Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/vino-3.22.0/common/vino-settings-enums.h
Examining data/vino-3.22.0/server/vino-input.h
Examining data/vino-3.22.0/server/vino-upnp.h
Examining data/vino-3.22.0/server/vino-dbus-listener.c
Examining data/vino-3.22.0/server/vino-prompt.c
Examining data/vino-3.22.0/server/vino-types.h
Examining data/vino-3.22.0/server/libvncserver/corre.c
Examining data/vino-3.22.0/server/libvncserver/zrle.c
Examining data/vino-3.22.0/server/libvncserver/zrleoutstream.h
Examining data/vino-3.22.0/server/libvncserver/cutpaste.c
Examining data/vino-3.22.0/server/libvncserver/tabletrans24template.c
Examining data/vino-3.22.0/server/libvncserver/rfb/rfbregion.h
Examining data/vino-3.22.0/server/libvncserver/rfb/rfb.h
Examining data/vino-3.22.0/server/libvncserver/rfb/keysym.h
Examining data/vino-3.22.0/server/libvncserver/rfb/rfbproto.h
Examining data/vino-3.22.0/server/libvncserver/cursor.c
Examining data/vino-3.22.0/server/libvncserver/tight.c
Examining data/vino-3.22.0/server/libvncserver/tableinitcmtemplate.c
Examining data/vino-3.22.0/server/libvncserver/d3des.c
Examining data/vino-3.22.0/server/libvncserver/zrlepalettehelper.c
Examining data/vino-3.22.0/server/libvncserver/zlib.c
Examining data/vino-3.22.0/server/libvncserver/tabletranstemplate.c
Examining data/vino-3.22.0/server/libvncserver/stats.c
Examining data/vino-3.22.0/server/libvncserver/translate.c
Examining data/vino-3.22.0/server/libvncserver/rre.c
Examining data/vino-3.22.0/server/libvncserver/zrleoutstream.c
Examining data/vino-3.22.0/server/libvncserver/vncauth.c
Examining data/vino-3.22.0/server/libvncserver/rfbregion.c
Examining data/vino-3.22.0/server/libvncserver/d3des.h
Examining data/vino-3.22.0/server/libvncserver/auth.c
Examining data/vino-3.22.0/server/libvncserver/zrletypes.h
Examining data/vino-3.22.0/server/libvncserver/tableinittctemplate.c
Examining data/vino-3.22.0/server/libvncserver/zrlepalettehelper.h
Examining data/vino-3.22.0/server/libvncserver/hextile.c
Examining data/vino-3.22.0/server/libvncserver/zrleencodetemplate.c
Examining data/vino-3.22.0/server/libvncserver/main.c
Examining data/vino-3.22.0/server/libvncserver/sockets.c
Examining data/vino-3.22.0/server/libvncserver/tableinit24.c
Examining data/vino-3.22.0/server/libvncserver/rfbserver.c
Examining data/vino-3.22.0/server/vino-prefs.h
Examining data/vino-3.22.0/server/vino-tube-servers-manager.h
Examining data/vino-3.22.0/server/vino-input.c
Examining data/vino-3.22.0/server/vino-tube-servers-manager.c
Examining data/vino-3.22.0/server/vino-fb.c
Examining data/vino-3.22.0/server/vino-status-tube-icon.h
Examining data/vino-3.22.0/server/vino-status-icon.h
Examining data/vino-3.22.0/server/vino-server.h
Examining data/vino-3.22.0/server/vino-tube-server.c
Examining data/vino-3.22.0/server/vino-fb.h
Examining data/vino-3.22.0/server/vino-util.h
Examining data/vino-3.22.0/server/vino-prompt.h
Examining data/vino-3.22.0/server/vino-cursor.c
Examining data/vino-3.22.0/server/vino-cursor.h
Examining data/vino-3.22.0/server/vino-dbus-error.h
Examining data/vino-3.22.0/server/vino-status-icon.c
Examining data/vino-3.22.0/server/vino-tube-server.h
Examining data/vino-3.22.0/server/vino-util.c
Examining data/vino-3.22.0/server/vino-upnp.c
Examining data/vino-3.22.0/server/vino-dbus.c
Examining data/vino-3.22.0/server/vino-dbus-error.c
Examining data/vino-3.22.0/server/vino-dbus-listener.h
Examining data/vino-3.22.0/server/miniupnp/minisoap.h
Examining data/vino-3.22.0/server/miniupnp/minisoap.c
Examining data/vino-3.22.0/server/miniupnp/upnpcommands.h
Examining data/vino-3.22.0/server/miniupnp/declspec.h
Examining data/vino-3.22.0/server/miniupnp/codelength.h
Examining data/vino-3.22.0/server/miniupnp/miniupnpc.h
Examining data/vino-3.22.0/server/miniupnp/minissdpc.h
Examining data/vino-3.22.0/server/miniupnp/bsdqueue.h
Examining data/vino-3.22.0/server/miniupnp/upnpreplyparse.h
Examining data/vino-3.22.0/server/miniupnp/upnpcommands.c
Examining data/vino-3.22.0/server/miniupnp/minixml.c
Examining data/vino-3.22.0/server/miniupnp/igd_desc_parse.h
Examining data/vino-3.22.0/server/miniupnp/igd_desc_parse.c
Examining data/vino-3.22.0/server/miniupnp/minixml.h
Examining data/vino-3.22.0/server/miniupnp/upnpreplyparse.c
Examining data/vino-3.22.0/server/miniupnp/miniwget.c
Examining data/vino-3.22.0/server/miniupnp/miniwget.h
Examining data/vino-3.22.0/server/miniupnp/minissdpc.c
Examining data/vino-3.22.0/server/miniupnp/miniupnpc.c
Examining data/vino-3.22.0/server/smclient/eggdesktopfile.c
Examining data/vino-3.22.0/server/smclient/eggsmclient.h
Examining data/vino-3.22.0/server/smclient/eggsmclient-private.h
Examining data/vino-3.22.0/server/smclient/eggdesktopfile.h
Examining data/vino-3.22.0/server/smclient/eggsmclient.c
Examining data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c
Examining data/vino-3.22.0/server/vino-dbus.h
Examining data/vino-3.22.0/server/vino-status-tube-icon.c
Examining data/vino-3.22.0/server/vino-prefs.c
Examining data/vino-3.22.0/server/vino-mdns.h
Examining data/vino-3.22.0/server/vino-main.c
Examining data/vino-3.22.0/server/vino-server.c
Examining data/vino-3.22.0/server/vino-mdns.c
FINAL RESULTS:
data/vino-3.22.0/server/libvncserver/main.c:74:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/vino-3.22.0/server/libvncserver/rfbserver.c:270:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pv,rfbProtocolVersionFormat,rfbProtocolMajorVersion,
data/vino-3.22.0/server/libvncserver/rfbserver.c:428:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(pv,rfbProtocolVersionFormat,&major_,&minor_) != 2) {
data/vino-3.22.0/server/miniupnp/minisoap.c:15:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/vino-3.22.0/server/miniupnp/minisoap.c:15:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/vino-3.22.0/server/miniupnp/miniupnpc.c:14:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/vino-3.22.0/server/miniupnp/miniupnpc.c:14:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/vino-3.22.0/server/miniupnp/miniupnpc.c:436:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
n = snprintf(bufr, sizeof(bufr),
data/vino-3.22.0/server/miniupnp/miniwget.c:19:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/vino-3.22.0/server/miniupnp/miniwget.c:19:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/vino-3.22.0/server/vino-util.h:61:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, __VA_ARGS__); \
data/vino-3.22.0/server/vino-util.h:66:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, args); \
data/vino-3.22.0/server/libvncserver/vncauth.c:35:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom srand
data/vino-3.22.0/server/libvncserver/vncauth.c:35:17: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom srand
data/vino-3.22.0/server/libvncserver/vncauth.c:36:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random rand
data/vino-3.22.0/server/libvncserver/vncauth.c:64:7: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom((unsigned int)time(0) ^ (unsigned int)getpid());
data/vino-3.22.0/server/libvncserver/vncauth.c:69:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bytes[i] = (unsigned char)(random() & 255);
data/vino-3.22.0/server/libvncserver/auth.c:158:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4 + CHALLENGESIZE];
data/vino-3.22.0/server/libvncserver/auth.c:176:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(auth.buf[4]), (char *)cl->authChallenge, CHALLENGESIZE);
data/vino-3.22.0/server/libvncserver/corre.c:161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/corre.c:167:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&hdr, sz_rfbRREHeader);
data/vino-3.22.0/server/libvncserver/corre.c:178:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], &rreAfterBuf[i], bytesToCopy);
data/vino-3.22.0/server/libvncserver/corre.c:282:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rreAfterBuf[rreAfterBufLen],&subrect,sz_rfbCoRRERectangle); \
data/vino-3.22.0/server/libvncserver/cursor.c:73:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/cursor.c:116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,sz_rfbFramebufferUpdateRectHeader);
data/vino-3.22.0/server/libvncserver/cursor.c:130:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&colors, sz_rfbXCursorColors);
data/vino-3.22.0/server/libvncserver/cursor.c:196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/cursor.c:210:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rfbReverseByte[0x100] = {
data/vino-3.22.0/server/libvncserver/cursor.c:382:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(cursor->source[j*w+i/8]&bit) memcpy(cp,fore,bpp);
data/vino-3.22.0/server/libvncserver/cursor.c:383:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(cp,back,bpp);
data/vino-3.22.0/server/libvncserver/cursor.c:448:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(screen->frameBuffer + (bounds->y1 + j) * rowstride + bounds->x1 * bpp,
data/vino-3.22.0/server/libvncserver/cursor.c:492:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(screen->underCursorBuffer + j * (bounds->x2 - bounds->x1) * bpp,
data/vino-3.22.0/server/libvncserver/cursor.c:505:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(screen->frameBuffer + (bounds->y1 + j) * rowstride + (bounds->x1 + i) * bpp,
data/vino-3.22.0/server/libvncserver/d3des.c:59:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char pc1[56] = {
data/vino-3.22.0/server/libvncserver/d3des.c:65:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char totrot[16] = {
data/vino-3.22.0/server/libvncserver/d3des.c:68:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char pc2[48] = {
data/vino-3.22.0/server/libvncserver/d3des.c:79:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pc1m[56], pcr[56];
data/vino-3.22.0/server/libvncserver/hextile.c:57:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/hextile.c:181:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)clientPixelData, \
data/vino-3.22.0/server/libvncserver/main.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vino-3.22.0/server/libvncserver/rfb/rfb.h:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rfbThisHost[255];
data/vino-3.22.0/server/libvncserver/rfb/rfb.h:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateBuf[UPDATE_BUF_SIZE];
data/vino-3.22.0/server/libvncserver/rfb/rfb.h:531:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char rfbReverseByte[0x100];
data/vino-3.22.0/server/libvncserver/rfb/rfbproto.h:219:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char rfbProtocolVersionMsg[13]; /* allow extra byte for null */
data/vino-3.22.0/server/libvncserver/rfbserver.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NI_MAXHOST] = "(unresolved)";
data/vino-3.22.0/server/libvncserver/rfbserver.c:429:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/vino-3.22.0/server/libvncserver/rfbserver.c:483:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 8, reason, len);
data/vino-3.22.0/server/libvncserver/rfbserver.c:502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/vino-3.22.0/server/libvncserver/rfbserver.c:1303:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/rfbserver.c:1310:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&cr, sz_rfbCopyRect);
data/vino-3.22.0/server/libvncserver/rfbserver.c:1353:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,sz_rfbFramebufferUpdateRectHeader);
data/vino-3.22.0/server/libvncserver/rfbserver.c:1419:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,sz_rfbFramebufferUpdateRectHeader);
data/vino-3.22.0/server/libvncserver/rfbserver.c:1452:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/rfbserver.c:1494:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sz_rfbSetColourMapEntriesMsg + 256 * 3 * 2];
data/vino-3.22.0/server/libvncserver/rre.c:130:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/rre.c:136:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&hdr, sz_rfbRREHeader);
data/vino-3.22.0/server/libvncserver/rre.c:147:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], &rreAfterBuf[i], bytesToCopy);
data/vino-3.22.0/server/libvncserver/rre.c:251:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rreAfterBuf[rreAfterBufLen],&subrect,sz_rfbRectangle); \
data/vino-3.22.0/server/libvncserver/sockets.c:311:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fds, &rfbScreen->allFds, sizeof(fd_set));
data/vino-3.22.0/server/libvncserver/sockets.c:652:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64] = { 0, };
data/vino-3.22.0/server/libvncserver/tabletrans24template.c:113:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op,&outValue,3);
data/vino-3.22.0/server/libvncserver/tabletrans24template.c:227:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op,&t[3*(*(ip++))],3);
data/vino-3.22.0/server/libvncserver/tabletrans24template.c:265:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(op,&outValue,3);
data/vino-3.22.0/server/libvncserver/tight.c:649:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/tight.c:681:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&cl->updateBuf[cl->ublen], tightBeforeBuf, len);
data/vino-3.22.0/server/libvncserver/tight.c:725:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], tightAfterBuf, paletteLen);
data/vino-3.22.0/server/libvncserver/tight.c:736:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], tightAfterBuf, 4);
data/vino-3.22.0/server/libvncserver/tight.c:790:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], tightAfterBuf, paletteNumColors * entryLen);
data/vino-3.22.0/server/libvncserver/tight.c:803:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], tightAfterBuf, paletteNumColors * 2);
data/vino-3.22.0/server/libvncserver/tight.c:892:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], tightBeforeBuf, dataLen);
data/vino-3.22.0/server/libvncserver/tight.c:966:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], &tightAfterBuf[i], portionLen);
data/vino-3.22.0/server/libvncserver/translate.c:205:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(optr, iptr, bytesPerOutputLine);
data/vino-3.22.0/server/libvncserver/translate.c:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sz_rfbSetColourMapEntriesMsg + 256 * 3 * 2];
data/vino-3.22.0/server/libvncserver/vncauth.c:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key[8];
data/vino-3.22.0/server/libvncserver/zlib.c:196:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&rect,
data/vino-3.22.0/server/libvncserver/zlib.c:202:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], (char *)&hdr, sz_rfbZlibHeader);
data/vino-3.22.0/server/libvncserver/zlib.c:213:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cl->updateBuf[cl->ublen], &zlibAfterBuf[i], bytesToCopy);
data/vino-3.22.0/server/libvncserver/zrle.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char zrleBeforeBuf[rfbZRLETileWidth * rfbZRLETileHeight * 4 + 4];
data/vino-3.22.0/server/libvncserver/zrle.c:145:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cl->updateBuf+cl->ublen, (char *)&rect,
data/vino-3.22.0/server/libvncserver/zrle.c:151:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cl->updateBuf+cl->ublen, (char *)&hdr, sz_rfbZRLEHeader);
data/vino-3.22.0/server/libvncserver/zrle.c:164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cl->updateBuf+cl->ublen, (uint8_t*)zos->out.start + i, bytesToCopy);
data/vino-3.22.0/server/libvncserver/zrleoutstream.c:228:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(os->in.ptr, data, n);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:21:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( datas->cureltname, name, l);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:51:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->controlurl_CIF, datas->controlurl_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:52:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->eventsuburl_CIF, datas->eventsuburl_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:53:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->scpdurl_CIF, datas->scpdurl_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:54:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->servicetype_CIF, datas->servicetype_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:59:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->controlurl, datas->controlurl_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:60:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->eventsuburl, datas->eventsuburl_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:61:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->scpdurl, datas->scpdurl_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:62:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(datas->servicetype, datas->servicetype_tmp, MINIUPNPC_URL_MAXSIZE);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.c:91:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstmember, data, l);
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:16:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cureltname[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:17:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char controlurl_CIF[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventsuburl_CIF[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scpdurl_CIF[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servicetype_CIF[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char controlurl[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventsuburl[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scpdurl[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servicetype[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char controlurl_tmp[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventsuburl_tmp[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scpdurl_tmp[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/igd_desc_parse.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servicetype_tmp[MINIUPNPC_URL_MAXSIZE];
data/vino-3.22.0/server/miniupnp/minisoap.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, headers, headerssize);
data/vino-3.22.0/server/miniupnp/minisoap.c:50:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p+headerssize, body, bodysize);
data/vino-3.22.0/server/miniupnp/minisoap.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerbuf[512];
data/vino-3.22.0/server/miniupnp/minisoap.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portstr[8];
data/vino-3.22.0/server/miniupnp/minissdpc.c:26:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2048];
data/vino-3.22.0/server/miniupnp/minissdpc.c:54:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, devtype, stsize);
data/vino-3.22.0/server/miniupnp/minissdpc.c:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp->buffer, url, urlsize);
data/vino-3.22.0/server/miniupnp/minissdpc.c:89:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp->buffer + urlsize + 1, p, stsize);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soapact[128];
data/vino-3.22.0/server/miniupnp/miniupnpc.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char soapbody[2048];
data/vino-3.22.0/server/miniupnp/miniupnpc.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bufr[1536]; /* reception and emission buffer */
data/vino-3.22.0/server/miniupnp/miniupnpc.c:475:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp->buffer, descURL, urlsize);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:477:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp->buffer + urlsize + 1, st, stsize);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[64];
data/vino-3.22.0/server/miniupnp/miniupnpc.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2];
data/vino-3.22.0/server/miniupnp/miniwget.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/vino-3.22.0/server/miniupnp/miniwget.c:125:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(respbuffer+allreadyread, buf + i + 4, n-i-4);
data/vino-3.22.0/server/miniupnp/miniwget.c:137:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(respbuffer+allreadyread, buf, n);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:404:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:482:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpcommands.c:522:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/vino-3.22.0/server/miniupnp/upnpreplyparse.c:21:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data->curelt, name, l);
data/vino-3.22.0/server/miniupnp/upnpreplyparse.c:35:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nv->value, datas, l);
data/vino-3.22.0/server/miniupnp/upnpreplyparse.h:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/vino-3.22.0/server/miniupnp/upnpreplyparse.h:24:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[64];
data/vino-3.22.0/server/miniupnp/upnpreplyparse.h:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curelt[64];
data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c:213:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_str[64];
data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c:324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_string_ret[256];
data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c:883:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (state_file_path, O_WRONLY | O_CREAT | O_EXCL, 0644);
data/vino-3.22.0/server/vino-fb.c:187:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_text [64];
data/vino-3.22.0/server/vino-fb.c:350:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, src, rect->width * bytes_per_pixel);
data/vino-3.22.0/server/vino-fb.c:618:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_text [64];
data/vino-3.22.0/server/vino-server.c:687:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (client->auth_response, response, length);
data/vino-3.22.0/server/vino-upnp.c:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lanaddr[16];
data/vino-3.22.0/server/vino-upnp.c:199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char int_client_tmp[16], int_port_tmp[6];
data/vino-3.22.0/server/vino-util.c:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *retval, buf[INET6_ADDRSTRLEN];
data/vino-3.22.0/server/libvncserver/rfbserver.c:430:5: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if(sscanf(pv,"RFB %03d.%03d %1023s\n",&major_,&minor_,name) != 3) {
data/vino-3.22.0/server/libvncserver/rfbserver.c:476:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(reason);
data/vino-3.22.0/server/libvncserver/rfbserver.c:526:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf + sz_rfbServerInitMsg, cl->screen->desktopName, 127);
data/vino-3.22.0/server/libvncserver/rfbserver.c:527:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf + sz_rfbServerInitMsg);
data/vino-3.22.0/server/libvncserver/sockets.c:51:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define read(sock,buf,len) recv(sock,buf,len,0)
data/vino-3.22.0/server/libvncserver/sockets.c:155:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(netIface != NULL && strlen(netIface) > 0) {
data/vino-3.22.0/server/libvncserver/sockets.c:418:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(sock, buf, len);
data/vino-3.22.0/server/libvncserver/sockets.c:602:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(netIface == NULL || strlen(netIface) == 0)
data/vino-3.22.0/server/libvncserver/sockets.c:751:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(netIface != NULL && strlen(netIface) > 0) {
data/vino-3.22.0/server/libvncserver/vncauth.c:88:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < strlen(passwd)) {
data/vino-3.22.0/server/miniupnp/minisoap.c:83:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bodysize = (int)strlen(body);
data/vino-3.22.0/server/miniupnp/minissdpc.c:43:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr.sun_path, socketpath, sizeof(addr.sun_path) - 1);
data/vino-3.22.0/server/miniupnp/minissdpc.c:50:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stsize = strlen(devtype);
data/vino-3.22.0/server/miniupnp/minissdpc.c:63:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(s, buffer, sizeof(buffer));
data/vino-3.22.0/server/miniupnp/miniupnpc.c:205:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(p, "></" SOAPPREFIX ":Body></" SOAPPREFIX ":Envelope>\r\n",
data/vino-3.22.0/server/miniupnp/miniupnpc.c:509:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst, src, n);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:513:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(dst);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:517:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dst + l, src, n - l);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:528:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 = strlen(data->urlbase);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:530:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 = strlen(descURL);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:533:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n1 += strlen(data->scpdurl);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:534:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n2 += strlen(data->controlurl);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:535:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n3 += strlen(data->controlurl_CIF);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:542:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(urls->ipcondescURL, data->urlbase, n1);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:544:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(urls->ipcondescURL, descURL, n1);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:547:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(urls->controlURL, urls->ipcondescURL, n2);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:548:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(urls->controlURL_CIF, urls->ipcondescURL, n3);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:558:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(urls->ipcondescURL), n1);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:560:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(urls->controlURL), n2);
data/vino-3.22.0/server/miniupnp/miniupnpc.c:562:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(urls->controlURL_CIF), n3);
data/vino-3.22.0/server/miniupnp/miniwget.c:90:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(addr_str, inet_ntoa(saddr.sin_addr), addr_str_len);
data/vino-3.22.0/server/miniupnp/miniwget.c:104:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, buf, strlen(buf), 0);
data/vino-3.22.0/server/miniupnp/miniwget.c:177:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*hostname, p1, (int)(p3-p1));
data/vino-3.22.0/server/miniupnp/miniwget.c:184:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*hostname, p1, (int)(p2-p1));
data/vino-3.22.0/server/miniupnp/upnpcommands.c:130:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(status, p, 64 );
data/vino-3.22.0/server/miniupnp/upnpcommands.c:145:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(lastconnerror, err, 64 );
data/vino-3.22.0/server/miniupnp/upnpcommands.c:182:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(connectionType, p, 64 );
data/vino-3.22.0/server/miniupnp/upnpcommands.c:284:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(extIpAdd, p, 16 );
data/vino-3.22.0/server/miniupnp/upnpcommands.c:422:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rHost, p, 64);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:428:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(extPort, p, 6);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:435:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(protocol, p, 4);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:441:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(intClient, p, 16);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:448:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(intPort, p, 6);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:454:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(enabled, p, 4);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:460:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(desc, p, 80);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:466:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(duration, p, 16);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:545:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(intClient, p, 16);
data/vino-3.22.0/server/miniupnp/upnpcommands.c:553:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(intPort, p, 6);
data/vino-3.22.0/server/miniupnp/upnpreplyparse.c:33:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nv->name, data->curelt, 64);
data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c:1161:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pv.length = strlen (value);
data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c:1195:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pv.length = strlen (values->pdata[i]);
data/vino-3.22.0/server/smclient/eggsmclient-xsmp.c:1224:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prop->vals[0].length = strlen (value);
data/vino-3.22.0/server/vino-server.c:747:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset (password, 0, strlen (password));
data/vino-3.22.0/server/vino-server.c:953:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (out));
data/vino-3.22.0/server/vino-server.c:1620:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(network_interface != NULL && strlen (network_interface) > 0)
ANALYSIS SUMMARY:
Hits = 207
Lines analyzed = 31053 in approximately 0.78 seconds (40030 lines/second)
Physical Source Lines of Code (SLOC) = 21722
Hits@level = [0] 71 [1] 55 [2] 135 [3] 5 [4] 12 [5] 0
Hits@level+ = [0+] 278 [1+] 207 [2+] 152 [3+] 17 [4+] 12 [5+] 0
Hits/KSLOC@level+ = [0+] 12.7981 [1+] 9.52951 [2+] 6.99751 [3+] 0.782617 [4+] 0.552435 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.