Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/eap_register.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/eap_register.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hapd_module_tests.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/main.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hostapd/nt_password_hash.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/spp_client.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/accounting.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/accounting.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/acs.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/acs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/airtime_policy.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/airtime_policy.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_drv_ops.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_drv_ops.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_list.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_list.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_mlme.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_mlme.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/authsrv.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/authsrv.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/beacon.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/beacon.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/bss_load.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/bss_load.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dfs.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dfs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dhcp_snoop.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dhcp_snoop.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/drv_callbacks.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/eap_user_db.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/eth_p_oui.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/eth_p_oui.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/fils_hlp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/fils_hlp.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/gas_query_ap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/gas_query_ap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/gas_serv.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/gas_serv.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hs20.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hs20.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hw_features.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hw_features.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_auth.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_auth.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_he.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_ht.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_shared.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_vht.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/mbo_ap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/mbo_ap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ndisc_snoop.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ndisc_snoop.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/neighbor_db.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/neighbor_db.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/p2p_hostapd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/p2p_hostapd.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/pmksa_cache_auth.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/pmksa_cache_auth.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/preauth_auth.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/preauth_auth.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/rrm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/rrm.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/sta_info.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/sta_info.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/tkip_countermeasures.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/tkip_countermeasures.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/utils.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_ifconfig.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_init.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_init.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_ioctl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_util.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_util.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wmm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wmm.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wnm_ap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wnm_ap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_ft.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_glue.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_glue.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_ie.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_ie.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_kay.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth_kay.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/x_snoop.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/ap/x_snoop.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/cli.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/cli.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/common_module_tests.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dhcp.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_auth.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_crypto.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_pkex.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_reconfig.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_tcp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dragonfly.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/dragonfly.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/eapol_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/gas.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/gas.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/gas_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/gas_server.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/hw_features_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/hw_features_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_1x_defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/linux_bridge.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/linux_vlan.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ocv.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/ocv.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/privsep_commands.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/qca-vendor-attr.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/qca-vendor.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/sae.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/sae.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/tnc.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/version.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-cbc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-ccm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-ctr.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-eax.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-encblock.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal-dec.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal-enc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-omac1.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-siv.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-unwrap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-wrap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_siv.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_wrap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-modexp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-rsa.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/dh_group5.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/dh_group5.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/dh_groups.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/dh_groups.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/fips_prf_internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/fips_prf_openssl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/fips_prf_wolfssl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md4-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md5-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md5.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md5.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md5_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/milenage.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/milenage.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/rc4.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-pbkdf2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-prf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-tlsprf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-tprf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256-kdf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256-prf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256-tlsprf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-kdf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-prf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-tlsprf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512-internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512-kdf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512-prf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_gnutls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl_ocsp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/android_drv.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_macsec_linux.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_macsec_qca.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis_.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_android.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_capa.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_event.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_monitor.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_scan.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_openbsd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_privsep.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_roboswitch.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wired.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wired_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wired_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/drivers.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_defines.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_ioctl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_ioctl.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_wext.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/ndis_events.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/netlink.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/netlink.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/nl80211_copy.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/priv_netlink.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/chap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/chap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_eke_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_eke_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_fast_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_fast_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_gpsk_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_gpsk_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_ikev2_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_ikev2_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_pax_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_pax_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_peap_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_peap_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_psk_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_psk_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_pwd_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_pwd_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sake_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sake_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_teap_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_teap_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_tlv_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_ttls.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_wsc_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_wsc_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_aka.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_config.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_eke.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast_pac.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast_pac.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_gpsk.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_gtc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_ikev2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_leap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_md5.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_methods.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_methods.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_mschapv2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_otp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_pax.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_peap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_proxy.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_proxy_dummy.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_psk.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_pwd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_sake.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_sim.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap_pac.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap_pac.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_tls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_tls_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_tls_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_tnc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_ttls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_vendor_test.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_wsc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/ikev2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/ikev2.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/mschapv2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/mschapv2.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/tncc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/tncc.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_methods.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_aka.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_eke.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_fast.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_gpsk.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_gtc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_identity.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_ikev2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_md5.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_methods.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_mschapv2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_pax.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_peap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_psk.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_pwd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_sake.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_sim.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_teap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_tls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_tls_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_tnc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_ttls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_vendor_test.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_wsc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_tls_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/ikev2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/ikev2.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/tncs.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/tncs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_dump.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_supp/eapol_supp_sm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_supp/eapol_supp_sm.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_aux.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_aux.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_iface.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_iface.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_group.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_group.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_iface.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_iface.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_internal.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_session.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_session.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_freebsd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_linux.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_ndis.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_pcap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_privsep.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_winpcap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_build.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_dev_disc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_go_neg.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_group.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_invitation.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_pd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_sd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_utils.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_cp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_cp.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_key.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_key.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_secy_ops.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_secy_ops.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_das.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_das.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/pmksa_cache.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/pmksa_cache.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/preauth.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/preauth.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/tdls.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa_ft.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa_ie.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa_ie.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/asn1.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/asn1.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/bignum.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/bignum.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/libtommath.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs1.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs1.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs5.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs5.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs8.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs8.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/rsa.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/rsa.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_ocsp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_read.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_write.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_record.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_record.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server_read.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server_write.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/base64.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/base64.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/bitfield.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/bitfield.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-android.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-system.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-wpadebug.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/build_config.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/const_time.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/crc32.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/crc32.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit_readline.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit_simple.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/eloop.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/eloop.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/eloop_win.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/ext_password.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/ext_password.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/ext_password_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/ext_password_test.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http-utils.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/includes.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/ip_addr.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/ip_addr.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/json.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/json.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/list.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/module_tests.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_win32.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/platform.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/radiotap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/radiotap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/radiotap_iter.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/state_machine.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/trace.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/trace.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/uuid.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/uuid.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpabuf.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpabuf.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml-utils.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml-utils.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml_libxml2.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/http.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/http_client.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/http_client.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/http_server.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/http_server.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/ndef.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/upnp_xml.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/upnp_xml.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_attr_build.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_attr_parse.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_attr_parse.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_attr_process.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_defs.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_dev_attr.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_dev_attr.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_enrollee.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er_ssdp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_module_tests.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_registrar.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_event.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ssdp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_validate.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ap.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ap.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan_exponential.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan_periodic.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_simple.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder_constants.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder_constants.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder_manager.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/binder_manager.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/iface.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/iface.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/supplicant.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/binder/supplicant.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/blacklist.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/blacklist.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bss.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bss.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_ssid.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_named_pipe.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_common.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_common.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_common_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_dict_helpers.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_dict_helpers.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_wps.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_helpers.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_helpers.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_introspect.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/driver_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eap_register.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/events.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/gas_query.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/gas_query.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ibss_rsn.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ibss_rsn.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/libwpa_test.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main_none.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main_winmain.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main_winsvc.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mbo.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_mpm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_mpm.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_rsn.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_rsn.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/nfc_pw_token.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/notify.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/notify.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/offchannel.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/offchannel.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/op_classes.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant_sd.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/preauth_test.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/rrm.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/scan.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/scan.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/sme.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/sme.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wifi_display.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wifi_display.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/win_if_list.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wmm_ac.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wmm_ac.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wnm_sta.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wnm_sta.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/eventhistory.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/eventhistory.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/main.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresults.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresults.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresultsitem.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresultsitem.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/signalbar.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/signalbar.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/stringquery.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/stringquery.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/userdatarequest.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/userdatarequest.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpamsg.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_passphrase.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_priv.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpas_glue.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpas_glue.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpas_kay.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpas_kay.h
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpas_module_tests.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c
Examining data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.h
FINAL RESULTS:
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4032:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(hapd->conf->ctrl_interface, S_IRWXU | S_IRWXG) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4106:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4849:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:126:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(path, mode) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:944:8: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
res = readlink(path, buf, sizeof(buf) - 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_ioctl.c:204:8: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
res = readlink(path, brlink, sizeof(brlink));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_ioctl.c:225:8: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
res = readlink(buf, masterlink, sizeof(masterlink));
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/trace.c:60:8: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
len = readlink(exe, fname, sizeof(fname) - 1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:1687:15: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod_ret = chmod(tmp_name,
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:554:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(dir, S_IRWXU | S_IRWXG) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:591:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(dir, S_IRUSR | S_IWUSR | S_IXUSR | S_IRGRP | S_IXGRP) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:657:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(fname, S_IRWXU | S_IRWXG) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:1265:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(ctrl, S_IRWXU | S_IRWXG) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:1272:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(ctrl, S_IRWXU) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:429:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(fname, statbuf.st_mode) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_priv.c:848:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(iface->sock_name, S_IRWXU | S_IRWXG | S_IRWXO) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:127:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access(client_socket_dir, F_OK) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:38:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:50:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(f, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:70:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(f, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h:61:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 2, 3)));
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h:63:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 2, 3)));
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:42:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(ctx->debug_log, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:75:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(addr, sizeof(addr), MACSTR, MAC2STR(mac_addr));
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2197:4: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "DevDetail MAC address: "
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.h:27:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__ ((format (printf, 3, 4)));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:251:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(format, maxlen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:2531:44: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *end, *ie_start, *ie, *session, *crypt;
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:2569:12: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (end - crypt < AES_BLOCK_SIZE) {
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:2596:52: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (aes_siv_decrypt(sm->PTK.kek, sm->PTK.kek_len, crypt, end - crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:2596:65: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (aes_siv_decrypt(sm->PTK.kek, sm->PTK.kek_len, crypt, end - crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-ccm.c:150:44: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *aad, size_t aad_len, u8 *crypt, u8 *auth)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-ccm.c:168:41: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_ccm_encr(aes, L, plain, plain_len, crypt, a);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-ccm.c:179:29: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
size_t M, const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-ccm.c:199:23: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_ccm_encr(aes, L, crypt, crypt_len, plain, a);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:230:16: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len, u8 *S)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:242:11: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
ghash(H, crypt, crypt_len, S);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:256:44: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *aad, size_t aad_len, u8 *crypt, u8 *tag)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:270:42: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_gcm_gctr(aes, J0, plain, plain_len, crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:272:33: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_gcm_ghash(H, aad, aad_len, crypt, plain_len, S);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:289:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:304:24: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_gcm_gctr(aes, J0, crypt, crypt_len, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-gcm.c:306:33: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_gcm_ghash(H, aad, aad_len, crypt, crypt_len, S);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal-dec.c:151:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal-dec.c:154:44: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
rijndaelDecrypt(ctx, rk[AES_PRIV_NR_POS], crypt, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal-enc.c:119:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes-internal-enc.c:122:51: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
rijndaelEncrypt(ctx, rk[AES_PRIV_NR_POS], plain, crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes.h:15:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes.h:18:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_wrap.h:56:12: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, u8 *tag);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_wrap.h:59:18: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_wrap.h:67:43: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *aad, size_t aad_len, u8 *crypt, u8 *auth);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/aes_wrap.h:69:28: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
size_t M, const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto.h:128:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto.h:151:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto.h:253:33: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *plain, u8 *crypt, size_t len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto.h:268:22: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, u8 *plain, size_t len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto.h:417:43: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
struct crypto_public_key *key, const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:237:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:240:26: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
gcry_cipher_encrypt(hd, crypt, 16, plain, 16);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:271:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:274:37: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
gcry_cipher_decrypt(hd, plain, 16, crypt, 16);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:482:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:484:36: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (gcry_cipher_encrypt(ctx->enc, crypt, len, plain, len) !=
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:491:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:494:48: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (gcry_cipher_decrypt(ctx->dec, plain, len, crypt, len) !=
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:104:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:110:16: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (plain != crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:111:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(crypt, plain, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:113:28: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
ctx->u.rc4.used_bytes, crypt, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:125:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(crypt, ctx->u.aes.cbc, AES_BLOCK_SIZE);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:139:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(crypt, ctx->u.des3.cbc, 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:153:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(crypt, ctx->u.des.cbc, 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:166:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:174:16: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (plain != crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:175:21: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(plain, crypt, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:185:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(tmp, crypt, AES_BLOCK_SIZE);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:186:36: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
aes_decrypt(ctx->u.aes.ctx_dec, crypt, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:199:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(tmp, crypt, 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:200:17: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
des3_decrypt(crypt, &ctx->u.des3.key, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:213:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(tmp, crypt, 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-cipher.c:214:22: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
des_block_decrypt(crypt, ctx->u.des.dk, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-rsa.c:112:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_internal-rsa.c:116:6: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
crypt, crypt_len, plain, plain_len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:100:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:103:32: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return aes_ecb_encrypt(plain, crypt, skey) == CRYPT_OK ? 0 : -1;
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:129:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:132:39: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return aes_ecb_encrypt(plain, (u8 *) crypt, skey) == CRYPT_OK ? 0 : -1;
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:355:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:360:16: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (plain != crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:361:14: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(crypt, plain, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:363:28: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
ctx->u.rc4.used_bytes, crypt, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:368:27: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
res = cbc_encrypt(plain, crypt, len, &ctx->u.cbc);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:378:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:384:16: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (plain != crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:385:21: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(plain, crypt, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:392:20: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
res = cbc_decrypt(crypt, plain, len, &ctx->u.cbc);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:616:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_libtomcrypt.c:624:20: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
res = rsa_exptmod(crypt, crypt_len, plain, &len, PK_PUBLIC,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:503:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:507:56: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return linux_af_alg_skcipher_oper(skcipher, 1, plain, crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:523:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:527:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return linux_af_alg_skcipher_oper(skcipher, 0, crypt, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:979:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:981:56: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return crypto_cipher_oper(ctx, ALG_OP_ENCRYPT, plain, crypt, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:985:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:988:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
return crypto_cipher_oper(ctx, ALG_OP_DECRYPT, crypt, plain, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:261:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:264:43: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
nettle_aes_encrypt(actx, AES_BLOCK_SIZE, crypt, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:292:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:295:50: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
nettle_aes_decrypt(actx, AES_BLOCK_SIZE, plain, crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:437:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:441:50: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
nettle_arcfour_crypt(&ctx->u.arcfour_ctx, len, crypt, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:451:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_nettle.c:456:57: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
nettle_arcfour_crypt(&ctx->u.arcfour_ctx, len, plain, crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:341:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:345:27: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (EVP_EncryptUpdate(c, crypt, &clen, plain, 16) != 1) {
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:398:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:402:41: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (EVP_DecryptUpdate(c, plain, &plen, crypt, 16) != 1) {
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:678:12: [4] (crypto) EVP_des_cbc:
DES only supports a 56-bit keysize, which is too small given today's
computers (CWE-327). Use a different patent-free encryption algorithm with
a larger keysize, such as 3DES or AES.
cipher = EVP_des_cbc();
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:719:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:722:35: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (!EVP_EncryptUpdate(ctx->enc, crypt, &outl, plain, len))
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:728:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:733:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (!EVP_DecryptUpdate(ctx->dec, plain, &outl, crypt, len))
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:328:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:330:27: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
wc_AesEncryptDirect(ctx, crypt, plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:361:38: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:363:34: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
wc_AesDecryptDirect(ctx, plain, crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:545:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:551:34: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
wc_Arc4Process(&ctx->enc.arc4, crypt, plain, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:557:39: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (wc_AesCbcEncrypt(&ctx->enc.aes, crypt, plain, len) != 0)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:563:42: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (wc_Des3_CbcEncrypt(&ctx->enc.des3, crypt, plain, len) != 0)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:574:64: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
int crypto_cipher_decrypt(struct crypto_cipher *ctx, const u8 *crypt,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:581:41: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
wc_Arc4Process(&ctx->dec.arc4, plain, crypt, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:587:46: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (wc_AesCbcDecrypt(&ctx->dec.aes, plain, crypt, len) != 0)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:593:49: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (wc_Des3_CbcDecrypt(&ctx->dec.des3, plain, crypt, len) != 0)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:435:60: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des_block_encrypt(const u8 *plain, const u32 *ek, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:441:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
WPA_PUT_BE32(crypt, work[0]);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:446:34: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des_block_decrypt(const u8 *crypt, const u32 *dk, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:449:25: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
work[0] = WPA_GET_BE32(crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:469:70: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des3_encrypt(const u8 *plain, const struct des3_key_s *key, u8 *crypt)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:478:15: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
WPA_PUT_BE32(crypt, work[0]);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:483:29: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des3_decrypt(const u8 *crypt, const struct des3_key_s *key, u8 *plain)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des-internal.c:487:25: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
work[0] = WPA_GET_BE32(crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des_i.h:18:60: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des_block_encrypt(const u8 *plain, const u32 *ek, u8 *crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des_i.h:19:34: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des_block_decrypt(const u8 *crypt, const u32 *dk, u8 *plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des_i.h:22:70: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des3_encrypt(const u8 *plain, const struct des3_key_s *key, u8 *crypt);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/des_i.h:23:29: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
void des3_decrypt(const u8 *crypt, const struct des3_key_s *key, u8 *plain);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:1010:18: [4] (crypto) EVP_rc2_40_cbc:
These keysizes are too small given today's computers (CWE-327). Use a
different patent-free encryption algorithm with a larger keysize, such as
3DES or AES.
EVP_add_cipher(EVP_rc2_40_cbc());
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:783:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), MACSTR, MAC2STR(addr));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:785:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), MACSTR, 0,0,0,0,0,0);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:427:32: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_strlcpy((char *) param->u.crypt.alg, "NONE",
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:431:32: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_strlcpy((char *) param->u.crypt.alg, "WEP",
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:435:32: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_strlcpy((char *) param->u.crypt.alg, "TKIP",
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:439:32: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_strlcpy((char *) param->u.crypt.alg, "CCMP",
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:446:11: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
param->u.crypt.flags = set_tx ? HOSTAP_CRYPT_FLAG_SET_TX_KEY : 0;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:447:11: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
param->u.crypt.idx = key_idx;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:448:11: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
param->u.crypt.key_len = key_len;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:481:11: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
param->u.crypt.idx = idx;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:487:27: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(seq, param->u.crypt.seq, 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:596:2: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, sizeof(buf), "/proc/net/hostap/%s/" MACSTR,
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.h:173:5: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
} crypt;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.c:176:31: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *plain, u8 *crypt, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.c:199:43: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (crypto_cipher_encrypt(cipher, plain, crypt, len) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.c:211:20: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, u8 *plain, size_t len)
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.c:234:36: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (crypto_cipher_decrypt(cipher, crypt, plain, len) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.h:282:31: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *plain, u8 *crypt, size_t len);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/ikev2_common.h:284:20: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, u8 *plain, size_t len);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server.c:197:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server.c:204:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm.c:77:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(format, maxlen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:5192:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:5208:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:5224:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, sizeof(buf), fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:299:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:306:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs1.c:135:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs1.c:142:25: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (crypto_rsa_exptmod(crypt, crypt_len, plain, &len, key, 0) < 0)
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs1.h:22:19: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
const u8 *crypt, size_t crypt_len,
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server.c:31:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_server.c:38:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-android.c:108:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv("/system/bin/am", argv);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-android.c:121:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system("/system/bin/input keyevent KEYCODE_HOME") != 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-system.c:104:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv("/usr/bin/x-www-browser", argv);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c:281:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(buf, size, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h:79:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef vsnprintf
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h:80:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf _vsnprintf
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h:353:52: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTF_FORMAT(a,b) __attribute__ ((format (printf, (a), (b))))
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h:368:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int snprintf(char *str, size_t size, const char *format, ...);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h:371:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *str, size_t size, const char *format, va_list ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:892:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("\rsearch '%s': %s" CLEAR_END_LINE,
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:911:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("\r" CLEAR_END_LINE);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:550:21: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define os_snprintf _snprintf
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:552:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define os_snprintf snprintf
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:662:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:663:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf OS_DO_NOT_USE_snprintf
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:665:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define strcpy OS_DO_NOT_USE_strcpy
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:501:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(str, size, format, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:546:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(program, argv);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:460:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access(fname, F_OK) == 0;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:839:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(program, argv);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:231:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(out_file, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:238:4: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:248:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(wpa_debug_tracing_file, WPAS_TRACE_PFX, level);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:249:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(wpa_debug_tracing_file, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:265:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(wpa_debug_tracing_file,
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:406:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(wpa_debug_tracing_file,
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:648:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:668:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:688:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:698:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:713:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:723:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:743:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:753:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:768:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:778:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:795:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:805:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:834:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
buflen = vsnprintf(NULL, 0, fmt, ap) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:844:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, buflen, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpabuf.c:305:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
res = vsnprintf(tmp, buf->size - buf->used, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml_libxml2.c:44:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(str->buf + str->len, MAX_STR, fmt, ap);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_rsn.c:679:7: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (!crypt) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_rsn.c:685:12: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_memcpy(crypt, elems->mic, crypt_len);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_rsn.c:687:50: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
if (aes_siv_decrypt(sta->aek, sizeof(sta->aek), crypt, crypt_len, 3,
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/mesh_rsn.c:792:10: [4] (crypto) crypt:
The crypt functions use a poor one-way hashing algorithm; since they only
accept passwords of 8 characters or fewer and only a two-byte salt, they
are excessively vulnerable to dictionary attacks given today's faster
computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
with a larger, non-repeating salt.
os_free(crypt);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:144:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(ctrl_iface_dir, F_OK) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:152:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access(client_socket_dir, F_OK) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/main.cpp:42:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
locale = QLocale::system().name();
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:1017:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "D:g:hi:m:s:u");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1932:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:2014:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "a:BhG:i:p:P:rs:v");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/main.c:688:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "b:Bde:f:hi:KP:sSTtu:vg:G:");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:3201:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "df:hKNo:O:qr:s:S:tTw:x:");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:71:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ctx->addr = getenv("HS20ADDR");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:74:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ctx->test = getenv("HS20TEST");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:79:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
user = getenv("HS20USER");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:82:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
realm = getenv("HS20REALM");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:87:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
post = getenv("HS20POST");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:93:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ctx->imsi = getenv("HS20IMSI");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:97:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ctx->eap_method = getenv("HS20EAPMETHOD");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:101:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ctx->id_hash = getenv("HS20IDHASH");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:162:11: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt(argc, argv, "f:r:v");
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/beacon.c:1027:6: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
drand48() < hapd->iconf->ignore_probe_probability) {
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c:2271:6: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
drand48() < hapd->iconf->ignore_auth_probability) {
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c:4108:7: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
drand48() < hapd->iconf->ignore_reassoc_probability) {
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c:4116:7: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
drand48() < hapd->iconf->ignore_assoc_probability) {
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:1655:7: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
drand48() < conf->corrupt_gtk_rekey_mic_probability) {
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2526:7: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hm = LoadLibrary(TEXT("wzcsapi.dll"));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:119:8: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
phy = realpath(buf, NULL);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:160:13: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
rfk_phy = realpath(buf2, NULL);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/tncc.c:408:19: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
imc->dlhandle = LoadLibrary(lib);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/tncc.c:412:18: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
imc->dlhandle = LoadLibrary(imc->path);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c:382:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc, char *const argv[], const char *optstring)
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.h:375:5: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int getopt(int argc, char *const argv[], const char *optstring);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:150:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random();
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:288:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random();
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:371:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:198:8: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
dll = LoadLibrary("winscard");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1326:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "a:A:c:C:ei:M:nN:o:p:P:r:R:s:St:T:vW");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main.c:203:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv,
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4342:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4707:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "a:Bg:G:hi:p:P:rs:v");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:249:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(app->argc, app->argv, "i:m:p:tq");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1441:6: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("KDE_FULL_SESSION") != NULL) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_priv.c:1224:7: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt(argc, argv, "Bc:dP:");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], *pos, *pos2, *pos3;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:36:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:174:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:221:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vlan_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *pos, *start, *pos2;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:315:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:895:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
list[count++] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:952:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1012:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
queue->aifs = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1019:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
queue->cwmin = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1026:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
queue->cwmax = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1437:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
url->venue_number = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1571:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
realm->encoding = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1612:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eap->eap_method = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1622:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eap->auth_id[eap->num_auths] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1627:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eap->auth_val[eap->num_auths] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1678:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
infoid = atoi(buf);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1728:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1775:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conn_cap[0] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1780:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE16(conn_cap + 1, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1785:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conn_cap[3] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1814:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE32(wan_metrics + 1, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1821:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE32(wan_metrics + 5, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1828:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wan_metrics[9] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1835:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wan_metrics[10] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1842:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE16(wan_metrics + 11, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1883:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
icon->width = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:1889:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
icon->height = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2113:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bias[num].channel = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2251:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wt->weight = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2290:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pw->vlan_id = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2395:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->logger_syslog_level = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2397:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->logger_stdout_level = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2399:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->logger_syslog = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2401:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->logger_stdout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2429:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ssid.utf8_ssid = atoi(pos) > 0;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2431:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enum macaddr_acl acl = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2456:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wds_sta = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2458:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->start_disabled = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2460:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->isolate = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2462:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ap_max_inactivity = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2464:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->skip_inactivity_poll = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2477:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ieee80211d = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2479:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ieee80211h = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2481:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ieee802_1x = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2483:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int eapol_version = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2499:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_server = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2502:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_server = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2538:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->check_crl = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2540:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->check_crl_strict = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2542:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->crl_reload_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2544:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->tls_session_lifetime = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2548:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->max_auth_rounds = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2550:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->max_auth_rounds_short = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2567:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->fragment_size = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2605:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_fast_prov = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2607:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->pac_key_lifetime = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2609:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->pac_key_refresh_time = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2613:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2623:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_teap_pac_no_inner = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2625:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_teap_separate_result = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2627:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_teap_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2634:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_sim_db_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2636:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_sim_aka_result_ind = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2638:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_sim_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2642:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->tnc = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2646:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->pwd_group = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2650:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_server_erp = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2672:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->erp_send_reauth_start = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2678:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2688:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2698:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wep_rekeying_period = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2706:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eap_reauth_period = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2713:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->eapol_key_index_workaround = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2758:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius->auth_server->port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2792:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius->acct_server->port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2806:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius->retry_primary_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2808:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->acct_interim_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2810:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_request_cui = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2847:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_das_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2855:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_das_time_window = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2857:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_das_require_event_timestamp = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2860:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_das_require_message_authenticator = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2863:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->auth_algs = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2870:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->max_num_sta = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2878:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2880:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2890:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_group_rekey = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2893:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_strict_rekey = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2895:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_gmk_rekey = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2897:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_ptk_rekey = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2899:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_deny_ptk0_rekey = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2930:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_disable_eapol_key_retries = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:2973:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wpa_psk_radius = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3018:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->rsn_preauth = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3046:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->r0_key_lifetime = atoi(pos) * 60;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3048:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->r0_key_lifetime = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3050:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->r1_max_key_lifetime = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3052:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->reassociation_deadline = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3054:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->rkh_pos_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3056:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->rkh_neg_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3058:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->rkh_pull_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3060:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->rkh_pull_retries = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3074:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->pmk_r1_push = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3076:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ft_over_ds = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3078:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ft_psk_generate_local = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3116:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_server_auth_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3118:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_server_acct_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3120:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->radius_server_ipv6 = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3123:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->use_pae_group_addr = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3158:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->acs_exclude_dfs = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3160:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->op_class = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3172:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->channel = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3176:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->edmg_channel = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3178:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->enable_edmg = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3193:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->acs_exclude_6ghz_non_psc = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3195:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3210:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3225:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3234:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3244:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3254:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->rts_threshold = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3262:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->fragm_threshold = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3273:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3296:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(pos + 3);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3306:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(pos + 4);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3316:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3327:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3332:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ignore_broadcast_ssid = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3334:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->no_probe_resp_if_max_sta = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3337:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ssid.wep.idx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3357:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ssid.dynamic_vlan = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3359:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ssid.per_sta_vif = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3367:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ssid.vlan_naming = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3382:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ap_table_max_size = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3384:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ap_table_expiration_time = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3393:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wmm_enabled = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3395:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wmm_uapsd = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3416:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->use_driver_iface_addr = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3418:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ieee80211w = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3434:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->beacon_prot = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3436:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->assoc_sa_query_max_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3443:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->assoc_sa_query_retry_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3451:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ocv = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3456:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ieee80211n = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3464:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->require_ht = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3466:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->obss_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3469:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ieee80211ac = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3477:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->require_vht = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3479:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->vht_oper_chwidth = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3481:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->vht_oper_centr_freq_seg0_idx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3483:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->vht_oper_centr_freq_seg1_idx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3485:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->vendor_vht = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3487:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->use_sta_nsts = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3491:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ieee80211ax = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3493:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_phy_capab.he_su_beamformer = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3495:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_phy_capab.he_su_beamformee = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3497:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_phy_capab.he_mu_beamformer = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3499:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_op.he_bss_color = atoi(pos) & 0x3f;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3502:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_op.he_bss_color_partial = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3504:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_op.he_default_pe_duration = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3506:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_op.he_twt_required = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3508:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_op.he_rts_threshold = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3510:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_op.he_basic_mcs_nss_set = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3513:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_QOS_INFO_EDCA_PARAM_SET_COUNT);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3516:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_QOS_INFO_Q_ACK);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3519:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_QOS_INFO_QUEUE_REQUEST);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3522:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_QOS_INFO_TXOP_REQUEST);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3525:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3528:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3531:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3534:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3537:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3540:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos) & 0xff;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3543:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3546:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3549:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3552:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3555:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3558:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos) & 0xff;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3561:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3564:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3567:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3570:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3573:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3576:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos) & 0xff;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3579:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_AIFSN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3582:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACM);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3585:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ACI);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3588:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMIN);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3591:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_he_cap(atoi(pos), HE_MU_AC_PARAM_ECWMAX);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3594:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos) & 0xff;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3596:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->spr.sr_control = atoi(pos) & 0xff;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3598:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->spr.non_srg_obss_pd_max_offset = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3600:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->spr.srg_obss_pd_min_offset = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3602:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->spr.srg_obss_pd_max_offset = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3604:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_oper_chwidth = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3606:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_oper_centr_freq_seg0_idx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3608:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->he_oper_centr_freq_seg1_idx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3611:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->max_listen_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3613:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->disable_pmksa_caching = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3615:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->okc = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3618:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wps_state = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3625:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wps_independent = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3627:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ap_setup_locked = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3695:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->skip_cred_build = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3705:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wps_cred_processing = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3707:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wps_cred_add_sae = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3786:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->pbc_in_m1 = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3795:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wps_nfc_dev_pw_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3819:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3824:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3830:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->disassoc_low_ack = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3832:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3837:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3844:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rsn_testing = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3847:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->time_advertisement = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3861:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wnm_sleep_mode = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3863:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->wnm_sleep_mode_no_keys = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3865:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->bss_transition = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3869:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->interworking = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3871:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->access_network_type = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3880:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->internet = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3882:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->asra = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3884:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->esr = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3886:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->uesa = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3888:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->venue_group = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3891:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->venue_type = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3985:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:3995:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->gas_comeback_delay = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4007:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->proxy_arp = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4011:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->hs20 = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4013:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4023:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->disable_dgaf = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4025:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->na_mcast_to_ucast = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4027:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->osen = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4029:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->anqp_domain_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4031:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->hs20_deauth_req_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4103:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->subscr_remediation_method = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4118:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->mbo_enabled = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4120:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->mbo_cell_data_conn_pref = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4122:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->oce = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4143:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ecsa_ie_only = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4145:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE16(bss->bss_load_test, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4153:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->bss_load_test[2] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4161:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE16(&bss->bss_load_test[3], atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4168:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4192:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->sae_reflection_attack = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4215:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->no_beacon_rsnxe = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4217:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->skip_prune_assoc = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4219:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ft_rsnxe_used = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4236:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->sae_anti_clogging_threshold = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4238:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->sae_sync = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4247:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->sae_require_mfp = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4249:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->sae_confirm_immediate = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4251:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->sae_pwe = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4253:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4261:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->spectrum_mgmt_required = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4325:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->track_sta_max_num = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4327:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->track_sta_max_age = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4349:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4353:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos))
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4359:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->gas_address3 = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4361:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->stationary_ap = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4363:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ftm_responder = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4365:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->ftm_initiator = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4379:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->fils_dh_group = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4388:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->dhcp_rapid_commit_proxy = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4390:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->fils_hlp_wait_time = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4392:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->dhcp_server_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4394:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->dhcp_relay_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4397:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->multicast_to_unicast = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4399:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->broadcast_deauth = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4423:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->dpp_configurator_connectivity = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4425:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4468:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->owe_ptk_workaround = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4471:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->coloc_intf_reporting = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4473:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4483:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->rssi_reject_assoc_rssi = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4485:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->rssi_reject_assoc_timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4487:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->pbss = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4492:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4501:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->airtime_update_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4503:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->airtime_weight = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4505:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4524:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int macsec_policy = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4534:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int macsec_integ_only = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4544:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int macsec_replay_protect = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4554:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->macsec_replay_window = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4556:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int macsec_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4566:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int mka_priority = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/config_file.c:4630:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:171:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(timeout_txt);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin[9];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:212:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pin_val = atoi(pin);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:463:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:485:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:636:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
code = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:642:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reauth_delay = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:686:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:784:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
disassoc_timer = atoi(cmd + 17);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:821:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
disassoc_timer = atoi(timerstr);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:866:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
disassoc_timer = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:876:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
valid_int = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:893:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_LE16(&bss_term_dur[10], atoi(end));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1021:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto_report = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1026:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[PMK_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1403:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wps_testing_dummy_cred = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1407:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wps_corrupt_pkhash = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1413:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hapd->ext_mgmt_frame_handling = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1415:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hapd->ext_eapol_frame_io = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1428:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hapd->dpp_ignore_netaccesskey_mismatch = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1430:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dpp_test = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1432:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dpp_version_override = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1442:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1637:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.dfs_event.freq = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1645:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.dfs_event.chan_offset = atoi(pos + 12);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1649:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.dfs_event.chan_width = atoi(pos + 11);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1653:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.dfs_event.cf1 = atoi(pos + 4);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1657:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.dfs_event.cf2 = atoi(pos + 4);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1713:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stype = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1719:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ok = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1774:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1780:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
datarate = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1786:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssi_signal = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[30];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:1929:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int enabled = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2002:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2094:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_trace_fail_after = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2128:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_trace_test_fail_after = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2284:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
alg = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2295:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2300:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_tx = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2321:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
key_flag = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2810:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_debug_timestamp = atoi(stamp);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2887:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
random_interval = atoi(token);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:2895:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min_ap = atoi(token);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3228:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vlanid = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3677:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(buf + 22));
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3687:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(buf + 19),
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3691:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(buf + 18),
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3723:4: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(buf + 25),
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3780:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[32] = { 0 };
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3892:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_str[40], *tmp;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:3908:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256], *buf = buffer;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4510:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lcookie[CTRL_IFACE_COOKIE_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4683:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[32] = { 0 };
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4699:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/ctrl_iface.c:4939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelstr[10];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:198:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m->res_len = atoi(argv[i]);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128], val[13], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *pos, *pos2;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:285:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:390:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *pos, *pos2;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:397:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:473:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m->res_len = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[500], buf[500], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:504:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:511:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f2 = fopen(name, "w");
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:602:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_chal = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:850:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m->sqn, sqn, 6);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:887:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000], resp[1000];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:1036:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ind_len = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hlr_auc_gw.c:1087:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:425:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:580:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:608:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssid_hex[2 * SSID_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:610:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_hex[2 * 64 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:693:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000], *tmp;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:727:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:764:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:826:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:885:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[300];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:918:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1028:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[2048];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1086:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[2048];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1795:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[max_args];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1971:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:2025:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ping_interval = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/main.c:599:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/nt_password_hash.c:17:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char password_hash[16];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/nt_password_hash.c:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *password, buf[64], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:84:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(der_file, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100], txt2[100];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:423:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(key_pem, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:447:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(old_cert, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:532:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(csr_pem, "w");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:575:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(est_req, "w");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_cert_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_cert_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/est.c:682:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_key_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c:72:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[20];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locuri[200], *txt;
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c:661:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c:932:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ret = atoi(str);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/oma_dm_client.c:1035:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
server_msgid = atoi(tmp);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:45:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(ctx->result_file, "w");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:65:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(ctx->summary_file, "a");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:279:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(buf, "a");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:372:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:487:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backup[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:724:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(pps_fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:834:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
priority = atoi(prio);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1479:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi(str);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1590:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], dir[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], dir[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *imsi, *eaptype, *str, buf[20];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1692:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi(eaptype);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1934:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("pps-fqdn", "w");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1992:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[4];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mime_type[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1994:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1998:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bssid[20];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:1999:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2001:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osu_ssid[33];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2002:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osu_ssid2[33];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2003:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osu_nai[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2004:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osu_nai2[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2017:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2022:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2112:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
icon->id = atoi(buf + 5);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[255], fname[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[255];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2342:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2442:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[255];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[300], buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2556:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pps_fname_buf[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ca_fname_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_cert_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2563:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_key_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2571:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pps_fname_buf[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ca_fname_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_cert_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_key_buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:2729:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:3132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:3135:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("hs20-osu-client.workarounds", "r");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[4];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[253];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pps_fname[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.h:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char icon_filename[MAX_OSU_VALS][256];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/spp_client.c:414:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[300];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:169:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ctx.debug_log = fopen(optarg, "a");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[20];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:670:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[30];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:797:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:839:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:840:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_pw[33];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:975:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uri[300], *val;
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1068:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uri[300], *val;
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1136:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
shared = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1166:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uri[300], *val;
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[11];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1648:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (mm && atoi(mm))
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1811:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oper = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1841:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1914:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oper = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1945:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oper = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1976:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[400];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1979:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dmacc_username[32];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dmacc_password[32];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *addr, buf[50];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2244:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fetch_pps = fetch ? atoi(fetch) : 0;
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2278:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oper = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2474:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pw_mm && atoi(pw_mm) ? 1 : 0,
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2614:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oper = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2719:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char event[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2795:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/dev/urandom", "r");
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[200];
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/accounting.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/accounting.c:446:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c:309:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c:349:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wps = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c:351:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vlan_id = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c:555:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
attr->type = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.c:597:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpabuf_put_be32(attr->val, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlan[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bridge[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passphrase[MAX_PASSPHRASE_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid[KEYID_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char realm_buf[MAX_NAI_REALMLEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:235:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *realm[MAX_NAI_REALMS];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bridge[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlan_bridge[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wds_bridge[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:623:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:624:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:625:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:626:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owe_transition_ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_config.h:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3]; /* first two octets: country code as described in
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ap_drv_ops.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char force_ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:521:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reason = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:529:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
encrypt = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:549:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos + 5), addr);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:583:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reason = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:591:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
encrypt = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:611:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos + 5), addr);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:890:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
settings->freq_params.freq = atoi(end);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ctrl_iface_ap.c:901:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
settings->freq_params.str = atoi(pos2); \
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dhcp_snoop.c:23:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[17];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:97:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:128:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:500:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
peer_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:511:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:542:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
neg_freq = atoi(pos + 10);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:588:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:729:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[64 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:737:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[PMK_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:1701:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[500];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:1953:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:2027:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id_val = atoi(id);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:2387:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi = dpp_bootstrap_get_id(hapd->iface->interfaces->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:2396:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iter = atoi(pos + 6);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/dpp_hostapd.c:2403:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
listen_freq = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/eap_user_db.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id_str[256], cmd[300];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/eth_p_oui.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.c:1054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.c:1105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char force_ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.c:1591:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[4], previous_country[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.h:81:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ctrl_iface_cookie[CTRL_IFACE_COOKIE_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.h:424:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ctrl_iface_cookie[CTRL_IFACE_COOKIE_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hostapd.h:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phy[16]; /* Name of the PHY (radio) */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/hw_features.c:48:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c:630:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open >= hapd->conf->sae_anti_clogging_threshold)
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c:5117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname_wds[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11.c:5465:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname_wds[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_11_auth.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.c:436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.c:534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.c:626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrtxt[3 * ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.c:1412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ieee802_1x.c:2537:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char rfc1042_hdr[ETH_ALEN] =
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/mbo_ap.c:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channels[200], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/ndisc_snoop.c:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrtxt[INET6_ADDRSTRLEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/neighbor_db.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nrie[2 * 255 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/neighbor_db.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lci[2 * 255 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/neighbor_db.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char civic[2 * 255 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/neighbor_db.c:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssid[SSID_MAX_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/pmksa_cache_auth.c:567:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/rrm.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char report[2 * 255 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/sta_info.c:1232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/sta_info.c:1267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid_buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/sta_info.c:1268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_addr[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char htcap[7 + 4 + 1]; /* ",htcap:" + %04hx + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char htagg[7 + 2 + 1]; /* ",htagg:" + %02hx + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char htmcs[7 + 8 + 1]; /* ",htmcs:" + %08x + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vhtcap[8 + 8 + 1]; /* ",vhtcap:" + %08x + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vhtrxmcs[10 + 8 + 1]; /* ",vhtrxmcs:" + %08x + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vhttxmcs[10 + 8 + 1]; /* ",vhttxmcs:" + %08x + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extcap[8 + 2 * MAX_EXTCAP + 1]; /* ",extcap:" + hex + trailing NUL
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txpow[7 + 4 + 1]; /* ",txpow:" + %04hx + trailing NUL */
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wps[WPS_NAME_LEN + 5 + 1]; /* room to prepend ",wps:" + trailing
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/taxonomy.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model_name[WPS_NAME_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:391:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlan_ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:463:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char br_name[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vlan_ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:587:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char br_name[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:641:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_full.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/vlan_init.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wpa_auth.c:4403:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pmkid_txt[PMKID_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[PMK_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:143:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(ssid->wpa_psk_file, "a");
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[40], txt[400];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:196:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(hapd->conf->wps_pin_requests, "a");
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:234:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[40];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[40];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:539:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
oconf = fopen(hapd->iface->config_fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:547:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
nconf = fopen(tmp_fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/wps_hostapd.c:1758:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin_txt[9];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/cli.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[18];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/cli.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[18];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.c:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NI_MAXHOST] = { 0 };
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.c:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service[NI_MAXSERV] = { 0 };
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.c:100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_txt[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.c:128:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ctrl_iface_common.c:203:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dst->debug_level = atoi(level);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:233:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
opclass = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:238:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
channel = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freqs[DPP_BOOTSTRAP_MAX_FREQ * 6 + 10], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:618:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char macstr[ETH_ALEN * 2 + 10];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1043:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
conf->ssid_charset = atoi(pos + 14);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1195:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auth->conf = dpp_configurator_get_id(auth->global, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1206:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auth->send_conn_status = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1212:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auth->akm_use_selector = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psk[2 * sizeof(conf->psk) + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1455:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expiry[30];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:1893:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[200], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:3627:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id_val = atoi(id);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:3651:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkhash[2 * SHA256_MAC_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:3758:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chan[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.c:3915:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id_val = atoi(id);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp.h:306:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passphrase[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_auth.c:885:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[SHA256_MAC_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c:616:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c:688:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c:709:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c:772:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c:785:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_backup.c:880:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_crypto.c:289:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[DPP_MAX_HASH_LEN], tmp2[DPP_MAX_HASH_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_crypto.c:333:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[DPP_MAX_HASH_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_crypto.c:1003:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_tcp.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/dpp_tcp.c:1336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:723:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:730:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:737:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:744:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:751:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v = atoi(val);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:2200:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*nei_pos++ = atoi(pos); /* Operating Class */
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:2208:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*nei_pos++ = atoi(pos); /* Channel Number */
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ieee802_11_common.c:2216:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*nei_pos++ = atoi(pos); /* PHY Type */
data/wpa-2.9.0+git20200517+dd2daf0/src/common/linux_vlan.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device1[24];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/linux_vlan.h:41:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device2[24];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ocv.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ocv_errorstr[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/ocv.h:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ocv_errorstr[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_common.c:1877:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SHA384_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_common.c:1920:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SHA256_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_common.c:1953:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SHA384_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_common.c:2630:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255], *wpos = buf;
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[21];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:272:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:386:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port_id = atoi(&port[1]);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:425:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:461:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ps[WPA_CTRL_MAX_PS_NAME] = {};
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:585:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_ctrl.c:657:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(obuf, pos, end - pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[30];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[30];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:246:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(res);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:262:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[30];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:275:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(res);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:36:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac, p, gcry_md_get_algo_dlen(algo));
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_gnutls.c:122:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mac, p, gcry_md_get_algo_dlen(algo));
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:451:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(u32))];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(u32))];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(u32))];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:866:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMSG_SPACE(sizeof(u32))];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:1075:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psk[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:1119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dk[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_openssl.c:227:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char skip_buf[16];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_wolfssl.c:445:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char skip_buf[16];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md4-internal.c:26:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MD4Final(unsigned char digest[MD4_DIGEST_LENGTH], MD4_CTX *ctx);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md4-internal.c:168:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void MD4Final(unsigned char digest[MD4_DIGEST_LENGTH], MD4_CTX *ctx)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md5-internal.c:150:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/md5_i.h:21:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Final(unsigned char digest[16], struct MD5Context *context);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.c:85:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.c:248:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr1[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.c:250:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr2[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.c:333:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/ms_funcs.c:397:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c:258:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/random", O_RDONLY | O_NONBLOCK);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RANDOM_ENTROPY_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c:404:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(random_entropy_file, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c:454:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
random_fd = open("/dev/random", O_RDONLY | O_NONBLOCK);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-internal.c:19:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SHA1Transform(u32 state[5], const unsigned char buffer[64]);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-internal.c:176:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SHA1Transform(u32 state[5], const unsigned char buffer[64])
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-internal.c:180:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-internal.c:278:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SHA1Final(unsigned char digest[20], SHA1_CTX* context)
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-internal.c:281:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char finalcount[8];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-pbkdf2.c:18:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[SHA1_MAC_LEN], tmp2[SHA1_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-pbkdf2.c:20:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char count_buf[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-pbkdf2.c:78:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[SHA1_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-prf.c:37:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-tlsprf.c:40:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *SHA1_addr[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1-tprf.c:37:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[5];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1.c:30:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tk[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1_i.h:15:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1_i.h:20:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SHA1Final(unsigned char digest[20], struct SHA1Context *context);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha1_i.h:21:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SHA1Transform(u32 state[5], const unsigned char buffer[64]);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256-kdf.c:38:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256-tlsprf.c:36:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_pad[64]; /* padding - key XORd with ipad/opad */
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha256.c:30:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tk[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-internal.c:80:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-kdf.c:38:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384-tlsprf.c:36:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha384.c:30:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tk[48];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512-kdf.c:38:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char k_pad[128]; /* padding - key XORd with ipad/opad */
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/sha512.c:30:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tk[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls.h:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *altsubject[TLS_MAX_ALT_SUBJECT];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_gnutls.c:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prio_buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_gnutls.c:960:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oid[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:269:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client_random[SSL3_RANDOM_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:270:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char server_random[SSL3_RANDOM_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:522:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, name + 7, -1, wbuf, 255);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:1973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:2179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:2213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *altsubject[TLS_MAX_ALT_SUBJECT];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:2219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_num[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:2341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:2449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:3359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:3490:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(private_key, "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:4125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client_random[SSL3_RANDOM_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:4126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char server_random[SSL3_RANDOM_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:4127:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char master_key[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:4521:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:4947:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(path, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:5270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:5273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_num[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:5465:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client_random[SSL3_RANDOM_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:5466:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char server_random[SSL3_RANDOM_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl_ocsp.c:401:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[EVP_MAX_MD_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl_ocsp.c:463:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SHA_DIGEST_LENGTH];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl_ocsp.c:510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:80:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client_random[RAN_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:81:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char server_random[RAN_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:859:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *alt_subject[TLS_MAX_ALT_SUBJECT];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:946:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:1638:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:1669:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:1752:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:1810:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:2079:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char client_random[RAN_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_wolfssl.c:2080:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char server_random[RAN_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver.h:5308:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver.h:5745:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alpha2[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:264:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[sizeof(MACSTR)];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:1302:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int len = atoi(custom + 16);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:1314:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int len = atoi(custom + 17);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:1325:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int len = atoi(custom + 12);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:1337:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int len = atoi(custom + 14);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:1651:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_atheros.c:1723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ+1]; /* interface name */
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:538:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ie.wpa_macaddr, addr, IEEE80211_ADDR_LEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:619:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char event_buf[2048]; /* max size of a single route(4) msg */
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:780:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[sizeof(MACSTR)];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:810:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wk.ik_macaddr, addr, IEEE80211_ADDR_LEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:826:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, &wk.ik_keytsc, sizeof(wk.ik_keytsc));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:832:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seq, &wk.ik_keytsc, sizeof(wk.ik_keytsc));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:854:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stats.is_u.macaddr, addr, IEEE80211_ADDR_LEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iface[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:204:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:305:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:306:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:307:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:310:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:314:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos, data, data_len);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:343:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(param.sta_addr, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(param->sta_addr, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:449:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((u8 *) (param + 1), key, key_len);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:591:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], line[128], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:599:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(buf, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:653:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(param.sta_addr, params->addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:670:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(param.sta_addr, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:686:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(param.sta_addr, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:702:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(param.sta_addr, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:837:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:850:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dpos, pos + IW_EV_LCP_LEN,
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:853:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iwe_buf, pos, sizeof(struct iw_event));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:864:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, custom, iwe->u.data.length);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:1053:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.da, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:1054:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.sa, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:1055:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.bssid, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:1091:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.da, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:1092:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.sa, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_hostap.c:1093:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.bssid, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_macsec_linux.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_macsec_linux.c:1448:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_macsec_qca.c:177:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssid[SSID_MAX_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:1354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:1759:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2041:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], desc[256], *dpos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[MAX_ADAPTERS];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *desc[MAX_ADAPTERS];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2364:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR multi[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2380:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(multi, drv->adapter_name, len * sizeof(TCHAR));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2381:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&multi[len], TEXT("NDISUIO\0"), 9 * sizeof(TCHAR));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2412:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR keyname[256], devname[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2522:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2769:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2899:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], desc[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:3068:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name[MAX_ADAPTERS];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:3069:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *desc[MAX_ADAPTERS];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.h:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100]; /* GUID: {7EE3EFE5-C165-472F-986D-F6FBEDFE8C8D} */
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:314:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
len = strnlen((char *) nla_data(tb[NLMSGERR_ATTR_MSG]),
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:317:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
len, (char *) nla_data(tb[NLMSGERR_ATTR_MSG]));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1080:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1081:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1082:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[100], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[100], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1304:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:1697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alpha2[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:2174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:5372:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr->IEEE80211_DA_FROMDS, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:5373:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr->IEEE80211_BSSID_FROMDS, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:5374:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr->IEEE80211_SA_FROMDS, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:5384:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos, rfc1042_header, sizeof(rfc1042_header));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:5388:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pos, data, data_len);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6499:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arg, nla_data(tb[NL80211_ATTR_KEY_SEQ]),
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6956:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.da, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6957:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.sa, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6958:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.bssid, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6983:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.da, addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6984:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.sa, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6985:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt.bssid, own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:6996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:7108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:7174:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:7196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_br[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:7259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char master_ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:7365:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bss->addr, params->own_addr, ETH_ALEN);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:9162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alpha2[3] = { 0, 0, 0 };
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:10345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:10352:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_WRONLY);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:10386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:10418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:10980:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:11206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:11209:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(name, O_RDWR);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.c:11244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.h:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.h:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char brname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211.h:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phyname[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_android.c:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_DRV_CMD_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_android.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[WEXT_PNO_MAX_COMMAND_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_capa.c:2225:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]),
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_capa.c:2229:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *) nla_data(tb_msg[NL80211_ATTR_REG_ALPHA2]));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_capa.c:2333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_event.c:1209:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[300], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_event.c:2093:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[300], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_monitor.c:105:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_nl80211_monitor.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_openbsd.c:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_openbsd.c:88:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keyavail.i_key, key, key_len);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_privsep.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[16];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_roboswitch.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[33];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:628:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namebuf[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:751:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[90], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:757:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open(buf, O_RDONLY);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:870:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *res;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:882:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(buf, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:888:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = res ? atoi(res) : -1;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:904:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:927:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[200], buf[200], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:960:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname2[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:2456:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr[ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.h:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.h:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phyname[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mlmedev[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wired.c:123:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wired.c:138:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wired_common.h:14:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_ioctl.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128], brlink[128], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/linux_ioctl.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128], masterlink[128], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/ndis_events.c:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/netlink.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/netlink.c:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opts[16];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[24 + IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[31 + 11 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:126:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rfkill->fd = open("/dev/rfkill", O_RDONLY);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.h:16:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_peap_common.c:24:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[5];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_pwd_common.c:132:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sake_common.c:218:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.c:34:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char *addr[5];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.c:168:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hmac[SHA1_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.c:207:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hmac[SHA1_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.c:362:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hmac[SHA256_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_sim_common.c:401:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hmac[SHA256_MAC_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pos, mnc[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c:496:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c:1518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcc_str[4];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c:1523:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mcc = atoi(mcc_str);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c:1538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap.c:1822:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nai[254];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_aka.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[200], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_eke.c:102:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->dhgroup = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_eke.c:109:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->encr = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_eke.c:116:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->prf = atoi(pos + 4);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_eke.c:123:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->mac = atoi(pos + 4);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast.c:123:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->provisioning_allowed = atoi(pos + 18);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast.c:130:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->max_pac_list_len = atoi(pos + 22);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast.c:1642:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast_pac.c:276:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rc->f = fopen(pac_file, "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast_pac.c:334:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pac->pac_type = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_fast_pac.c:554:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(pac_file, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_gpsk.c:113:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->forced_cipher = atoi(pos + 7);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_mschapv2.c:413:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->prev_error = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_mschapv2.c:423:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retry = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_mschapv2.c:461:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->passwd_change_version = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_peap.c:80:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->force_peap_version = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_sim.c:108:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->min_num_chal = atoi(pos + 17);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_sim.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[200], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap.c:126:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->provisioning_allowed = atoi(pos + 18);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap.c:134:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->max_pac_list_len = atoi(pos + 22);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap.c:1926:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap_pac.c:278:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
rc->f = fopen(pac_file, "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap_pac.c:337:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pac->pac_type = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_teap_pac.c:557:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(pac_file, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_tls_common.c:744:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_tls_common.c:856:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[20], name[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/eap_wsc.c:213:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
u16 id = atoi(pos + 10);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/tncc.c:722:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
batch_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_peer/tncc.c:898:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[255], *val;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_i.h:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server.c:804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nai[254];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server.c:2078:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_challenge[30], hex_response[90], user[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_aka.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char permanent[20]; /* Permanent username */
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_fast.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_sim.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char permanent[20]; /* Permanent username */
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_teap.c:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cipher[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_tls.c:210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_server_tls_common.c:334:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_tmp_identity[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_tmp_pseudonym_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[2000], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:319:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reauth->counter = atoi(argv[i]);
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000], *pos, *cmd, *imsi;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:932:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[40];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:1399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[40];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/eap_sim_db.c:1509:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_server/tncs.c:810:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
batch_id = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm.c:1132:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sm->quietPeriod = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm.c:1137:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sm->serverTimeout = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_auth/eapol_auth_sm.c:1142:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sm->reAuthPeriod = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/src/eapol_supp/eapol_supp_sm.c:120:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dot1xSuppLastEapolFrameSource[6];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst.h:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_id[FST_MAX_GROUP_ID_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_aux.h:58:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[FST_MAX_INTERFACE_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_aux.h:59:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_id[FST_MAX_GROUP_ID_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_aux.h:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[FST_MAX_INTERFACE_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_iface.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reject_str[32] = FST_CTRL_PVAL_NONE;
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_iface.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra_str[128] = "";
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_ctrl_iface.c:560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[FST_MAX_INTERFACE_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_group.h:13:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_id[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_iface.h:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_session.c:1360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char additional_param[FST_MAX_COMMAND_WORD_NAME_LENGTH];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_session.c:1413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[FST_MAX_COMMAND_WORD_NAME_LENGTH];
data/wpa-2.9.0+git20200517+dd2daf0/src/fst/fst_session.c:1585:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[FST_MAX_COMMAND_WORD_NAME_LENGTH];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_freebsd.c:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_freebsd.c:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcap_filter[200], pcap_err[PCAP_ERRBUF_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_freebsd.c:164:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int eth_get(const char *device, u8 ea[ETH_ALEN])
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_freebsd.c:290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[PCAP_ERRBUF_SIZE + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_linux.c:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_ndis.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_none.c:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[17];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_pcap.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_pcap.c:201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcap_filter[200], pcap_err[PCAP_ERRBUF_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_pcap.c:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_pcap.c:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[PCAP_ERRBUF_SIZE + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_winpcap.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_winpcap.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcap_filter[200], pcap_err[PCAP_ERRBUF_SIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/l2_packet/l2_packet_winpcap.c:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[PCAP_ERRBUF_SIZE + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:1120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:5186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:5202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.c:5218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char passphrase[64];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[0];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char svc_name[0];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[WPS_DEV_NAME_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:343:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char manufacturer[WPS_MANUFACTURER_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model_name[WPS_MODEL_NAME_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:353:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model_number[WPS_MODEL_NUMBER_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serial_number[WPS_SERIAL_NUMBER_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p.h:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_go_neg.c:658:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_go_neg.c:1128:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p2p_buf_add_operating_channel(buf, (const char *) resp_chan,
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_i.h:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_i.h:600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[WPS_DEV_NAME_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c:345:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c:480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c:719:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[WPS_DEV_NAME_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c:720:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_parse.c:804:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/p2p/p2p_utils.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay.c:109:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[MI_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay.c:118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[ETH_ALEN * 3 + 1 + 5 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay.c:128:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[4 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay.h:208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char if_name[IFNAMSIZ];
data/wpa-2.9.0+git20200517+dd2daf0/src/pae/ieee802_1x_kay_i.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius.c:285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius.c:1459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius.c:1503:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vlan_id = atoi(buf);
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c:611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c:819:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[3000];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c:1072:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c:1562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_client.c:1611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_das.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_das.c:222:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_das.c:392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:486:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int test = atoi(tls);
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:634:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3 * ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[3 * ETH_ALEN], *id_str;
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_txt[ETH_ALEN * 3];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_txt[ETH_ALEN * 3];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:853:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash_txt[2 * HS20_MOBILE_ID_HASH_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:944:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2 * 64 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:956:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(data->dump_msk_file, "a");
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:1594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrtxt[3 * ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:1674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:1804:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:2039:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(client_file, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:2447:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abuf[50], mbuf[50];
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:2674:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fields->hs20_t_c_filtering = atoi(argv[i]);
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:2676:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fields->waiting_coa_ack = atoi(argv[i]);
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:2678:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fields->coa_ack_received = atoi(argv[i]);
data/wpa-2.9.0+git20200517+dd2daf0/src/radius/radius_server.c:2705:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrtxt[3 * ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/rsn_supp/wpa.c:2735:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pmkid_txt[PMKID_LEN * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs1.c:278:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100], txt2[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs5.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs5.c:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/pkcs8.c:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_ocsp.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_ocsp.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_ocsp.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_ocsp.c:785:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_read.c:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_read.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subject[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_read.c:511:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_client_read.c:546:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char obuf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:773:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/tlsv1_cred.c:931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:544:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[5];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:979:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:1207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:1329:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:1395:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:1502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/tls/x509v3.c:2194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/base64.c:15:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char base64_table[65] =
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/base64.c:17:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char base64_url_table[65] =
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/base64.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dtable[256], *out, *pos, block[4], tmp;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-android.c:44:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->success = atoi(url + 5);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-android.c:98:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[7];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-system.c:44:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->success = atoi(url + 5);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-system.c:98:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-wpadebug.c:44:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->success = atoi(url + 5);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser-wpadebug.c:99:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[14];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/browser.c:67:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctx->success = atoi(uri + 6);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c:624:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ssid_txt[SSID_MAX_LEN * 4 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c:805:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq[count].min = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c:810:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq[count].max = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdbuf[CMD_BUF_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:21:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char currbuf[CMD_BUF_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[CMD_BUF_LEN], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:276:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:300:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:737:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param1 = atoi(&seq[1]);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:740:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
param2 = atoi(pos + 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:761:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:764:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char esc_buf[7];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:864:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char search_buf[21];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit_simple.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cmdbuf[CMD_BUF_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit_simple.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c:481:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c:552:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c:998:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c:1632:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/http_curl.c:1701:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ct[200];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/json.c:184:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ret_val = atoi(str);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:503:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define os_memcpy(d, s, n) memcpy((d), (s), (n))
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:643:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy OS_DO_NOT_USE_memcpy
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:672:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char wpa_trace_fail_func[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:674:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char wpa_trace_test_fail_func[256];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:112:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(pid_file, "w");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:135:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/dev/urandom", "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:226:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:524:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAX_ARG + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:201:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devnull = open("/dev/null", O_RDWR);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:238:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(pid_file, "w");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:272:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("/dev/urandom", "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:426:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:543:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wpa_trace_fail_func[256] = { 0 };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:548:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *func[WPA_TRACE_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:629:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wpa_trace_test_fail_func[256] = { 0 };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:634:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *func[WPA_TRACE_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:817:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[MAX_ARG + 1];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_win32.c:198:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "rb");
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:410:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rid[5];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:411:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char appl_code[2]; /* 0x1002 for 3G USIM */
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:413:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[127], *aid_pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:527:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:657:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aid[32];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:812:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resp[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:813:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[50] = { SIM_CMD_SELECT };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:815:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char get_resp[5] = { SIM_CMD_GET_RESPONSE };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:898:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[255];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:899:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5] = { SIM_CMD_READ_RECORD /* , len */ };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:934:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5] = { SIM_CMD_READ_RECORD /* , len */ };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:980:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5] = { SIM_CMD_READ_BIN /* , len */ };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1024:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resp[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1025:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5 + 8] = { SIM_CMD_VERIFY_CHV1 };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1056:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resp[3];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1057:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5] = { SIM_CMD_VERIFY_CHV1 };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1183:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1244:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5 + 1 + 16] = { SIM_CMD_RUN_GSM_ALG };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1246:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char get_resp[5] = { SIM_CMD_GET_RESPONSE };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1247:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resp[3], buf[12 + 3 + 2];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1345:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[5 + 1 + AKA_RAND_LEN + 1 + AKA_AUTN_LEN] =
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1347:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char get_resp[5] = { USIM_CMD_GET_RESPONSE };
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/pcsc_funcs.c:1348:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char resp[3], buf[64], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/trace.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exe[50], fname[512];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3], longbuf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:573:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:615:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:893:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096] = {};
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:135:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mounts = open("/proc/mounts", O_RDONLY);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:171:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
trace_fd = open(buf, O_WRONLY);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:565:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out_fd = open(path, O_CREAT | O_APPEND | O_WRONLY,
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[130];
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml-utils.c:178:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/http_client.c:221:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dst->sin_port = htons(atoi(port));
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.c:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdr[HTTPREAD_HEADER_MAX_SIZE+1]; /* headers stored here */
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.c:168:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
h->content_length = atol(hbp);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.c:221:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
h->reply_code = atol(hbp);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[HTTPREAD_READBUF_SIZE]; /* temp use to read into */
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps.c:606:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps.h:915:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN]);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps.h:916:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf,
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_common.c:462:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int wps_dev_type_str2bin(const char *str, u8 dev_type[WPS_DEV_TYPE_LEN])
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_common.c:467:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_BE16(dev_type, atoi(str));
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_common.c:478:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
WPA_PUT_BE16(&dev_type[6], atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_common.c:485:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * wps_dev_type_bin2str(const u8 dev_type[WPS_DEV_TYPE_LEN], char *buf,
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_dev_attr.c:359:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_enrollee.c:305:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[65];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sid[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.c:369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[100];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.c:953:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.c:1194:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
event_id = atoi(uri + 7);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.c:1204:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wps_er_http_event(er, req, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[17];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er_ssdp.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MULTICAST_MAX_READ], *pos, *pos2, *start;
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_er_ssdp.c:86:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_age = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_registrar.c:1636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[65];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_registrar.c:3601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[40];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_registrar.c:3602:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:344:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atol(delim + 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:633:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[2];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mac_text[18];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:849:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int eth_get(const char *device, u8 ea[ETH_ALEN])
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:896:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp.c:896:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_i.h:160:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_i.h:160:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_netif_info(const char *net_if, unsigned *ip_addr, char **ip_addr_text,
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ssdp.c:125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_string[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ssdp.c:577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_string[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ssdp.c:632:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mx = atol(data);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ssdp.c:691:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MULTICAST_MAX_READ], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_string[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c:605:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ev_type = atol(val);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c:852:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char len_buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c:1117:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_web.c:1289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ap.c:1168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin_txt[9];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ap.c:1200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin_txt[9];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan_exponential.c:32:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->base = atoi(params);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan_exponential.c:39:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->limit = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/autoscan_periodic.c:29:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
interval = atoi(params);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:110:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(data->fname, "r");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:134:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bss->freq = atoi(buf + 4 + 18);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:172:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(data->fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:277:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[100], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:323:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->short_interval = atoi(params);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:329:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->signal_threshold = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_learn.c:337:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->long_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_simple.c:83:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->short_interval = atoi(params);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_simple.c:89:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->signal_threshold = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bgscan_simple.c:97:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data->long_interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/bss.c:434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[50];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:1358:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freqs[used] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:1864:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf, title[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3364:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proto[cred->num_req_conn_capab] = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3384:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ports[num_ports++] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3466:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->temporary = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3471:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->priority = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3476:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int prio = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3484:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->pcsc = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3516:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->update_identifier = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3521:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->min_dl_bandwidth_home = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3526:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->min_ul_bandwidth_home = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3531:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->min_dl_bandwidth_roaming = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3536:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->min_ul_bandwidth_roaming = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3541:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->max_bss_load = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3549:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->ocsp = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3554:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cred->sim_num = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3751:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->exact_match = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:3760:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->priority = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:4559:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:4665:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
op_class = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:4670:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.c:4861:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.h:298:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fqdn[128];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.h:301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config.h:737:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[2];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000], *pos, *pos2;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], *pos, *pos2;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:420:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "r");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[20], *value;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[32 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:1207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:1224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[WPS_DEV_TYPE_BUFSIZE], *buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:1255:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[WPS_DEV_TYPE_BUFSIZE], *buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_file.c:1640:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "w");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:67:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[TNAMELEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:322:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[255], data[1024];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:400:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[255];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:451:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:590:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:603:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _buf[WPS_DEV_TYPE_BUFSIZE], *buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:611:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vbuf[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:665:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[255];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:838:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[20], *value;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:855:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[5];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/config_winreg.c:1012:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:283:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(cmd)) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:363:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
relative_rssi = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:383:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
adjust_rssi = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:494:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(value), -1, -1, -1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:497:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
-1, atoi(value), -1, -1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:500:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
-1, -1, atoi(value), -1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:503:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
-1, -1, -1, atoi(value));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:506:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(value))) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:515:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(value))) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:523:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(value))) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:530:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->wps_fragment_size = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:547:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wps_testing_dummy_cred = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:551:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wps_corrupt_pkhash = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:570:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (wpa_drv_ampdu(wpa_s, atoi(value)) < 0)
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:579:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int disabled = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:591:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int disabled = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:603:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
be = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:608:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bk = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:613:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vi = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:618:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vo = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:633:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ret = wpa_drv_set_p2p_powersave(wpa_s, atoi(value), -1, -1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:636:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int enabled = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:647:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->no_keep_alive = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:653:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->dpp_init_max_tries = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:655:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->dpp_init_retry_time = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:657:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->dpp_resp_wait_time = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:659:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->dpp_resp_max_tries = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:661:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->dpp_resp_retry_time = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:700:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dpp_version_override = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:705:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ext_mgmt_frame_handling = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:707:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ext_eapol_frame_io = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:715:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->extra_roc_dur = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:717:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->test_failure = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:719:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->p2p_go_csa_on_inv = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:721:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ignore_auth_resp = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:723:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ignore_assoc_disallow = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:727:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->disable_sa_query = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:729:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ignore_sae_h2e_only = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:739:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
group = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:753:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ft_rsnxe_used = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:773:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->reject_btm_req_reason = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:809:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->dpp_ignore_netaccesskey_mismatch = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:811:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dpp_test = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:816:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->disable_fils = !!atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:834:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpas_mbo_update_cell_capa(wpa_s, atoi(value));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:836:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->conf->oce = atoi(value);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:858:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ret = wpa_drv_set_tdls_mode(wpa_s, atoi(value));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:866:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ret = wpa_drv_roaming(wpa_s, atoi(value), NULL);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1102:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq_params.freq = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1113:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq_params.str = atoi(pos2); \
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1244:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
u8 tsid = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1306:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
multi_ap = atoi(cmd + 9);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1317:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
multi_ap = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1363:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin[9];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1423:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pin_val = atoi(pin);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1533:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
forced_freq = atoi(freq);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1748:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
forced_freq = atoi(freq);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1926:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:1948:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2002:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return wpas_wps_er_set_config(wpa_s, uuid, atoi(id));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2127:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(id_pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pos, *end, tmp[30];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2439:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2499:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2613:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_debug_timestamp = atoi(stamp);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:2639:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int last_id = atoi(cmd + 8);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pos, ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3144:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3245:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi(pos + 10);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3314:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3358:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3397:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3476:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3554:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3599:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3648:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id_s = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3649:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id_d = atoi(id);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3743:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3834:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3860:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:3900:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:4566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field[50];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5159:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5284:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id1 = atoi(cmd + 6);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5287:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id2 = atoi(ctmp);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5318:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(cmd + 3);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5321:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(cmd + 5);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5344:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5400:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int ap_scan = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5408:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int scan_int = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5416:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int expire_age = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5424:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int expire_count = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5432:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int flush_age = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5520:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int timeout = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5526:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *_seek[P2P_MAX_QUERY_HASH + 1], **seek = NULL;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5559:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
search_delay = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5566:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5679:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p2ps_prov->status = atoi(pos + 7);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5873:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
persistent_id = atoi(pos2 + 12);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5896:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
go_intent = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5904:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5911:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq2 = atoi(pos2 + 7);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5915:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chwidth = atoi(pos2 + 18);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:5988:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int timeout = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6156:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6171:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dialog_token = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6196:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->p2p_sd_over_ctrl_iface = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6285:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto_accept = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6521:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6540:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6548:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pref_freq = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6561:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq2 = atoi(pos + 6);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6565:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chwidth = atoi(pos + 18);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6910:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(param));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6915:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p2p_set_managed_oper(wpa_s->global->p2p, atoi(param));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6923:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
channel = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6925:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
op_class = pos ? atoi(pos) : 81;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6940:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6945:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6950:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
duration = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6961:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return wpa_drv_set_p2p_powersave(wpa_s, atoi(param), -1, -1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6964:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return wpa_drv_set_p2p_powersave(wpa_s, -1, atoi(param), -1);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6967:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return wpa_drv_set_p2p_powersave(wpa_s, -1, -1, atoi(param));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6970:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->global->p2p_disabled = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:6997:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->force_long_sd = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7010:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return wpas_p2p_set_cross_connect(wpa_s, atoi(param));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7017:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->ap_uapsd = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7029:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
be = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7034:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bk = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7039:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vi = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7044:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vo = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7070:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min_disc_int = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7076:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_disc_int = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7082:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_disc_tu = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7089:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->global->p2p_per_sta_psk = !!atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7095:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return wpas_p2p_nfc_tag_enabled(wpa_s, !!atoi(param));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7099:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->p2p_disable_ip_addr_req = !!atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7106:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
op_class = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7111:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7151:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dur1 = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7156:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int1 = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7165:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dur2 = atoi(pos2);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7166:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int2 = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7183:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
period = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7184:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
interval = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7352:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7361:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = atoi(pos + 4);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7370:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id[num_id] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7470:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dialog_token = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7489:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7496:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
requested_len = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7542:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7650:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return hs20_get_icon(wpa_s, dst_addr, icon, atoi(poffset), atoi(psize),
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7650:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return hs20_get_icon(wpa_s, dst_addr, icon, atoi(poffset), atoi(psize),
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7750:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
intval = atoi(pos + 10);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7788:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
query_reason = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7906:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
threshold = atoi(pos + 10);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7909:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hysteresis = atoi(pos + 11);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7928:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(pos) == (int) if_type)
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:7942:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq_list[count++] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8086:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8461:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(pos2 + 5);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8465:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ework->timeout = atoi(pos2 + 8);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8496:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int id = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8578:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scan_id[(*scan_id_count)++] = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8641:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
manual_scan_passive = !!atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8645:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
manual_scan_use_id = atoi(pos + 7);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8840:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8846:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
no_cck = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8852:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wait_time = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8909:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8915:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
datarate = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8921:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssi_signal = atoi(param);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:8998:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->freq = atoi(pos + 6);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9002:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->beacon_int = atoi(pos + 12);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9010:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->qual = atoi(pos + 6);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9014:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->noise = atoi(pos + 7);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9018:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->level = atoi(pos + 7);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9026:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->age = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9030:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->est_throughput = atoi(pos + 16);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9034:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res->snr = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[30];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9224:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int enabled = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9296:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(pos + 5);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9378:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_trace_fail_after = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9411:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_trace_test_fail_after = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9457:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9526:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9530:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pairwise = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9580:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frame = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9634:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int frame = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9658:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
frame = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9732:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lci[256 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9733:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char civic[256 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9874:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enable = atoi(token + 7);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:9951:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:10037:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssid = wpa_config_get_network(wpa_s->conf, atoi(cmd));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:10775:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wpa_s->auto_reconnect_disabled = atoi(buf + 16) == 0;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11005:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uri = dpp_bootstrap_get_uri(wpa_s->dpp, atoi(buf + 22));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11014:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reply_len = dpp_bootstrap_info(wpa_s->dpp, atoi(buf + 19),
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11017:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (dpp_bootstrap_set(wpa_s->dpp, atoi(buf + 18),
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11048:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(buf + 25),
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11081:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssid = wpa_config_get_network(wpa_s->conf, atoi(buf + 13));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11511:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wifi_display_enable(global, !!atoi(value));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11645:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface.c:11673:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[IFNAMSIZ + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_named_pipe.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req_buf[REQUEST_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_named_pipe.c:136:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_named_pipe.c:303:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dst->debug_level = atoi(buf + 6);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_named_pipe.c:480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelstr[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_named_pipe.c:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req_buf[REQUEST_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:187:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dst->debug_level = atoi(level);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_str[40];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:422:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelstr[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_udp.c:766:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:905:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelstr[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:940:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[200];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/ctrl_iface_unix.c:996:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_dict_helpers.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array_type[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char net_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:466:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char net_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:514:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *auth_type[5]; /* we have five possible authentication types */
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *encr_type[3]; /* we have three possible encryption types */
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1029:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sta_mac[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pin[9], *p_pin = NULL;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1388:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_name[3];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1838:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:1969:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pgrp_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:2287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:2352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:2695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char net_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:2767:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char net_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:2891:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bss_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:2933:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bss_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:3044:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char station_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:3085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char station_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4416:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4498:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4730:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4849:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pgrp_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new.c:4937:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pgrp_obj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:994:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *capabilities[12];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:1595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[WPAS_DBUS_OBJECT_PATH_MAX], *path = path_buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:3374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:3536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[WPAS_DBUS_OBJECT_PATH_MAX], *bss_obj_path = path_buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:3564:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[WPAS_DBUS_OBJECT_PATH_MAX], *net_obj_path = path_buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:3594:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eap_mode_buf[WPAS_DBUS_AUTH_MODE_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:3889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[250];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:3915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[250];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:4698:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *pairwise[5]; /* max 5 pairwise ciphers is supported */
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers.c:4699:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *key_mgmt[16]; /* max 16 key managements may be supported */
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c:58:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int parse_peer_object_path(const char *peer_path, u8 addr[ETH_ALEN])
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c:659:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char npin[9];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c:1233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c:1362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c:1382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char go_peer_obj_path[WPAS_DBUS_OBJECT_PATH_MAX], *path;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_p2p.c:2128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path_buf[WPAS_DBUS_OBJECT_PATH_MAX], *path = path_buf;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_handlers_wps.c:228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char npin[9] = { '\0' };
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_helpers.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char registered_sig[MAX_SIG_LEN], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dbus/dbus_new_helpers.c:756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subobj_path[WPAS_DBUS_OBJECT_PATH_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:122:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:154:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:726:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
peer_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:737:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcp_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:755:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:799:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
neg_freq = atoi(pos + 10);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:939:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
freq = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:2502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[500];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:2925:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
own_bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:3010:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id_val = atoi(id);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:3126:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
config.tcp_port = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:3364:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi = dpp_bootstrap_get_id(wpa_s->dpp, atoi(pos));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:3373:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iter = atoi(pos + 6);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/dpp_supplicant.c:3380:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
listen_freq = atoi(pos + 8);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RADIUS_MAX_ATTR_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:136:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = htonl(atoi(attr->data));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[RADIUS_MAX_ATTR_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:757:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1066:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1067:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char _rand[16];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1069:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sres[4];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1070:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kc[8];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1073:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rand_[num_triplets][16];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1074:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sres_[num_triplets][4];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1075:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kc_[num_triplets][8];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1085:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aka_rand[AKA_RAND_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1086:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aka_autn[AKA_AUTN_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1087:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aka_auts[AKA_AUTS_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1088:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aka_res[RES_MAX_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1090:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aka_ik[IK_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1091:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aka_ck[CK_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1176:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char _rand[16];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1177:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sres[4];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1178:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char kc[8];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1183:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc < 2 || ((num_triplets = atoi(argv[1])) <= 0)) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1360:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
eapol_test.server_cert_file = fopen(optarg, "w");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1368:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
as_port = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1374:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eapol_test.eapol_test_num_reauths = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1386:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/eapol_test.c:1408:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->type = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[4];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[253];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[4];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char icon_type[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_uri[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osu_nai[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char osu_nai2[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:536:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "wb");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/hs20_supplicant.c:763:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.c:871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nai[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.c:1655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.c:1973:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi_buf[16];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.c:2239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nai[100], *realm;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/interworking.c:2862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[255];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/libwpa_test.c:23:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main.c:140:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd[i] = open("/dev/null", O_RDWR);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main_winsvc.c:66:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR adapter[TBUFLEN], config[TBUFLEN], ctrl_interface[TBUFLEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/main_winsvc.c:201:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[255];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/nfc_pw_token.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[1000];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:1269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psk_txt[65];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:1725:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20 + P2P_MAX_CHANNELS * 6];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:2149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[120], force_ifname[120];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:2453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:2462:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:2722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:2723:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[300];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:2785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:3924:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:3925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char force_name[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:3977:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:4163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char feat_cap_str[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:4327:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char go_ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:4422:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssid_hex[32 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:7370:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_addr[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant.c:7642:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant_sd.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_rx[256], str_srv[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant_sd.c:822:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char svc_str[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/p2p_supplicant_sd.c:1049:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wifi_display.c:270:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subelem = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wifi_display.c:370:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subelem = atoi(cmd);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/win_if_list.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], desc[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/win_if_list.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[PCAP_ERRBUF_SIZE + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wnm_sta.c:1434:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wnm_sta.h:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[2]; /* valid if country_present=1 */
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:813:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssid_hex[2 * SSID_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:814:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_hex[2 * 64 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:942:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ssid_hex[2 * SSID_MAX_LEN + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:943:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_hex[2 * 64 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1017:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1050:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1084:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256], *pos, *end;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1958:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:1973:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2600:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2621:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[512];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:2728:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[512];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:3947:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname_buf[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:3989:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_id = atoi(id);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4248:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[max_args];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4365:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4396:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4401:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[200];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[32], cmd[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4635:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifprop[PROPERTY_VALUE_MAX];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_cli.c:4721:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ping_interval = atoi(optarg);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.cpp:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.cpp:107:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.cpp:119:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[255];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.cpp:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20], cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10], cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:237:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(reply);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:312:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phase2[32];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blob[32];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10], cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[1024], cmd[256], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:656:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, "EAP-", 4);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:661:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, "EAP-", 4);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:673:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val, "EAP-", 4);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:745:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(reply)) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:777:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prioritySpinBox->setValue(atoi(reply));
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:792:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10], cmd[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:391:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[2048];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:458:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[30];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[2048];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[30];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[2048];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:679:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:687:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mode = atoi(reply);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], *start, *end, *id, *ssid, *bssid, *flags;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:756:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
add_persistent(atoi(id), ssid, bssid);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:771:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1062:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1063:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1320:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1351:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1352:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1409:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1432:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1453:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1481:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1536:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1555:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1750:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1751:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1799:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[64];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1824:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/peers.cpp:1847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresults.cpp:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[2048];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresults.cpp:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/scanresults.cpp:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/userdatarequest.cpp:58:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
networkid = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/userdatarequest.cpp:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:258:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
signalMeterInterval = atoi(optarg) * 1000;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:279:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], *pos, *pos2;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], *start, *end, *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:647:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096], *start, *end, *id, *ssid, *bssid, *flags;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:789:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[128];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:896:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rssi_value = atoi(&rssi[sizeof("AVG_RSSI")]);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:898:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rssi_value = atoi(&rssi[sizeof("RSSI")]);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:945:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
priority = atoi(pos);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1057:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1072:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1081:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1098:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1289:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(reply);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1711:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:1749:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_passphrase.c:17:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char psk[32];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_passphrase.c:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ssid, *passphrase, buf[64], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_priv.c:636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000], *pos;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_priv.c:1181:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
s = open("/dev/null", O_RDWR);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant.c:1729:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw_str[64 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant.c:7110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char country[3];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant.c:7812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16]; /* from driver_ops get_radio_name() or empty if not
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:371:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:515:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char own_addr[ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:516:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char perm_addr[ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bridge_ifname[16];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[20];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:639:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char last_eapol_src[ETH_ALEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:884:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pending_interface_name[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:896:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p2p_pin[10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_supplicant_i.h:939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cross_connect_uplink[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_type[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:774:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:775:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dev_type[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:800:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:811:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:812:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_str[65];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:837:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid_str[100];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char phase1[32];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[128 + 2 * WPS_OOB_PUBKEY_HASH_LEN];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hash[2 * WPS_OOB_PUBKEY_HASH_LEN + 10];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[200];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1454:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uuid[40], txt[400];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devtype[WPS_DEV_TYPE_BUFSIZE];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:1513:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[50];
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wps_supplicant.c:2362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pw[32 * 2 + 1];
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:120:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(ctrl_iface_dir) + strlen(ifname) + 2;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:120:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(ctrl_iface_dir) + strlen(ifname) + 2;
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:204:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = wpa_ctrl_request(ctrl, cmd, strlen(cmd), buf, &len,
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:736:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = wpa_ctrl_request(ctrl, cmd, strlen(cmd), buf, &len,
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1729:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(cmd->cmd, argv[0], strlen(argv[0])) == 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/hostapd_cli.c:1745:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(cmd->cmd, argv[0], strlen(argv[0])) ==
data/wpa-2.9.0+git20200517+dd2daf0/hostapd/nt_password_hash.c:40:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nt_password_hash((u8 *) password, strlen(password), password_hash))
data/wpa-2.9.0+git20200517+dd2daf0/hs20/client/osu_client.c:91:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strchr(fqdn, '.') == 0 || strlen(fqdn) > 255)
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/hs20_spp_server.c:80:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (user && strlen(user) == 0)
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:636:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b64 = base64_encode(pw, strlen(pw), NULL);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1112:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (identity == NULL || strlen(identity) == 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1201:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (policy_id == NULL || strlen(policy_id) == 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1245:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (identity == NULL || strlen(identity) == 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1605:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b64 = base64_encode(password, strlen(password), NULL);
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:1668:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!cert && strlen(pw) == 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2624:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (new_pw == NULL || strlen(new_pw) == 0) {
data/wpa-2.9.0+git20200517+dd2daf0/hs20/server/spp_server.c:2801:43: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
os_snprintf(session + i * 2, 3, "%02x", fgetc(f));
data/wpa-2.9.0+git20200517+dd2daf0/src/ap/eap_user_db.c:93:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
user->remediation = strlen(argv[i]) > 0;
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:46:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wpa_ctrl_request(ctrl, cmd, strlen(cmd), buf, &len, NULL) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:72:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wpa_ctrl_request(ctrl, cmd, strlen(cmd), resp, &len, NULL) < 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:142:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strncmp(pos + 1, event, strlen(event)) == 0 ||
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:144:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(pos + 1, event2, strlen(event2)) == 0)))
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:183:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(field);
data/wpa-2.9.0+git20200517+dd2daf0/src/common/wpa_helpers.c:223:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(ip) > 0) {
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:480:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(skcipher->t, out, AES_BLOCK_SIZE);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:655:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(skcipher->t, cypher, 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:833:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(skcipher->t, plain, n * 8);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_linux.c:961:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(ctx->skcipher->t, out, len);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:802:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[0] = strlen(tests[i].data);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:812:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[0] = strlen(tests[i].data);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:814:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[1] = strlen(tests[i].data) - 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:1243:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const u8 *) test->ssid, strlen(test->ssid),
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:1258:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pbkdf2_sha1(test->p, (const u8 *) test->s, strlen(test->s),
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:1700:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[0] = strlen(tests[i].data);
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/crypto_module_tests.c:1712:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[1] = strlen(tests[i].data) - 1;
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c:266:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(fd, dummy_key + dummy_key_avail,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/random.c:339:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(sock, dummy_key + dummy_key_avail,
data/wpa-2.9.0+git20200517+dd2daf0/src/crypto/tls_openssl.c:139:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = keystore_get(key, strlen(key), &value);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_bsd.c:631:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(sock, event_buf, sizeof(event_buf));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_ndis.c:2367:8: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = _tcslen(drv->adapter_name);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/driver_wext.c:764:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:62:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(rfkill->fd, &event, sizeof(event));
data/wpa-2.9.0+git20200517+dd2daf0/src/drivers/rfkill.c:140:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
len = read(rfkill->fd, &event, sizeof(event));
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_gpsk_common.c:371:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data_len = strlen(SID_LABEL) + 1 + 6 + seed_len;
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_gpsk_common.c:376:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
os_memcpy(pos, SID_LABEL, strlen(SID_LABEL));
data/wpa-2.9.0+git20200517+dd2daf0/src/eap_common/eap_gpsk_common.c:377:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(SID_LABEL);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/common.c:465:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = os_malloc((strlen(str) + 1) * sizeof(TCHAR));
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit.c:766:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(sock, buf, 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/edit_simple.c:32:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(sock, buf, 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:516:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define os_strlen(s) strlen(s)
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:649:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen OS_DO_NOT_USE_strlen
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:658:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#undef strncpy
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os.h:659:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define strncpy OS_DO_NOT_USE_strncpy
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_internal.c:36:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usec);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/os_unix.c:60:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(usec);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:629:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(sock, buf, sizeof(buf));
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/utils_module_tests.c:711:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res = read(sock, buf, sizeof(buf));
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/wpa_debug.c:141:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buflen = read(mounts, buf, sizeof(buf) - 1);
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml_libxml2.c:184:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doc = xmlParseMemory(buf, strlen(buf));
data/wpa-2.9.0+git20200517+dd2daf0/src/utils/xml_libxml2.c:412:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = base64_decode(txt, strlen(txt), &len);
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/httpread.c:380:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nread = read(h->sd, readbuf, sizeof(readbuf));
data/wpa-2.9.0+git20200517+dd2daf0/src/wps/wps_upnp_ssdp.c:718:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!isgraph(buf[strlen("M-SEARCH")])) {
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/addinterface.cpp:210:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = wpa_ctrl_request(ctrl, cmd, strlen(cmd), buf, &len, NULL);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/networkconfig.cpp:475:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(txt);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:364:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(ctrl_iface_dir) + strlen(ctrl_iface) + 2;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:364:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(ctrl_iface_dir) + strlen(ctrl_iface) + 2;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:370:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
flen = strlen(ctrl_iface) + 1;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:462:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = wpa_ctrl_request(ctrl_conn, cmd, strlen(cmd), buf, buflen, NULL);
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:933:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strncmp(a, b, strlen(b)) == 0;
data/wpa-2.9.0+git20200517+dd2daf0/wpa_supplicant/wpa_gui-qt4/wpagui.cpp:979:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
processCtrlReq(pos + strlen(WPA_CTRL_REQ));
ANALYSIS SUMMARY:
Hits = 2209
Lines analyzed = 515251 in approximately 11.43 seconds (45078 lines/second)
Physical Source Lines of Code (SLOC) = 382069
Hits@level = [0] 1031 [1] 70 [2] 1872 [3] 37 [4] 214 [5] 16
Hits@level+ = [0+] 3240 [1+] 2209 [2+] 2139 [3+] 267 [4+] 230 [5+] 16
Hits/KSLOC@level+ = [0+] 8.48014 [1+] 5.78168 [2+] 5.59847 [3+] 0.698827 [4+] 0.601986 [5+] 0.0418773
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.