Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/aprx-2.9.0+dfsg/agwpesocket.c
Examining data/aprx-2.9.0+dfsg/aprsis.c
Examining data/aprx-2.9.0+dfsg/aprx-stat.c
Examining data/aprx-2.9.0+dfsg/aprx.c
Examining data/aprx-2.9.0+dfsg/aprx.h
Examining data/aprx-2.9.0+dfsg/aprxpolls.c
Examining data/aprx-2.9.0+dfsg/ax25.c
Examining data/aprx-2.9.0+dfsg/beacon.c
Examining data/aprx-2.9.0+dfsg/cellmalloc.c
Examining data/aprx-2.9.0+dfsg/cellmalloc.h
Examining data/aprx-2.9.0+dfsg/config.c
Examining data/aprx-2.9.0+dfsg/crc.c
Examining data/aprx-2.9.0+dfsg/digipeater.c
Examining data/aprx-2.9.0+dfsg/dprsgw.c
Examining data/aprx-2.9.0+dfsg/dupecheck.c
Examining data/aprx-2.9.0+dfsg/erlang.c
Examining data/aprx-2.9.0+dfsg/filter.c
Examining data/aprx-2.9.0+dfsg/historydb.c
Examining data/aprx-2.9.0+dfsg/historydb.h
Examining data/aprx-2.9.0+dfsg/hlog.c
Examining data/aprx-2.9.0+dfsg/hlog.h
Examining data/aprx-2.9.0+dfsg/igate.c
Examining data/aprx-2.9.0+dfsg/interface.c
Examining data/aprx-2.9.0+dfsg/keyhash.c
Examining data/aprx-2.9.0+dfsg/keyhash.h
Examining data/aprx-2.9.0+dfsg/kiss.c
Examining data/aprx-2.9.0+dfsg/netax25.c
Examining data/aprx-2.9.0+dfsg/netresolver.c
Examining data/aprx-2.9.0+dfsg/parse_aprs.c
Examining data/aprx-2.9.0+dfsg/pbuf.c
Examining data/aprx-2.9.0+dfsg/pbuf.h
Examining data/aprx-2.9.0+dfsg/ssl.c
Examining data/aprx-2.9.0+dfsg/ssl.h
Examining data/aprx-2.9.0+dfsg/telemetry.c
Examining data/aprx-2.9.0+dfsg/test.c
Examining data/aprx-2.9.0+dfsg/timercmp.c
Examining data/aprx-2.9.0+dfsg/timestamp.c
Examining data/aprx-2.9.0+dfsg/ttyreader.c
Examining data/aprx-2.9.0+dfsg/valgrind.c
FINAL RESULTS:
data/aprx-2.9.0+dfsg/aprsis.c:170:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
addrlen = sprintf(addrbuf, "%s,qA%c,%s:", addr, qtype,
data/aprx-2.9.0+dfsg/aprsis.c:380:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s += sprintf(s, "user %s pass %s vers %s %s", A->H->login,
data/aprx-2.9.0+dfsg/aprsis.c:383:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s += sprintf(s, " filter %s", A->H->filterparam);
data/aprx-2.9.0+dfsg/aprx.c:595:4: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stdout, fmt, ap);
data/aprx-2.9.0+dfsg/aprx.c:622:13: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(fp, fmt, ap);
data/aprx-2.9.0+dfsg/aprx.h:57:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define strcpy aprx_strcpy
data/aprx-2.9.0+dfsg/aprx.h:68:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
extern char *strcpy(char *dest, const char *src);
data/aprx-2.9.0+dfsg/beacon.c:500:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s%c%s%c%s", type, lat, code[0], lon,
data/aprx-2.9.0+dfsg/beacon.c:504:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s111111z%s%c%s%c%s", type, lat, code[0], lon,
data/aprx-2.9.0+dfsg/beacon.c:507:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, ";%-9.9s*111111z%s%c%s%c%s", name, lat, code[0], lon,
data/aprx-2.9.0+dfsg/beacon.c:511:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, ")%-3.9s!%s%c%s%c%s", name, lat, code[0], lon,
data/aprx-2.9.0+dfsg/beacon.c:867:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(filename, "aprx", NULL);
data/aprx-2.9.0+dfsg/beacon.c:997:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(destbuf,"%s>%s,%s,TCPIP*", src, bm->dest, bm->via);
data/aprx-2.9.0+dfsg/beacon.c:999:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(destbuf,"%s>%s,TCPIP*", src, bm->dest);
data/aprx-2.9.0+dfsg/beacon.c:1021:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
dp += sprintf( dp, "%s*,%s", callsign, bm->via );
data/aprx-2.9.0+dfsg/beacon.c:1023:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
dp += sprintf( dp, "%s*", callsign );
data/aprx-2.9.0+dfsg/beacon.c:1026:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
dp += sprintf( dp, "%s", bm->via );
data/aprx-2.9.0+dfsg/beacon.c:1099:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(destbuf,"%s>%s,%s,TCPIP*", src, bm->dest, bm->via);
data/aprx-2.9.0+dfsg/beacon.c:1101:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(destbuf,"%s>%s,TCPIP*", src, bm->dest);
data/aprx-2.9.0+dfsg/beacon.c:1123:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
dp += sprintf( dp, "%s*,%s", callsign, bm->via );
data/aprx-2.9.0+dfsg/beacon.c:1125:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
dp += sprintf( dp, "%s*", callsign );
data/aprx-2.9.0+dfsg/beacon.c:1128:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
dp += sprintf( dp, "%s", bm->via );
data/aprx-2.9.0+dfsg/cellmalloc.c:88:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "/tmp/.-%d-%s-%d.mmap", getpid(), ca->arenaname, ca->cellblocks_count );
data/aprx-2.9.0+dfsg/config.c:374:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:388:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:398:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:403:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:410:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:416:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:422:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/config.c:427:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(errmsg, cf->name, cf->linenum);
data/aprx-2.9.0+dfsg/dprsgw.c:349:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(aprssymbol, gps2aprsSyms[mid].aprs);
data/aprx-2.9.0+dfsg/dprsgw.c:591:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "%s", s);
data/aprx-2.9.0+dfsg/dprsgw.c:603:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "%s", s);
data/aprx-2.9.0+dfsg/dprsgw.c:622:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "%s", s);
data/aprx-2.9.0+dfsg/dprsgw.c:630:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "%s", gga[5]); // <E|W>
data/aprx-2.9.0+dfsg/dprsgw.c:632:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
p += sprintf(p, "%s", rmc[6]); // <E|W>
data/aprx-2.9.0+dfsg/erlang.c:171:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(EF->head.title, erlangtitle);
data/aprx-2.9.0+dfsg/erlang.c:536:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msgbuf,
data/aprx-2.9.0+dfsg/erlang.c:582:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msgbuf,
data/aprx-2.9.0+dfsg/erlang.c:623:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msgbuf,
data/aprx-2.9.0+dfsg/filter.c:889:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, " %s", filt0);
data/aprx-2.9.0+dfsg/filter.c:893:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s %s", p, filt0); /* .. and catenate. */
data/aprx-2.9.0+dfsg/filter.c:1448:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(f->textbuf, filt0);
data/aprx-2.9.0+dfsg/filter.c:1456:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(f->textbuf, filt); /* and copy of filter text */
data/aprx-2.9.0+dfsg/hlog.c:139:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buf, LOG_LEN, fmt, args);
data/aprx-2.9.0+dfsg/hlog.c:145:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret + len, buf);
data/aprx-2.9.0+dfsg/hlog.c:190:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(log_fname, "%s/%s", log_dir, log_basename);
data/aprx-2.9.0+dfsg/hlog.c:276:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s.tmp", log_fname);
data/aprx-2.9.0+dfsg/hlog.c:299:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(r1, "%s.%d", log_fname, i-1);
data/aprx-2.9.0+dfsg/hlog.c:300:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(r2, "%s.%d", log_fname, i);
data/aprx-2.9.0+dfsg/hlog.c:383:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(s, LOG_LEN, fmt, args);
data/aprx-2.9.0+dfsg/hlog.c:410:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
l = vsnprintf(s, LOG_LEN, fmt, args);
data/aprx-2.9.0+dfsg/hlog.c:435:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(accesslog_fname, "%s/%s", accesslog_dir, accesslog_basename);
data/aprx-2.9.0+dfsg/hlog.c:485:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(s, LOG_LEN, fmt, args);
data/aprx-2.9.0+dfsg/interface.c:619:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *) (aif->tty->ttyname), "tcp!%s!%s!", host, port);
data/aprx-2.9.0+dfsg/interface.c:721:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *) (aif->tty->ttyname), "tcp!%s!%s[%s]",
data/aprx-2.9.0+dfsg/interface.c:1315:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
t += sprintf(t, "%s>%s:", fromcall, origtocall);
data/aprx-2.9.0+dfsg/interface.c:1434:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
a += sprintf((char*)a, "}%s>%s,%s,%s*:",
data/aprx-2.9.0+dfsg/interface.c:1470:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
t += sprintf(t, "%s>%s", fromcall, origtocall);
data/aprx-2.9.0+dfsg/interface.c:1474:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
t += sprintf(t, ",%s", heads[i]);
data/aprx-2.9.0+dfsg/interface.c:1493:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
t += sprintf(t, "}%s>%s,%s,%s*:",
data/aprx-2.9.0+dfsg/interface.c:1730:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
int destlen = sprintf(destbuf, "%s>APRS,TCPIP*", dstname);
data/aprx-2.9.0+dfsg/interface.c:1846:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
a += sprintf(axaddrbuf, "%s>%s", src, dest);
data/aprx-2.9.0+dfsg/parse_aprs.c:34:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_LOG(...) if(debug)printf(__VA_ARGS__)
data/aprx-2.9.0+dfsg/telemetry.c:145:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
beaconaddrlen = sprintf(beaconaddr, "%s>%s,TCPIP*", E->name, tocall);
data/aprx-2.9.0+dfsg/telemetry.c:356:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
beaconaddrlen = sprintf(beaconaddr, "%s>%s,TCPIP*", E->name, tocall);
data/aprx-2.9.0+dfsg/telemetry.c:363:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s = buf+2 + sprintf(buf+2,
data/aprx-2.9.0+dfsg/telemetry.c:368:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s = buf+2 + sprintf(buf+2,
data/aprx-2.9.0+dfsg/telemetry.c:374:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
s = buf+2 + sprintf(buf+2,
data/aprx-2.9.0+dfsg/ttyreader.c:133:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(S->rdline2, S->rdline);
data/aprx-2.9.0+dfsg/ttyreader.c:1071:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *) (tty->ttyname), "tcp!%s!%s!", host, port);
data/aprx-2.9.0+dfsg/valgrind.c:63:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy(char *dest, const char *src) {
data/aprx-2.9.0+dfsg/aprx-stat.c:208:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "f:StxX?h")) != -1) {
data/aprx-2.9.0+dfsg/aprx.c:177:14: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((i = getopt(argc, argv, "def:hiLl:vV?")) != -1) {
data/aprx-2.9.0+dfsg/beacon.c:736:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((long)t);
data/aprx-2.9.0+dfsg/digipeater.c:1541:42: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int jittery = src->viscous_delay > 0 ? random() % 3 + src->viscous_delay : 0;
data/aprx-2.9.0+dfsg/agwpesocket.c:277:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int agwpeportnum = atoi(agwpeport);
data/aprx-2.9.0+dfsg/agwpesocket.c:367:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->wrbuf, com->wrbuf + com->wrcursor, len);
data/aprx-2.9.0+dfsg/agwpesocket.c:405:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->wrbuf + com->wrlen, &hdr, sizeof(hdr));
data/aprx-2.9.0+dfsg/agwpesocket.c:407:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->wrbuf + com->wrlen, axaddr, axaddrlen);
data/aprx-2.9.0+dfsg/agwpesocket.c:409:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->wrbuf + com->wrlen, axdata, axdatalen);
data/aprx-2.9.0+dfsg/agwpesocket.c:448:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->wrbuf + com->wrlen, &hdr, sizeof(hdr));
data/aprx-2.9.0+dfsg/agwpesocket.c:528:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->rdbuf, com->rdbuf + com->rdcursor,
data/aprx-2.9.0+dfsg/agwpesocket.c:547:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr.fromCall, com->rdbuf + 8, 10);
data/aprx-2.9.0+dfsg/agwpesocket.c:548:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hdr.toCall, com->rdbuf + 18, 10);
data/aprx-2.9.0+dfsg/agwpesocket.c:571:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(com->rdbuf, com->rdbuf + com->rdcursor,
data/aprx-2.9.0+dfsg/aprsis.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wrbuf[16000];
data/aprx-2.9.0+dfsg/aprsis.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdbuf[3000];
data/aprx-2.9.0+dfsg/aprsis.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdline[500];
data/aprx-2.9.0+dfsg/aprsis.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrbuf[1000];
data/aprx-2.9.0+dfsg/aprsis.c:183:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A->wrbuf, A->wrbuf + A->wrbuf_cur,
data/aprx-2.9.0+dfsg/aprsis.c:200:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A->wrbuf + A->wrbuf_len, addrbuf, addrlen);
data/aprx-2.9.0+dfsg/aprsis.c:220:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A->wrbuf + A->wrbuf_len, text, textlen);
data/aprx-2.9.0+dfsg/aprsis.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aprsislogincmd[3000];
data/aprx-2.9.0+dfsg/aprsis.c:328:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addrstr[INET6_ADDRSTRLEN];
data/aprx-2.9.0+dfsg/aprsis.c:447:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(A->rdbuf, A->rdbuf + A->rdbuf_cur,
data/aprx-2.9.0+dfsg/aprsis.c:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10000];
data/aprx-2.9.0+dfsg/aprsis.c:576:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &head, sizeof(head));
data/aprx-2.9.0+dfsg/aprsis.c:579:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, addr, addrlen);
data/aprx-2.9.0+dfsg/aprsis.c:582:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, gwcall, gwlen);
data/aprx-2.9.0+dfsg/aprsis.c:585:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, text, textlen);
data/aprx-2.9.0+dfsg/aprsis.c:1044:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10000];
data/aprx-2.9.0+dfsg/aprsis.c:1168:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port = atoi(param1);
data/aprx-2.9.0+dfsg/aprsis.c:1216:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(AIH->filterparam[l1+1]), param1, l2+1);
data/aprx-2.9.0+dfsg/aprsis.c:1218:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(AIH->filterparam[0]), param1, l2+1);
data/aprx-2.9.0+dfsg/aprx-stat.c:28:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%04d-%02d-%02d %02d:%02d:%02d",
data/aprx-2.9.0+dfsg/aprx-stat.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtime[40];
data/aprx-2.9.0+dfsg/aprx-stat.c:98:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logtime, "%ld",
data/aprx-2.9.0+dfsg/aprx-stat.c:132:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logtime, "%ld",
data/aprx-2.9.0+dfsg/aprx-stat.c:166:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(logtime, "%ld",
data/aprx-2.9.0+dfsg/aprx.c:59:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/aprx-2.9.0+dfsg/aprx.c:60:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "SIGNAL %d - DYING!\n", sig);
data/aprx-2.9.0+dfsg/aprx.c:266:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pf = fopen(pidfile, "r");
data/aprx-2.9.0+dfsg/aprx.c:304:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *pf = fopen(pidfile, "w");
data/aprx-2.9.0+dfsg/aprx.c:339:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
i = open("/dev/null", O_RDONLY, 0);
data/aprx-2.9.0+dfsg/aprx.c:487:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%04d-%02d-%02d %02d:%02d:%02d.%03d",
data/aprx-2.9.0+dfsg/aprx.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[60];
data/aprx-2.9.0+dfsg/aprx.c:618:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(aprxlogfile, "a");
data/aprx-2.9.0+dfsg/aprx.c:656:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(rflogfile, "a");
data/aprx-2.9.0+dfsg/aprx.c:660:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[60];
data/aprx-2.9.0+dfsg/aprx.h:53:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy aprx_memcpy
data/aprx-2.9.0+dfsg/aprx.h:63:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern void *memcpy(void *dest, const void *src, size_t n);
data/aprx-2.9.0+dfsg/aprx.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8010];
data/aprx-2.9.0+dfsg/aprx.h:257:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *ttycallsign[16]; /* callsign */
data/aprx-2.9.0+dfsg/aprx.h:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *initstring[16]; /* optional init-string to be sent to
data/aprx-2.9.0+dfsg/aprx.h:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[31];
data/aprx-2.9.0+dfsg/aprx.h:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[32];
data/aprx-2.9.0+dfsg/aprx.h:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mycall[16];
data/aprx-2.9.0+dfsg/aprx.h:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addresses[20];
data/aprx-2.9.0+dfsg/aprx.h:537:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packetbuf[200]; /* 99.9+ % of time this is enough.. */
data/aprx-2.9.0+dfsg/ax25.c:62:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
dest += sprintf(dest, "-%d", ssid);
data/aprx-2.9.0+dfsg/ax25.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnc2buf[2800];
data/aprx-2.9.0+dfsg/beacon.c:421:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bm->timeout = atoi(p1);
data/aprx-2.9.0+dfsg/beacon.c:692:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hms[8];
data/aprx-2.9.0+dfsg/beacon.c:700:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hms, "%02d%02d%02dh", hour, min, sec);
data/aprx-2.9.0+dfsg/beacon.c:707:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( txt+11, hms, 7 ); // Overwrite with new time
data/aprx-2.9.0+dfsg/beacon.c:709:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( txt+1, hms, 7 ); // Overwrite with new time
data/aprx-2.9.0+dfsg/beacon.c:716:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename,"r");
data/aprx-2.9.0+dfsg/beacon.c:855:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dev_null = open("/dev/null", O_WRONLY);
data/aprx-2.9.0+dfsg/beacon.c:1230:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/aprx-2.9.0+dfsg/beacon.c:1231:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "matched child exit, pid=%d\n", pid);
data/aprx-2.9.0+dfsg/cellmalloc.c:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cellblocks[CELLBLOCKS_MAX]; /* ref as 'char pointer' for pointer arithmetics... */
data/aprx-2.9.0+dfsg/cellmalloc.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[2048];
data/aprx-2.9.0+dfsg/cellmalloc.c:90:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(name, O_RDWR|O_CREAT, 644);
data/aprx-2.9.0+dfsg/config.c:145:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hx[3];
data/aprx-2.9.0+dfsg/config.c:482:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int i = atoi(param1);
data/aprx-2.9.0+dfsg/config.c:800:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((cf.fp = fopen(name, "r")) == NULL) {
data/aprx-2.9.0+dfsg/digipeater.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[2000];
data/aprx-2.9.0+dfsg/digipeater.c:383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viafield[15]; // temp buffer for many uses
data/aprx-2.9.0+dfsg/digipeater.c:404:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(viafield, pb->data, len);
data/aprx-2.9.0+dfsg/digipeater.c:415:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(viafield, pb->srccall_end+1, len);
data/aprx-2.9.0+dfsg/digipeater.c:456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(viafield, p, len);
data/aprx-2.9.0+dfsg/digipeater.c:622:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxreq = atoi(param1);
data/aprx-2.9.0+dfsg/digipeater.c:626:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxdone = atoi(param1);
data/aprx-2.9.0+dfsg/digipeater.c:738:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
viscous_delay = atoi(param1);
data/aprx-2.9.0+dfsg/digipeater.c:910:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(source->ax25viapath, ax25viapath, sizeof(ax25viapath));
data/aprx-2.9.0+dfsg/digipeater.c:911:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(source->msgviapath, msgviapath, sizeof(msgviapath));
data/aprx-2.9.0+dfsg/digipeater.c:914:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(source->msgviapath, ax25viapath, sizeof(ax25viapath));
data/aprx-2.9.0+dfsg/digipeater.c:1214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viafield[14]; // room for text format
data/aprx-2.9.0+dfsg/digipeater.c:1289:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state.ax25addr, pb->ax25addr, pb->ax25addrlen);
data/aprx-2.9.0+dfsg/digipeater.c:1311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axaddr, digi->transmitter->ax25call, AX25ADDRLEN);
data/aprx-2.9.0+dfsg/digipeater.c:1363:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axaddr, digi->transmitter->ax25call, AX25ADDRLEN);
data/aprx-2.9.0+dfsg/digipeater.c:1383:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axaddr, digi->transmitter->ax25call, AX25ADDRLEN);
data/aprx-2.9.0+dfsg/digipeater.c:1391:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axaddr, digi->transmitter->ax25call, AX25ADDRLEN);
data/aprx-2.9.0+dfsg/digipeater.c:1413:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axaddr, digi->transmitter->ax25call, AX25ADDRLEN);
data/aprx-2.9.0+dfsg/digipeater.c:1428:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[2800];
data/aprx-2.9.0+dfsg/digipeater.c:1473:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tbuf+t2l, pb->ax25data+2, pb->ax25datalen-2); // Ctrl+PID skiped
data/aprx-2.9.0+dfsg/digipeater.c:1806:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&src->viscous_queue[0],
data/aprx-2.9.0+dfsg/dprsgw.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[10];
data/aprx-2.9.0+dfsg/dprsgw.c:58:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(dprslogfile,"a");
data/aprx-2.9.0+dfsg/dprsgw.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[10];
data/aprx-2.9.0+dfsg/dprsgw.c:125:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->history[n].callsign, callsign, sizeof(callsign));
data/aprx-2.9.0+dfsg/dprsgw.c:132:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char gps[3];
data/aprx-2.9.0+dfsg/dprsgw.c:133:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char aprs[3];
data/aprx-2.9.0+dfsg/dprsgw.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gps[3];
data/aprx-2.9.0+dfsg/dprsgw.c:506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *gga[20];
data/aprx-2.9.0+dfsg/dprsgw.c:507:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rmc[20];
data/aprx-2.9.0+dfsg/dprsgw.c:508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnc2buf[2000];
data/aprx-2.9.0+dfsg/dprsgw.c:515:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aprssym[3];
data/aprx-2.9.0+dfsg/dprsgw.c:521:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(aprssym, "/>"); // Default..
data/aprx-2.9.0+dfsg/dprsgw.c:566:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
p += sprintf(p, ">APDPRS,DSTAR*");
data/aprx-2.9.0+dfsg/dprsgw.c:673:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
p += sprintf(p, "/A=%06d", alt_feet);
data/aprx-2.9.0+dfsg/dprsgw.c:691:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *heads[2];
data/aprx-2.9.0+dfsg/dprsgw.c:734:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *heads[2];
data/aprx-2.9.0+dfsg/dprsgw.c:783:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->ggaline, tnc2addr, tnc2bodylen);
data/aprx-2.9.0+dfsg/dprsgw.c:794:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->rmcline, tnc2addr, tnc2bodylen);
data/aprx-2.9.0+dfsg/dprsgw.c:843:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->rdline, p, S->rdlinelen);
data/aprx-2.9.0+dfsg/dprsgw.c:935:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->rdline, p, len);
data/aprx-2.9.0+dfsg/dprsgw.c:1039:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((void*)S.rdline, "x$x4$GPPP$$$GP $$CRCB727,OH3BK-D>$$CRCB727,OH3BK-D>APRATS,DSTAR*:@165340h6128.23N/02353.52E-D-RATS (GPS-A) /A=000377");
data/aprx-2.9.0+dfsg/dprsgw.c:1044:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((void*)S.rdline, "\304\3559\202\333$$CRCC3F5,OH3KGR-M>API282,DSTAR*:/123035h6131.29N/02340.45E>/IC-E2820");
data/aprx-2.9.0+dfsg/dprsgw.c:1049:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((void*)S.rdline, "[SOB]\"=@=@=@=>7\310=@\010!~~~~~~~!~~~~~~~\001\001\001\001\001\001\001\001[EOB]$$CRCBFB7,OH3BK>APRATS,DSTAR*:@124202h6128.23N/02353.52E-D-RATS (GPS-A) /A=000377");
data/aprx-2.9.0+dfsg/dprsgw.c:1054:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((void*)S.rdline, "$GPGGA,164829.02,6131.6572,N,02339.1567,E,1,08,1.1,111.3,M,19.0,M,,*61");
data/aprx-2.9.0+dfsg/dprsgw.c:1059:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((void*)S.rdline, "$GPRMC,170130.02,A,6131.6583,N,02339.1552,E,0.00,154.8,290510,6.5,E,A*02");
data/aprx-2.9.0+dfsg/dprsgw.c:1065:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy((void*)S.rdline, "OH3BK D,BN *59 ");
data/aprx-2.9.0+dfsg/dprsgw.c:1072:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen("tt.log", "r");
data/aprx-2.9.0+dfsg/dprsgw.c:1074:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[3000];
data/aprx-2.9.0+dfsg/dprsgw.c:1082:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S.rdbuf+S.rdlen, ep, len);
data/aprx-2.9.0+dfsg/dupecheck.c:267:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->addresses, addr, addrlen);
data/aprx-2.9.0+dfsg/dupecheck.c:268:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->packet, data, datalen);
data/aprx-2.9.0+dfsg/dupecheck.c:425:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->addresses, addr, addrlen);
data/aprx-2.9.0+dfsg/dupecheck.c:426:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp->packet, data, datalen);
data/aprx-2.9.0+dfsg/erlang.c:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/aprx-2.9.0+dfsg/erlang.c:286:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
erlang_file_fd = open(erlang_backingstore, do_create ? O_RDWR : O_RDONLY, 0644); /* Presume: it exists! */
data/aprx-2.9.0+dfsg/erlang.c:289:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(erlang_backingstore,
data/aprx-2.9.0+dfsg/erlang.c:517:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgbuf[500];
data/aprx-2.9.0+dfsg/erlang.c:518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtime[40];
data/aprx-2.9.0+dfsg/erlang.c:523:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(erlanglogfile, "a");
data/aprx-2.9.0+dfsg/filter.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[CALLSIGNLEN_MAX+1]; /* size: 10.. */
data/aprx-2.9.0+dfsg/filter.c:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char textbuf[FILT_TEXTBUFSIZE];
data/aprx-2.9.0+dfsg/filter.c:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uckey[CALLSIGNLEN_MAX+1];
data/aprx-2.9.0+dfsg/filter.c:369:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->callsign, uckey, keylen);
data/aprx-2.9.0+dfsg/filter.c:519:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uckey[CALLSIGNLEN_MAX+1];
data/aprx-2.9.0+dfsg/filter.c:571:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->callsign, key, keylen);
data/aprx-2.9.0+dfsg/filter.c:794:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixbuf[CALLSIGNLEN_MAX+1];
data/aprx-2.9.0+dfsg/filter.c:1601:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, pb->data, i);
data/aprx-2.9.0+dfsg/filter.c:1641:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, d, i);
data/aprx-2.9.0+dfsg/filter.c:1677:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, e, i);
data/aprx-2.9.0+dfsg/filter.c:1780:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, pb->dstname, i);
data/aprx-2.9.0+dfsg/filter.c:1866:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, pb->srcname, i); // copy the interesting part
data/aprx-2.9.0+dfsg/filter.c:1890:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, pb->data, i);
data/aprx-2.9.0+dfsg/filter.c:2225:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ref.callsign, d, i);
data/aprx-2.9.0+dfsg/historydb.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[CALLSIGNLEN_MAX+2];
data/aprx-2.9.0+dfsg/historydb.c:192:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( keybuf, pb->info_start+1, CALLSIGNLEN_MAX+1);
data/aprx-2.9.0+dfsg/historydb.c:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( keybuf, pb->info_start+1, CALLSIGNLEN_MAX+1);
data/aprx-2.9.0+dfsg/historydb.c:225:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( keybuf, pb->data, CALLSIGNLEN_MAX) ;
data/aprx-2.9.0+dfsg/historydb.c:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( keybuf, pb->data, CALLSIGNLEN_MAX) ;
data/aprx-2.9.0+dfsg/historydb.c:238:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( keybuf, pb->data, CALLSIGNLEN_MAX) ;
data/aprx-2.9.0+dfsg/historydb.c:310:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cp->packet, pb->data, cp->packetlen );
data/aprx-2.9.0+dfsg/historydb.c:321:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp->key, keybuf, keylen);
data/aprx-2.9.0+dfsg/historydb.c:369:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[CALLSIGNLEN_MAX+2];
data/aprx-2.9.0+dfsg/historydb.c:400:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keybuf, pb->srcname, pb->srcname_len);
data/aprx-2.9.0+dfsg/historydb.c:408:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keybuf, pb->srcname, pb->srcname_len);
data/aprx-2.9.0+dfsg/historydb.c:481:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cp->packet, pb->data, cp->packetlen );
data/aprx-2.9.0+dfsg/historydb.c:494:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp->key, keybuf, keylen);
data/aprx-2.9.0+dfsg/historydb.h:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[CALLSIGNLEN_MAX+2];
data/aprx-2.9.0+dfsg/historydb.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packetbuf[170]; /* Maybe a dozen packets are bigger than
data/aprx-2.9.0+dfsg/hlog.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOG_LEN];
data/aprx-2.9.0+dfsg/hlog.c:192:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_file = open(log_fname, O_WRONLY|O_CREAT|O_APPEND, S_IRUSR|S_IWUSR|S_IRGRP);
data/aprx-2.9.0+dfsg/hlog.c:286:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
log_file = open(log_fname, O_WRONLY|O_CREAT|O_APPEND, S_IRUSR|S_IWUSR|S_IRGRP);
data/aprx-2.9.0+dfsg/hlog.c:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wb[LOG_LEN];
data/aprx-2.9.0+dfsg/hlog.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[LOG_LEN];
data/aprx-2.9.0+dfsg/hlog.c:398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[LOG_LEN];
data/aprx-2.9.0+dfsg/hlog.c:437:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
accesslog_file = open(accesslog_fname, O_WRONLY|O_CREAT|O_APPEND, S_IRUSR|S_IWUSR|S_IRGRP);
data/aprx-2.9.0+dfsg/hlog.c:478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[LOG_LEN], wb[LOG_LEN];
data/aprx-2.9.0+dfsg/hlog.c:522:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[32];
data/aprx-2.9.0+dfsg/hlog.c:525:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = open(name, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
data/aprx-2.9.0+dfsg/igate.c:458:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void pick_heads(char *ax25, int headlen,
data/aprx-2.9.0+dfsg/igate.c:459:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *heads[20], int *headscount)
data/aprx-2.9.0+dfsg/igate.c:500:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *heads[20];
data/aprx-2.9.0+dfsg/igate.c:532:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(headsbuf, ax25, colonidx+1);
data/aprx-2.9.0+dfsg/interface.c:310:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(initstring, param1, parlen);
data/aprx-2.9.0+dfsg/interface.c:354:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ifgroup = atol(param1);
data/aprx-2.9.0+dfsg/interface.c:404:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aif, aifp, sizeof(*aif));
data/aprx-2.9.0+dfsg/interface.c:845:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(initstring, param1, parlen);
data/aprx-2.9.0+dfsg/interface.c:866:15: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ifgroup = atol(param1);
data/aprx-2.9.0+dfsg/interface.c:1155:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axbuf, axaddr, axaddrlen);
data/aprx-2.9.0+dfsg/interface.c:1156:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(axbuf + axaddrlen, axdata, axdatalen);
data/aprx-2.9.0+dfsg/interface.c:1258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnc2buf1[2800];
data/aprx-2.9.0+dfsg/interface.c:1310:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( a, tnc2data, tnc2datalen );
data/aprx-2.9.0+dfsg/interface.c:1321:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, tnc2data, tnc2datalen);
data/aprx-2.9.0+dfsg/interface.c:1374:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tnc2buf[2800];
data/aprx-2.9.0+dfsg/interface.c:1401:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ax25buf, toaprs, 7); // AX.25 DEST call
data/aprx-2.9.0+dfsg/interface.c:1404:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ax25buf+7, tx_aif->ax25call, 7); // AX.25 SRC call
data/aprx-2.9.0+dfsg/interface.c:1410:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, digisrc->msgviapath, 7); // AX.25 VIA call for a Message
data/aprx-2.9.0+dfsg/interface.c:1415:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, digisrc->ax25viapath, 7); // AX.25 VIA call
data/aprx-2.9.0+dfsg/interface.c:1443:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, tnc2data, tnc2datalen);
data/aprx-2.9.0+dfsg/interface.c:1502:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(t, tnc2data, tnc2datalen);
data/aprx-2.9.0+dfsg/interface.c:1602:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recipient[10];
data/aprx-2.9.0+dfsg/interface.c:1729:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destbuf[50];
data/aprx-2.9.0+dfsg/interface.c:1731:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[50];
data/aprx-2.9.0+dfsg/interface.c:1769:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstname[DSTNAMELEN];
data/aprx-2.9.0+dfsg/interface.c:1818:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char axaddrbuf[128];
data/aprx-2.9.0+dfsg/interface.c:1851:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viafield[12];
data/aprx-2.9.0+dfsg/interface.c:1861:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, via, vialen);
data/aprx-2.9.0+dfsg/interface.c:1889:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(viafield, p, len);
data/aprx-2.9.0+dfsg/interface.c:1935:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( axbuf, axaddrbuf, axlen );
data/aprx-2.9.0+dfsg/interface.c:1938:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, txbuf+2, txlen-2); // forget control+pid bytes..
data/aprx-2.9.0+dfsg/kiss.c:373:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf + S->wrlen, kissbuf, kisslen);
data/aprx-2.9.0+dfsg/kiss.c:460:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(aprxlogfile, "a");
data/aprx-2.9.0+dfsg/kiss.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[60];
data/aprx-2.9.0+dfsg/kiss.c:637:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf, S->wrbuf + S->wrcursor, len);
data/aprx-2.9.0+dfsg/kiss.c:669:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf + S->wrlen, kissbuf, len);
data/aprx-2.9.0+dfsg/kiss.c:695:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf, S->wrbuf + S->wrcursor, len);
data/aprx-2.9.0+dfsg/kiss.c:727:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf + S->wrlen, kissbuf, kisslen);
data/aprx-2.9.0+dfsg/netax25.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[IFNAMSIZ];
data/aprx-2.9.0+dfsg/netax25.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char callsign[10];
data/aprx-2.9.0+dfsg/netax25.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devname[64];
data/aprx-2.9.0+dfsg/netax25.c:169:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nax25->ax25addr.sax25_call, ax25call, 7);
data/aprx-2.9.0+dfsg/netax25.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512], *s;
data/aprx-2.9.0+dfsg/netax25.c:318:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("/proc/net/dev", "r");
data/aprx-2.9.0+dfsg/netax25.c:357:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ax25dev.devname, ifr.ifr_name, IFNAMSIZ);
data/aprx-2.9.0+dfsg/netax25.c:358:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ax25dev.ax25addr, ifr.ifr_hwaddr.sa_data, 7); // AX.25 address
data/aprx-2.9.0+dfsg/netax25.c:385:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, &ax25dev, sizeof(*d));
data/aprx-2.9.0+dfsg/netax25.c:443:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nax25p->ax25addr.sax25_call, interface->ax25call, sizeof(interface->ax25call));
data/aprx-2.9.0+dfsg/netax25.c:697:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(aprxlogfile, "a");
data/aprx-2.9.0+dfsg/netax25.c:699:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timebuf[60];
data/aprx-2.9.0+dfsg/netax25.c:715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2000];
data/aprx-2.9.0+dfsg/netax25.c:762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c0[1];
data/aprx-2.9.0+dfsg/netresolver.c:88:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&n->sa, ai->ai_addr, ai->ai_addrlen);
data/aprx-2.9.0+dfsg/parse_aprs.c:583:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstcall[7];
data/aprx-2.9.0+dfsg/parse_aprs.c:851:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posbuf[20];
data/aprx-2.9.0+dfsg/parse_aprs.c:867:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(posbuf, body, 19);
data/aprx-2.9.0+dfsg/pbuf.c:214:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, tnc2buf, tnc2len);
data/aprx-2.9.0+dfsg/pbuf.c:218:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pb->ax25addr, ax25buf, ax25len);
data/aprx-2.9.0+dfsg/pbuf.h:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[3]; /* 2(+1) chars of symbol, if any, NUL for not found */
data/aprx-2.9.0+dfsg/pbuf.h:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1];
data/aprx-2.9.0+dfsg/ssl.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[512];
data/aprx-2.9.0+dfsg/ssl.c:823:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[255];
data/aprx-2.9.0+dfsg/ssl.c:907:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ebuf[255];
data/aprx-2.9.0+dfsg/telemetry.c:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *s;
data/aprx-2.9.0+dfsg/telemetry.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char beaconaddr[60];
data/aprx-2.9.0+dfsg/telemetry.c:148:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "T#%03d,", telemetry_seq);
data/aprx-2.9.0+dfsg/telemetry.c:183:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%.1f,", f);
data/aprx-2.9.0+dfsg/telemetry.c:217:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%.1f,", f);
data/aprx-2.9.0+dfsg/telemetry.c:247:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%.1f,", f);
data/aprx-2.9.0+dfsg/telemetry.c:276:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%.1f,", f);
data/aprx-2.9.0+dfsg/telemetry.c:305:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "%.1f,", f);
data/aprx-2.9.0+dfsg/telemetry.c:308:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
s += sprintf(s, "00000000"); // FIXME: flag telemetry?
data/aprx-2.9.0+dfsg/telemetry.c:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[200], *s;
data/aprx-2.9.0+dfsg/telemetry.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char beaconaddr[60];
data/aprx-2.9.0+dfsg/timestamp.c:93:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void encode_aprsis_ntptimestamp(uint64_t ntptime, char timestamp[8])
data/aprx-2.9.0+dfsg/timestamp.c:126:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int decode_aprsis_ntptimestamp(char timestamp[8], uint64_t *ntptimep)
data/aprx-2.9.0+dfsg/timestamp.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[8];
data/aprx-2.9.0+dfsg/ttyreader.c:263:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf, S->wrbuf + S->wrcursor, len);
data/aprx-2.9.0+dfsg/ttyreader.c:288:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->rdbuf, S->rdbuf + S->rdcursor,
data/aprx-2.9.0+dfsg/ttyreader.c:362:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->rdbuf, S->rdbuf + S->rdcursor,
data/aprx-2.9.0+dfsg/ttyreader.c:388:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
S->fd = open(S->ttyname, O_RDWR | O_NOCTTY | O_NONBLOCK, 0);
data/aprx-2.9.0+dfsg/ttyreader.c:436:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(S->wrbuf + S->wrlen, S->initstring[i], S->initlen[i]);
data/aprx-2.9.0+dfsg/ttyreader.c:783:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tty->poll_millis = atol(param1); // milliseconds
data/aprx-2.9.0+dfsg/ttyreader.c:832:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atol(param1); /* serial port speed - baud rate */
data/aprx-2.9.0+dfsg/ttyreader.c:948:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tty->read_timeout = atol(param1);
data/aprx-2.9.0+dfsg/ttyreader.c:954:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tncid = atoi(param1);
data/aprx-2.9.0+dfsg/ttyreader.c:965:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tty->poll_millis = atol(param1); // milliseconds
data/aprx-2.9.0+dfsg/ttyreader.c:993:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tty->initstring[tncid], param1, parlen);
data/aprx-2.9.0+dfsg/valgrind.c:30:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy(void *dest, const void *src, size_t n) {
data/aprx-2.9.0+dfsg/valgrind.c:46:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, s, len);
data/aprx-2.9.0+dfsg/agwpesocket.c:535:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rcvlen = read(com->fd, com->rdbuf + com->rdlen, rcvspace);
data/aprx-2.9.0+dfsg/aprsis.c:387:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aprsis_queue_(A, NULL, qTYPE_LOCALGEN, "", aprsislogincmd, strlen(aprsislogincmd));
data/aprx-2.9.0+dfsg/aprsis.c:458:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(A->server_socket, A->rdbuf + A->rdbuf_len, rdspace);
data/aprx-2.9.0+dfsg/aprsis.c:544:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len, gwlen = strlen(gwcall);
data/aprx-2.9.0+dfsg/aprsis.c:553:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addrlen = strlen(addr);
data/aprx-2.9.0+dfsg/aprsis.c:1209:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l1 = (AIH->filterparam != NULL) ? strlen(AIH->filterparam) : 0;
data/aprx-2.9.0+dfsg/aprsis.c:1210:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l2 = strlen(param1);
data/aprx-2.9.0+dfsg/aprx.c:61:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(1, buf, strlen(buf));
data/aprx-2.9.0+dfsg/aprx.h:56:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen aprx_strlen
data/aprx-2.9.0+dfsg/aprx.h:58:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define strncpy aprx_strncpy
data/aprx-2.9.0+dfsg/aprx.h:64:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extern size_t strlen(const char *p);
data/aprx-2.9.0+dfsg/aprx.h:69:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
extern char *strncpy(char *dest, const char *src, size_t n);
data/aprx-2.9.0+dfsg/ax25.c:161:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/aprx-2.9.0+dfsg/ax25.c:166:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/aprx-2.9.0+dfsg/ax25.c:200:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t += strlen(t);
data/aprx-2.9.0+dfsg/beacon.c:68:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int buflen = strlen(p1) + strlen(str ? str : "") + 10;
data/aprx-2.9.0+dfsg/beacon.c:68:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int buflen = strlen(p1) + strlen(str ? str : "") + 10;
data/aprx-2.9.0+dfsg/beacon.c:338:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(code) != 2) {
data/aprx-2.9.0+dfsg/beacon.c:496:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (code && strlen(code) == 2 && lat && strlen(lat) == 8 &&
data/aprx-2.9.0+dfsg/beacon.c:496:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (code && strlen(code) == 2 && lat && strlen(lat) == 8 &&
data/aprx-2.9.0+dfsg/beacon.c:497:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lon && strlen(lon) == 9) {
data/aprx-2.9.0+dfsg/beacon.c:516:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!code || (code && strlen(code) != 2))
data/aprx-2.9.0+dfsg/beacon.c:518:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!lat || (lat && strlen(lat) != 8))
data/aprx-2.9.0+dfsg/beacon.c:520:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!lon || (lon && strlen(lon) != 9))
data/aprx-2.9.0+dfsg/beacon.c:562:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(bm->msg);
data/aprx-2.9.0+dfsg/beacon.c:766:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((rc = read(bset->exec_fd, bset->exec_buf + bset->exec_buf_length, space)) > 0) {
data/aprx-2.9.0+dfsg/beacon.c:934:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
destlen = strlen(bm->dest) + ((bm->via != NULL) ? strlen(bm->via): 0) +2;
data/aprx-2.9.0+dfsg/beacon.c:934:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
destlen = strlen(bm->dest) + ((bm->via != NULL) ? strlen(bm->via): 0) +2;
data/aprx-2.9.0+dfsg/beacon.c:970:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
txtlen = strlen(txt);
data/aprx-2.9.0+dfsg/beacon.c:979:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = destlen + 12 + strlen(src); // destlen contains bm->via plus room for ",TCPIP*"
data/aprx-2.9.0+dfsg/beacon.c:1009:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aprsis_queue(destbuf, strlen(destbuf),
data/aprx-2.9.0+dfsg/beacon.c:1050:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = destlen + 12 + (src != NULL ? strlen(src) : 0); // destlen contains bm->via, plus room for ",TCPIP*"
data/aprx-2.9.0+dfsg/beacon.c:1110:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aprsis_queue(destbuf, strlen(destbuf),
data/aprx-2.9.0+dfsg/beacon.c:1232:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(1, buf, strlen(buf));
data/aprx-2.9.0+dfsg/config.c:39:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(callsign);
data/aprx-2.9.0+dfsg/config.c:752:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = bufp + strlen(bufp);
data/aprx-2.9.0+dfsg/digipeater.c:300:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int tlen = strlen(aif->callsign);
data/aprx-2.9.0+dfsg/digipeater.c:468:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(viafield,"*"); // we do know that there is space for this.
data/aprx-2.9.0+dfsg/digipeater.c:638:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylens[nkeys-1] = strlen(k);
data/aprx-2.9.0+dfsg/dprsgw.c:995:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(fp);
data/aprx-2.9.0+dfsg/dprsgw.c:1040:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S.rdlinelen = strlen((void*)S.rdline);
data/aprx-2.9.0+dfsg/dprsgw.c:1045:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S.rdlinelen = strlen((void*)S.rdline);
data/aprx-2.9.0+dfsg/dprsgw.c:1050:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S.rdlinelen = strlen((void*)S.rdline);
data/aprx-2.9.0+dfsg/dprsgw.c:1055:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S.rdlinelen = strlen((void*)S.rdline);
data/aprx-2.9.0+dfsg/dprsgw.c:1061:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S.rdlinelen = strlen((void*)S.rdline);
data/aprx-2.9.0+dfsg/dprsgw.c:1066:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
S.rdlinelen = strlen((void*)S.rdline);
data/aprx-2.9.0+dfsg/erlang.c:70:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(ErlangHead->mycall, "N0CALL",
data/aprx-2.9.0+dfsg/erlang.c:73:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ErlangHead->mycall, mycall,
data/aprx-2.9.0+dfsg/erlang.c:342:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(E->name, portname, sizeof(E->name) - 1);
data/aprx-2.9.0+dfsg/filter.c:871:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
refbuf[refcount].reflen = strlen(prefixbuf);
data/aprx-2.9.0+dfsg/filter.c:883:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(ff->h.text) + strlen(filt0)+2;
data/aprx-2.9.0+dfsg/filter.c:883:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(ff->h.text) + strlen(filt0)+2;
data/aprx-2.9.0+dfsg/filter.c:888:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = ff->textbuf + strlen(ff->textbuf);
data/aprx-2.9.0+dfsg/filter.c:1143:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f0.h.u5.refcallsign.reflen = strlen(f0.h.u5.refcallsign.callsign);
data/aprx-2.9.0+dfsg/filter.c:1404:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(f0.h.u5.refcallsign.callsign) < CALLSIGNLEN_MIN ) {
data/aprx-2.9.0+dfsg/filter.c:1411:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f0.h.u5.refcallsign.reflen = strlen(f0.h.u5.refcallsign.callsign);
data/aprx-2.9.0+dfsg/filter.c:1447:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filt0) < FILT_TEXTBUFSIZE) {
data/aprx-2.9.0+dfsg/filter.c:1453:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
f = calloc(1, sizeof(*f) + strlen(filt0));
data/aprx-2.9.0+dfsg/historydb.c:203:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = keybuf + strlen(keybuf);
data/aprx-2.9.0+dfsg/historydb.c:248:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen(keybuf);
data/aprx-2.9.0+dfsg/historydb.c:416:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
keylen = strlen(keybuf);
data/aprx-2.9.0+dfsg/hlog.c:143:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/aprx-2.9.0+dfsg/hlog.c:144:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = hrealloc(s, len + strlen(buf) + 1);
data/aprx-2.9.0+dfsg/hlog.c:189:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_fname = hmalloc(strlen(log_dir) + strlen(log_basename) + 2);
data/aprx-2.9.0+dfsg/hlog.c:189:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_fname = hmalloc(strlen(log_dir) + strlen(log_basename) + 2);
data/aprx-2.9.0+dfsg/hlog.c:275:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = hmalloc(strlen(log_fname) + 6);
data/aprx-2.9.0+dfsg/hlog.c:295:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r1 = hmalloc(strlen(log_fname) + 16);
data/aprx-2.9.0+dfsg/hlog.c:296:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
r2 = hmalloc(strlen(log_fname) + 16);
data/aprx-2.9.0+dfsg/hlog.c:434:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accesslog_fname = hmalloc(strlen(accesslog_dir) + strlen(accesslog_basename) + 2);
data/aprx-2.9.0+dfsg/hlog.c:434:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
accesslog_fname = hmalloc(strlen(accesslog_dir) + strlen(accesslog_basename) + 2);
data/aprx-2.9.0+dfsg/interface.c:616:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(host) + strlen(port) + 8;
data/aprx-2.9.0+dfsg/interface.c:616:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(host) + strlen(port) + 8;
data/aprx-2.9.0+dfsg/interface.c:719:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(hostname) + strlen(hostport) + strlen(agwpeportnum) + 8;
data/aprx-2.9.0+dfsg/interface.c:719:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(hostname) + strlen(hostport) + strlen(agwpeportnum) + 8;
data/aprx-2.9.0+dfsg/interface.c:719:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(hostname) + strlen(hostport) + strlen(agwpeportnum) + 8;
data/aprx-2.9.0+dfsg/interface.c:1611:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pb->dstname_len = strlen(recipient);
data/aprx-2.9.0+dfsg/interface.c:1617:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hist_rx = historydb_lookup(historydb, recipient, strlen(recipient));
data/aprx-2.9.0+dfsg/interface.c:1645:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
history_cell_t *hist_tx = historydb_lookup(historydb, fromcall, strlen(fromcall));
data/aprx-2.9.0+dfsg/interface.c:1698:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dstname, pb->dstname, DSTNAMELEN-1);
data/aprx-2.9.0+dfsg/interface.c:1852:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int vialen = strlen(via);
data/aprx-2.9.0+dfsg/interface.c:1921:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
axaddrbuf, strlen(axaddrbuf),
data/aprx-2.9.0+dfsg/netax25.c:210:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, devname, sizeof(ifr.ifr_name));
data/aprx-2.9.0+dfsg/netax25.c:337:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, s, IFNAMSIZ-1);
data/aprx-2.9.0+dfsg/netax25.c:716:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)read(fd, buf, sizeof(buf));
data/aprx-2.9.0+dfsg/parse_aprs.c:668:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dstcall, d_start, 6);
data/aprx-2.9.0+dfsg/ssl.c:741:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(c->cert_subject, subject, sizeof(c->cert_subject));
data/aprx-2.9.0+dfsg/ssl.c:743:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(c->cert_issuer, issuer, sizeof(c->cert_issuer));
data/aprx-2.9.0+dfsg/telemetry.c:514:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
check = tnc2_verify_callsign_format(param1, 0, 1, param1+strlen(param1));
data/aprx-2.9.0+dfsg/ttyreader.c:301:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(S->fd, S->rdbuf + S->rdlen, rdspace);
data/aprx-2.9.0+dfsg/ttyreader.c:1068:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(host) + strlen(port) + 8;
data/aprx-2.9.0+dfsg/ttyreader.c:1068:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(host) + strlen(port) + 8;
data/aprx-2.9.0+dfsg/valgrind.c:38:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen(const char *p) {
data/aprx-2.9.0+dfsg/valgrind.c:44:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s)+1;
data/aprx-2.9.0+dfsg/valgrind.c:70:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy(char *dest, const char *src, size_t n) {
ANALYSIS SUMMARY:
Hits = 431
Lines analyzed = 23944 in approximately 0.64 seconds (37123 lines/second)
Physical Source Lines of Code (SLOC) = 15826
Hits@level = [0] 737 [1] 94 [2] 260 [3] 4 [4] 73 [5] 0
Hits@level+ = [0+] 1168 [1+] 431 [2+] 337 [3+] 77 [4+] 73 [5+] 0
Hits/KSLOC@level+ = [0+] 73.8026 [1+] 27.2337 [2+] 21.2941 [3+] 4.86541 [4+] 4.61266 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.