQUESTS * strlen(request_buffer));
data/suricata-5.0.3/src/tests/detect-http-client-body.c:728:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(http_buf + i * strlen(request_buffer), request_buffer,
data/suricata-5.0.3/src/tests/detect-http-client-body.c:729:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(request_buffer));
data/suricata-5.0.3/src/tests/detect-http-client-body.c:731:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = TOTAL_REQUESTS * strlen(request_buffer);
data/suricata-5.0.3/src/tests/detect-http-server-body.c:91:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(yaml, strlen(yaml));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:129:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b->input_size ? b->input_size : strlen((const char *)b->input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:2076:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:2251:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4035:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4159:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4284:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4409:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4534:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4659:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4787:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:4912:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:5039:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:5164:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-server-body.c:5288:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(input, strlen(input));
data/suricata-5.0.3/src/tests/detect-http-uri.c:1722:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:1818:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:1914:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2011:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2107:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2203:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2297:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2391:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2485:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2579:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2673:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2799:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2892:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:2985:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3078:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3171:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3264:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3355:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3446:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3537:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3628:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3719:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3954:117: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int uricomp = memcmp((const char *)((DetectContentData*) s->sm_lists[g_http_uri_buffer_id]->ctx)->content, str, strlen(str)-1);
data/suricata-5.0.3/src/tests/detect-http-uri.c:3957:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urilen != strlen("we are testing http_uri keyword")) {
data/suricata-5.0.3/src/tests/detect-http-uri.c:4407:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(str) - 1);
data/suricata-5.0.3/src/tests/detect-http-uri.c:4410:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urilen != strlen("we are testing http_raw_uri keyword")) {
data/suricata-5.0.3/src/tests/detect-http-uri.c:7777:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect-http-uri.c:7872:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t http_buf_len = strlen((char *)http_buf);
data/suricata-5.0.3/src/tests/detect.c:105:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:143:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:160:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:209:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:259:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:311:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:379:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:469:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:561:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:645:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:729:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:793:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:848:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:900:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:945:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:964:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/tests/detect.c:1003:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:1016:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/tests/detect.c:1058:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:1069:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/tests/detect.c:1104:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:1157:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:1180:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/tests/detect.c:1218:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:1241:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/tests/detect.c:1290:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf1len = strlen((char *)buf1);
data/suricata-5.0.3/src/tests/detect.c:1295:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf2len = strlen((char *)buf2);
data/suricata-5.0.3/src/tests/detect.c:1368:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf1len = strlen((char *)buf1);
data/suricata-5.0.3/src/tests/detect.c:1378:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf2len = strlen((char *)buf2);
data/suricata-5.0.3/src/tests/detect.c:1443:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf1len = strlen((char *)buf1);
data/suricata-5.0.3/src/tests/detect.c:1453:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buf2len = strlen((char *)buf2);
data/suricata-5.0.3/src/tests/detect.c:1530:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:1634:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:2897:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3017:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3614:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3690:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3736:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3854:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3898:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3951:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:3995:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:4041:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:4102:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:4328:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t p5buflen = strlen((char *)p5buf);
data/suricata-5.0.3/src/tests/detect.c:4373:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/tests/detect.c:4434:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = UTHBuildPacket((uint8_t *)"boo", strlen("boo"), IPPROTO_TCP);
data/suricata-5.0.3/src/tests/detect.c:4442:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = UTHBuildPacket((uint8_t *)"roo", strlen("roo"), IPPROTO_TCP);
data/suricata-5.0.3/src/tests/detect.c:4447:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = UTHBuildPacket((uint8_t *)"laboosa", strlen("laboosa"), IPPROTO_TCP);
data/suricata-5.0.3/src/tests/detect.c:5156:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string2, strlen(dummy_conf_string2));
data/suricata-5.0.3/src/tests/detect.c:5203:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string3, strlen(dummy_conf_string3));
data/suricata-5.0.3/src/tests/detect.c:5250:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string4, strlen(dummy_conf_string4));
data/suricata-5.0.3/src/tests/detect.c:5298:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string5, strlen(dummy_conf_string5));
data/suricata-5.0.3/src/tests/reputation.c:41:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf); \
data/suricata-5.0.3/src/threads.h:269:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(n) > 16) \
data/suricata-5.0.3/src/threads.h:290:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(n) > THREAD_NAME_LEN) \
data/suricata-5.0.3/src/tm-threads.c:1437:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strlen(tv->inq->name) == strlen("packetpool") &&
data/suricata-5.0.3/src/tm-threads.c:1437:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(strlen(tv->inq->name) == strlen("packetpool") &&
data/suricata-5.0.3/src/tm-threads.h:43:25: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
#define SleepUsec(usec) usleep((usec))
data/suricata-5.0.3/src/tm-threads.h:44:25: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
#define SleepMsec(msec) usleep((msec) * 1000)
data/suricata-5.0.3/src/tmqh-flow.c:167:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (queue_str == NULL || strlen(queue_str) == 0)
data/suricata-5.0.3/src/unix-manager.c:162:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(addr.sun_path) + sizeof(addr.sun_family) + 1;
data/suricata-5.0.3/src/unix-manager.c:747:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100);
data/suricata-5.0.3/src/unix-manager.c:1232:17: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100);
data/suricata-5.0.3/src/util-action.c:185:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:223:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:260:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:294:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:334:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:371:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:408:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-action.c:436:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:501:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:577:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:579:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen2 = strlen((char *)buf2);
data/suricata-5.0.3/src/util-action.c:644:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:646:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen2 = strlen((char *)buf2);
data/suricata-5.0.3/src/util-action.c:722:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:785:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:860:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:934:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:998:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1062:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1126:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1201:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1276:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1345:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1420:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1495:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-action.c:1575:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-affinity.c:124:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (end != sep + strlen(sep)) {
data/suricata-5.0.3/src/util-affinity.c:147:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (end != lnode->val + strlen(lnode->val)) {
data/suricata-5.0.3/src/util-byte.c:515:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringUint64(&i64, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:529:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringUint32(&i32, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:543:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringUint16(&i16, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:557:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringUint8(&i8, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:571:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringInt64(&i64, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:585:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringInt32(&i32, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:599:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringInt16(&i16, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:613:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringInt8(&i8, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:629:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringUint32(&u32, 10, strlen(str), str);
data/suricata-5.0.3/src/util-byte.c:643:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int ret = ByteExtractStringUint32(&u32, 10, strlen(str), str);
data/suricata-5.0.3/src/util-classification-config.c:162:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (de_ctx != NULL && strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/util-classification-config.c:257:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(regex, regex_study, rawstr, strlen(rawstr), 0, 0, ov, 30);
data/suricata-5.0.3/src/util-classification-config.c:284:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ct_priority_str) == 0) {
data/suricata-5.0.3/src/util-classification-config.c:455:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ct->classtype);
data/suricata-5.0.3/src/util-classification-config.c:492:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(ct1->classtype);
data/suricata-5.0.3/src/util-classification-config.c:493:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(ct2->classtype);
data/suricata-5.0.3/src/util-classification-config.c:562:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char name[strlen(ct_name) + 1];
data/suricata-5.0.3/src/util-classification-config.c:564:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (s = 0; s < strlen(ct_name); s++)
data/suricata-5.0.3/src/util-classification-config.c:592:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILE *fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-classification-config.c:616:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILE *fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-classification-config.c:637:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILE *fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-conf.c:71:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0)
data/suricata-5.0.3/src/util-conf.c:74:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(name) + 1;
data/suricata-5.0.3/src/util-debug.c:315:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char local_format[strlen(log_format) + 1];
data/suricata-5.0.3/src/util-debug.c:500:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer, strlen(buffer), 0, 0, ov, MAX_SUBSTRINGS) < 0)
data/suricata-5.0.3/src/util-debug.c:965:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (format == NULL || strlen(format) > SC_LOG_MAX_LOG_FORMAT_LEN) {
data/suricata-5.0.3/src/util-decode-asn1.c:838:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t len = strlen((char *)str)-1;
data/suricata-5.0.3/src/util-decode-der-get.c:86:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(gentime) != 15)
data/suricata-5.0.3/src/util-decode-der-get.c:112:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(utctime) != 13)
data/suricata-5.0.3/src/util-decode-der-get.c:261:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
node_len = strlen(node->str);
data/suricata-5.0.3/src/util-decode-der.c:583:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int s = strlen(a->str);
data/suricata-5.0.3/src/util-decode-der.h:76:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t strlen;
data/suricata-5.0.3/src/util-decode-mime.c:318:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == curr->name_len) {
data/suricata-5.0.3/src/util-decode-mime.c:344:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == curr->name_len) {
data/suricata-5.0.3/src/util-decode-mime.c:889:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extLen = strlen(UrlExeExts[i]);
data/suricata-5.0.3/src/util-decode-mime.c:890:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext = FindBuffer(url, len, (uint8_t *)UrlExeExts[i], strlen(UrlExeExts[i]));
data/suricata-5.0.3/src/util-decode-mime.c:1036:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fptr = FindBuffer(remptr, len - (remptr - line), (uint8_t *)URL_STR, strlen(URL_STR));
data/suricata-5.0.3/src/util-decode-mime.c:1039:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urlStrLen = strlen(URL_STR);
data/suricata-5.0.3/src/util-decode-mime.c:1850:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ss_len = strlen(search_start);
data/suricata-5.0.3/src/util-decode-mime.c:1923:89: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (FindBuffer(field->value, field->value_len, (const uint8_t *)BASE64_STR, strlen(BASE64_STR))) {
data/suricata-5.0.3/src/util-decode-mime.c:1926:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (FindBuffer(field->value, field->value_len, (const uint8_t *)QP_STR, strlen(QP_STR))) {
data/suricata-5.0.3/src/util-decode-mime.c:2012:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const uint8_t *)MSG_STR, strlen(MSG_STR)))
data/suricata-5.0.3/src/util-decode-mime.c:2032:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const uint8_t *)MULTIPART_STR, strlen(MULTIPART_STR)))
data/suricata-5.0.3/src/util-decode-mime.c:2038:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const uint8_t *)TXT_STR, strlen(TXT_STR)))
data/suricata-5.0.3/src/util-decode-mime.c:2044:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const uint8_t *)HTML_STR, strlen(HTML_STR)))
data/suricata-5.0.3/src/util-decode-mime.c:2796:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2799:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2802:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2805:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2808:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2811:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2814:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2864:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2867:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2870:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2873:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2876:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2880:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret |= MimeDecParseLine((uint8_t *)str, strlen(str), 1, state);
data/suricata-5.0.3/src/util-decode-mime.c:2928:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MimeDecEntity *entity = MimeDecParseFullMsg((uint8_t *)msg, strlen(msg), &line_count,
data/suricata-5.0.3/src/util-decode-mime.c:2961:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MimeDecEntity *entity = MimeDecParseFullMsg((uint8_t *)msg, strlen(msg), &line_count,
data/suricata-5.0.3/src/util-decode-mime.c:3006:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t *dst = SCMalloc(strlen(msg) + 1);
data/suricata-5.0.3/src/util-decode-mime.c:3010:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = DecodeBase64(dst, (const uint8_t *)base64msg, strlen(base64msg), 1);
data/suricata-5.0.3/src/util-decode-mime.c:3012:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (memcmp(dst, msg, strlen(msg)) == 0) {
data/suricata-5.0.3/src/util-decode-mime.c:3027:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(IsExeUrl((const uint8_t *)url1, strlen(url1)) != 0){
data/suricata-5.0.3/src/util-decode-mime.c:3031:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(IsExeUrl((const uint8_t *)url2, strlen(url2)) != 1){
data/suricata-5.0.3/src/util-decode-mime.c:3106:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3109:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3112:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3115:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)mimemsg, strlen(mimemsg), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3118:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3121:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3170:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3173:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3176:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3179:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)mimemsg, strlen(mimemsg), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3182:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-decode-mime.c:3185:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FAIL_IF_NOT(MIME_DEC_OK == MimeDecParseLine((uint8_t *)str, strlen(str), 1, state));
data/suricata-5.0.3/src/util-device.c:245:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t devnamelen = strlen(devname);
data/suricata-5.0.3/src/util-hash-string.c:38:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen((char *)data1);
data/suricata-5.0.3/src/util-hash-string.c:39:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len2 = strlen((char *)data2);
data/suricata-5.0.3/src/util-host-info.c:72:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(kuname.release), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/util-host-os-info.c:134:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(host_os_ip_range) == 0) {
data/suricata-5.0.3/src/util-host-os-info.c:1383:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-host-os-info.c:1428:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-host-os-info.c:1496:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-host-os-info.c:1542:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-host-os-info.c:1586:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(config, strlen(config));
data/suricata-5.0.3/src/util-ioctl.c:134:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pcap_dev == NULL) || strlen(pcap_dev) == 0)
data/suricata-5.0.3/src/util-ip.c:41:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = strlen(str);
data/suricata-5.0.3/src/util-ip.c:86:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t len = strlen(str);
data/suricata-5.0.3/src/util-logopenfile.c:379:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ByteExtractStringUint32(&mode, 8, strlen(filemode),
data/suricata-5.0.3/src/util-lua-common.c:75:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) == 0)
data/suricata-5.0.3/src/util-lua-common.c:640:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return LuaPushStringBuffer(luastate, (const uint8_t *)ld, strlen(ld));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:2942:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->filename));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:2949:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->data));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:2972:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->username));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:2976:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->password));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3011:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->filename));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3034:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->optional_text));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3048:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->file_data));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3065:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->optional_text));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3094:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->filename));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3102:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->file_specification));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3133:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->vendor_code));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3296:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->error_text));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3350:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->username));
data/suricata-5.0.3/src/util-lua-dnp3-objects.c:3375:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(data->username));
data/suricata-5.0.3/src/util-lua-dns.c:101:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return LuaPushStringBuffer(luastate, (const uint8_t *)rcode_str, strlen(rcode_str));
data/suricata-5.0.3/src/util-lua-ja3.c:81:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ssl_state->client_connp.ja3_hash));
data/suricata-5.0.3/src/util-lua-ja3.c:128:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ssl_state->server_connp.ja3_hash));
data/suricata-5.0.3/src/util-lua-ssh.c:73:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)ssh_state->srv_hdr.proto_version));
data/suricata-5.0.3/src/util-lua-ssh.c:104:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)ssh_state->srv_hdr.software_version));
data/suricata-5.0.3/src/util-lua-ssh.c:135:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)ssh_state->cli_hdr.proto_version));
data/suricata-5.0.3/src/util-lua-ssh.c:166:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)ssh_state->cli_hdr.software_version));
data/suricata-5.0.3/src/util-lua-tls.c:165:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int r = LuaPushStringBuffer(luastate, (uint8_t *)ssl_version, strlen(ssl_version));
data/suricata-5.0.3/src/util-lua-tls.c:166:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r += LuaPushStringBuffer(luastate, (uint8_t *)connp->cert0_subject, strlen(connp->cert0_subject));
data/suricata-5.0.3/src/util-lua-tls.c:167:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r += LuaPushStringBuffer(luastate, (uint8_t *)connp->cert0_issuerdn, strlen(connp->cert0_issuerdn));
data/suricata-5.0.3/src/util-lua-tls.c:168:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r += LuaPushStringBuffer(luastate, (uint8_t *)connp->cert0_fingerprint, strlen(connp->cert0_fingerprint));
data/suricata-5.0.3/src/util-lua-tls.c:202:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ssl_version));
data/suricata-5.0.3/src/util-lua-tls.c:233:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ssl_state->client_connp.sni));
data/suricata-5.0.3/src/util-lua-tls.c:265:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ssl_state->server_connp.cert0_serial));
data/suricata-5.0.3/src/util-magic.c:67:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) == 0) {
data/suricata-5.0.3/src/util-mem.h:138:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t _len = strlen((a)); \
data/suricata-5.0.3/src/util-mem.h:274:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t _scstrdup_len = strlen((a)); \
data/suricata-5.0.3/src/util-memcmp.c:204:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alen = strlen(a[i]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:208:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen(b[j]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:243:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alen = strlen(a[i]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:247:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen(b[j]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:282:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alen = strlen(a[i]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:286:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen(b[j]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:321:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alen = strlen(a[i]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:325:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t blen = strlen(b[j]) - 1;
data/suricata-5.0.3/src/util-memcmp.c:373:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SCMemcmpLowercase(t->a, t->b, strlen(t->a)-1) != t->result)
data/suricata-5.0.3/src/util-memrchr.c:49:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ptr = memrchr(haystack, needle, strlen(haystack));
data/suricata-5.0.3/src/util-memrchr.c:53:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ptr) != 2)
data/suricata-5.0.3/src/util-misc.c:90:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pcre_exec_ret = pcre_exec(parse_regex, parse_regex_study, size, strlen(size), 0, 0,
data/suricata-5.0.3/src/util-misc.c:223:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t str_len = strlen(input);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1439:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1472:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1509:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1543:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1577:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1609:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1654:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1755:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1797:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1800:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1803:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1806:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1837:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1864:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1871:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1898:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1905:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1932:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1939:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1966:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:1973:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2000:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2007:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2034:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2041:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2068:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2075:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2101:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2108:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2175:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2273:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2306:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2339:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2372:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2407:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-bs.c:2423:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1509:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1542:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1579:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1613:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1647:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1679:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1724:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1825:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1867:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1870:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1873:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1876:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1907:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1934:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1941:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1968:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:1975:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2002:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2009:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2036:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2043:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2070:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2077:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2104:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2111:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2138:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2145:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2172:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2179:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2246:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2344:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2377:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2410:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2443:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac-ks.c:2459:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-mpm-ac.c:1282:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1315:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1352:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1386:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1420:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1452:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1497:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1598:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1640:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-ac.c:1643:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-ac.c:1646:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-ac.c:1649:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-ac.c:1680:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1707:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1714:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1741:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1748:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1775:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1782:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1809:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1816:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1843:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1850:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1877:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1884:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1911:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1918:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:1945:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-ac.c:1952:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:2019:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:2117:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:2150:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:2183:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:2216:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint8_t *)buf, strlen(buf));
data/suricata-5.0.3/src/util-mpm-ac.c:2232:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-mpm-hs.c:1121:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1154:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1191:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1225:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1259:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1291:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1335:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1436:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1479:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-hs.c:1482:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-hs.c:1485:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 1);
data/suricata-5.0.3/src/util-mpm-hs.c:1488:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf)) == 2);
data/suricata-5.0.3/src/util-mpm-hs.c:1519:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1545:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1553:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1579:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1587:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1613:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1621:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1647:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1655:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1681:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1689:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1720:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1733:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1759:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1767:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1799:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MpmAddPatternCS(&mpm_ctx, (uint8_t *)pat, strlen(pat), 0, 0, 0, 0, 0);
data/suricata-5.0.3/src/util-mpm-hs.c:1813:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1880:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:1978:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:2011:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:2044:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:2077:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(buf));
data/suricata-5.0.3/src/util-mpm-hs.c:2093:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t buflen = strlen((char *)buf);
data/suricata-5.0.3/src/util-napatech.c:284:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000000);
data/suricata-5.0.3/src/util-napatech.c:643:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/suricata-5.0.3/src/util-path.c:41:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) > 1 && path[0] == '/') {
data/suricata-5.0.3/src/util-path.c:46:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) > 2) {
data/suricata-5.0.3/src/util-path.c:90:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(path);
data/suricata-5.0.3/src/util-pool.c:392:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen((char *)allocdata) + 1;
data/suricata-5.0.3/src/util-pool.c:490:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pool *p = PoolInit(10,5,strlen("test") + 1,NULL, PoolTestInitArg,(void *)"test",PoolTestFree, NULL);
data/suricata-5.0.3/src/util-print.c:262:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dst[strlen(dst) - 1] = 0;
data/suricata-5.0.3/src/util-profiling-locks.c:63:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t hash = strlen(fn->file) + fn->line;
data/suricata-5.0.3/src/util-profiling-locks.c:66:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (u = 0; u < strlen(fn->file); u++) {
data/suricata-5.0.3/src/util-profiling-rules.c:162:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uint16_t)strlen(val), val) <= 0) {
data/suricata-5.0.3/src/util-proto-name.c:82:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int proto_len = strlen(known_proto[proto]);
data/suricata-5.0.3/src/util-reference-config.c:154:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (de_ctx != NULL && strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/util-reference-config.c:245:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(regex, regex_study, line, strlen(line), 0, 0, ov, 30);
data/suricata-5.0.3/src/util-reference-config.c:419:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(ref->system);
data/suricata-5.0.3/src/util-reference-config.c:456:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(ref1->system);
data/suricata-5.0.3/src/util-reference-config.c:457:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(ref2->system);
data/suricata-5.0.3/src/util-reference-config.c:555:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILE *fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-reference-config.c:575:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILE *fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-reference-config.c:594:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILE *fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-rule-vars.c:88:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (de_ctx != NULL && strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/util-rule-vars.c:193:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/util-rule-vars.c:257:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/util-rule-vars.c:283:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/util-rule-vars.c:407:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_conf_string, strlen(dummy_conf_string));
data/suricata-5.0.3/src/util-rule-vars.c:475:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ConfYamlLoadString(dummy_mt_conf_string, strlen(dummy_mt_conf_string));
data/suricata-5.0.3/src/util-runmodes.c:76:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(queues) > 0)
data/suricata-5.0.3/src/util-runmodes.c:196:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *printable_threadname = SCMalloc(sizeof(char) * (strlen(thread_name)+5+strlen(dev)));
data/suricata-5.0.3/src/util-runmodes.c:196:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *printable_threadname = SCMalloc(sizeof(char) * (strlen(thread_name)+5+strlen(dev)));
data/suricata-5.0.3/src/util-runmodes.c:203:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(printable_threadname, strlen(thread_name)+5+strlen(dev),
data/suricata-5.0.3/src/util-runmodes.c:203:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(printable_threadname, strlen(thread_name)+5+strlen(dev),
data/suricata-5.0.3/src/util-runmodes.c:306:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *printable_threadname = SCMalloc(sizeof(char) * (strlen(thread_name)+5+strlen(live_dev)));
data/suricata-5.0.3/src/util-runmodes.c:306:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *printable_threadname = SCMalloc(sizeof(char) * (strlen(thread_name)+5+strlen(live_dev)));
data/suricata-5.0.3/src/util-runmodes.c:314:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(printable_threadname, strlen(thread_name)+5+strlen(live_dev), "%s#01-%s",
data/suricata-5.0.3/src/util-runmodes.c:314:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(printable_threadname, strlen(thread_name)+5+strlen(live_dev), "%s#01-%s",
data/suricata-5.0.3/src/util-runmodes.c:319:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(printable_threadname, strlen(thread_name)+5+strlen(live_dev), "%s#%02d-%s",
data/suricata-5.0.3/src/util-runmodes.c:319:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(printable_threadname, strlen(thread_name)+5+strlen(live_dev), "%s#%02d-%s",
data/suricata-5.0.3/src/util-spm.c:294:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:295:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:314:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:315:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:331:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:332:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:351:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:352:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:371:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:372:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:391:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:392:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)in_needle);
data/suricata-5.0.3/src/util-spm.c:427:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:428:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:445:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:446:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:463:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:464:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:484:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:485:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:505:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:506:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:527:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:528:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)needle);
data/suricata-5.0.3/src/util-spm.c:544:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t textlen = strlen((char *)text);
data/suricata-5.0.3/src/util-spm.c:545:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t needlelen = strlen((char *)in_needle);
data/suricata-5.0.3/src/util-spm.c:2628:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d.needle_len = strlen(needle);
data/suricata-5.0.3/src/util-storage.c:104:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (type >= STORAGE_MAX || name == NULL || strlen(name) == 0 ||
data/suricata-5.0.3/src/util-strlcatu.c:62:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(dlen + strlen(s));
data/suricata-5.0.3/src/util-strptime.c:588:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(*n1);
data/suricata-5.0.3/src/util-thash.c:209:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (size_t i = 0; i < strlen(confvalue); i++) {
data/suricata-5.0.3/src/util-thash.c:247:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/util-thash.c:259:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&configval, 10, strlen(conf_val),
data/suricata-5.0.3/src/util-threshold-config.c:203:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (de_ctx != NULL && strlen(de_ctx->config_prefix) > 0) {
data/suricata-5.0.3/src/util-threshold-config.c:706:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(regex_base, regex_base_study, rawstr, strlen(rawstr), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/util-threshold-config.c:756:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_extend) > 0) {
data/suricata-5.0.3/src/util-threshold-config.c:758:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rule_extend, strlen(rule_extend),
data/suricata-5.0.3/src/util-threshold-config.c:807:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_extend) > 0) {
data/suricata-5.0.3/src/util-threshold-config.c:809:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rule_extend, strlen(rule_extend),
data/suricata-5.0.3/src/util-threshold-config.c:835:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rule_extend) > 0) {
data/suricata-5.0.3/src/util-threshold-config.c:837:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rule_extend, strlen(rule_extend),
data/suricata-5.0.3/src/util-threshold-config.c:878:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&parsed_timeout, 10, strlen(th_timeout), th_timeout) <= 0) {
data/suricata-5.0.3/src/util-threshold-config.c:926:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&parsed_count, 10, strlen(th_count), th_count) <= 0) {
data/suricata-5.0.3/src/util-threshold-config.c:934:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&parsed_seconds, 10, strlen(th_seconds), th_seconds) <= 0) {
data/suricata-5.0.3/src/util-threshold-config.c:957:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&id, 10, strlen(th_sid), th_sid) <= 0) {
data/suricata-5.0.3/src/util-threshold-config.c:961:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ByteExtractStringUint32(&gid, 10, strlen(th_gid), th_gid) <= 0) {
data/suricata-5.0.3/src/util-threshold-config.c:1079:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(line);
data/suricata-5.0.3/src/util-threshold-config.c:1146:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1165:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1183:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1204:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1225:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1247:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1267:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1285:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1306:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1327:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:1346:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:2301:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:2353:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:2403:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:2511:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-threshold-config.c:2651:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fd = SCFmemopen((void *)buffer, strlen(buffer), "r");
data/suricata-5.0.3/src/util-time.c:557:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char last = str[strlen(str)-1];
data/suricata-5.0.3/src/util-unittest.c:171:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(ut->name), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/util-unittest.c:204:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = pcre_exec(parse_regex, parse_regex_study, ut->name, strlen(ut->name), 0, 0, ov, MAX_SUBSTRINGS);
data/suricata-5.0.3/src/util-var-name.c:74:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint32_t hash = strlen(fn->name) + fn->type;
data/suricata-5.0.3/src/win32-misc.c:36:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *str = SCMalloc(strlen(name) + strlen(value) + 2);
data/suricata-5.0.3/src/win32-misc.c:36:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *str = SCMalloc(strlen(name) + strlen(value) + 2);
data/suricata-5.0.3/src/win32-misc.c:39:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str, strlen(name) + strlen(value) + 1, "%s=%s", name, value);
data/suricata-5.0.3/src/win32-misc.c:39:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str, strlen(name) + strlen(value) + 1, "%s=%s", name, value);
data/suricata-5.0.3/src/win32-misc.c:47:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *str = SCMalloc(strlen(name) + 2);
data/suricata-5.0.3/src/win32-misc.c:50:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str, strlen(name) + 1, "%s=", name);
data/suricata-5.0.3/src/win32-service.c:228:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[i]) <= strlen("--service-install")) && (strncmp("--service-install", argv[i], strlen(argv[i])) == 0)) {
data/suricata-5.0.3/src/win32-service.c:228:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[i]) <= strlen("--service-install")) && (strncmp("--service-install", argv[i], strlen(argv[i])) == 0)) {
data/suricata-5.0.3/src/win32-service.c:228:108: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[i]) <= strlen("--service-install")) && (strncmp("--service-install", argv[i], strlen(argv[i])) == 0)) {
data/suricata-5.0.3/src/win32-service.c:231:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(path, " ", sizeof(path) - strlen(path) - 1);
data/suricata-5.0.3/src/win32-service.c:232:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(path, argv[i], sizeof(path) - strlen(path) - 1);
data/suricata-5.0.3/src/win32-service.c:353:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[i]) <= strlen("--service-change-params")) && (strncmp("--service-change-params", argv[i], strlen(argv[i])) == 0)) {
data/suricata-5.0.3/src/win32-service.c:353:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[i]) <= strlen("--service-change-params")) && (strncmp("--service-change-params", argv[i], strlen(argv[i])) == 0)) {
data/suricata-5.0.3/src/win32-service.c:353:120: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(argv[i]) <= strlen("--service-change-params")) && (strncmp("--service-change-params", argv[i], strlen(argv[i])) == 0)) {
data/suricata-5.0.3/src/win32-service.c:356:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(path, " ", sizeof(path) - strlen(path) - 1);
data/suricata-5.0.3/src/win32-service.c:357:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(path, argv[i], sizeof(path) - strlen(path) - 1);
data/suricata-5.0.3/src/win32-syscall.c:112:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(adapter_name, current->AdapterName, strlen(adapter_name)) ==
data/suricata-5.0.3/src/win32-syscall.c:206:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error_string[strlen(error_string) - 2] = 0; // remove line breaks
data/suricata-5.0.3/src/win32-syscall.c:973:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n_chars = wcslen(class_name) + wcslen(if_description) +
data/suricata-5.0.3/src/win32-syscall.c:973:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n_chars = wcslen(class_name) + wcslen(if_description) +
data/suricata-5.0.3/src/win32-syscall.c:974:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(instance_name_fmt);
data/suricata-5.0.3/src/win32-syscall.c:1040:37: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t if_description_len = wcslen(if_description);
data/suricata-5.0.3/src/win32-syscall.c:1470:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n_chars = wcslen(class_name) + wcslen(if_description) +
data/suricata-5.0.3/src/win32-syscall.c:1470:43: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n_chars = wcslen(class_name) + wcslen(if_description) +
data/suricata-5.0.3/src/win32-syscall.c:1471:22: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(instance_name_fmt);
data/suricata-5.0.3/src/win32-syscall.c:1675:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(expect_name1)) == 0);
data/suricata-5.0.3/src/win32-syscall.c:1678:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(expect_name2)) == 0);
ANALYSIS SUMMARY:
Hits = 2875
Lines analyzed = 505326 in approximately 12.46 seconds (40553 lines/second)
Physical Source Lines of Code (SLOC) = 361816
Hits@level = [0] 5173 [1] 1406 [2] 1338 [3] 18 [4] 111 [5] 2
Hits@level+ = [0+] 8048 [1+] 2875 [2+] 1469 [3+] 131 [4+] 113 [5+] 2
Hits/KSLOC@level+ = [0+] 22.2434 [1+] 7.94603 [2+] 4.06007 [3+] 0.362062 [4+] 0.312313 [5+] 0.00552767
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.