Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/bgpdump-1.6.2/bgpdump.c
Examining data/bgpdump-1.6.2/bgpdump_formats.h
Examining data/bgpdump-1.6.2/bgpdump_lib.h
Examining data/bgpdump-1.6.2/bgpdump_mstream.c
Examining data/bgpdump-1.6.2/bgpdump_mstream.h
Examining data/bgpdump-1.6.2/example.c
Examining data/bgpdump-1.6.2/inet_ntop.c
Examining data/bgpdump-1.6.2/util.h
Examining data/bgpdump-1.6.2/bgpdump_lib.c
Examining data/bgpdump-1.6.2/cfile_tools.c
Examining data/bgpdump-1.6.2/cfile_tools.h
Examining data/bgpdump-1.6.2/util.c
Examining data/bgpdump-1.6.2/bgpdump_attr.h
FINAL RESULTS:
data/bgpdump-1.6.2/bgpdump.c:1043:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(prefix, "%s", inet_ntoa(entry->body.zebra_state_change.source_ip.v4_addr));
data/bgpdump-1.6.2/bgpdump_lib.c:108:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this_dump->filename, filename);
data/bgpdump-1.6.2/bgpdump_lib.c:1245:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(as->str, ASPATH_STR_ERROR);
data/bgpdump-1.6.2/bgpdump_lib.c:1424:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(com->str, buf);
data/bgpdump-1.6.2/bgpdump_lib.c:1456:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lcom->str, buf);
data/bgpdump-1.6.2/bgpdump_lib.c:1764:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (dst, src);
data/bgpdump-1.6.2/example.c:164:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, inet_ntoa(entry->body.mrtd_table_dump.prefix.v4_addr));
data/bgpdump-1.6.2/example.c:165:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(peer_ip, inet_ntoa(entry->body.mrtd_table_dump.peer_ip.v4_addr));
data/bgpdump-1.6.2/example.c:193:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, inet_ntoa(e->prefix.v4_addr));
data/bgpdump-1.6.2/example.c:234:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(source_ip, inet_ntoa(entry->body.zebra_message.source_ip.v4_addr));
data/bgpdump-1.6.2/example.c:235:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(destination_ip, inet_ntoa(entry->body.zebra_message.destination_ip.v4_addr));
data/bgpdump-1.6.2/example.c:391:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(have_nexthop ? "\n" : "N/A\n");
data/bgpdump-1.6.2/inet_ntop.c:145:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "::%s%s", m ? "ffff:" : "", fmt_ipv4(mapped, buffer2));
data/bgpdump-1.6.2/util.c:57:9: [4] (format) syslog:
If syslog's format strings can be influenced by an attacker, they can be
exploited (CWE-134). Use a constant format string for syslog.
syslog(lvl, fmt, args);
data/bgpdump-1.6.2/util.c:60:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/bgpdump-1.6.2/util.h:31:54: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void err(const char *fmt, ...) __attribute__((format(printf, 1, 2)));
data/bgpdump-1.6.2/util.h:32:55: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void warn(const char *fmt, ...) __attribute__((format(printf, 1, 2)));
data/bgpdump-1.6.2/util.h:33:56: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void debug(const char *fmt, ...) __attribute__((format(printf, 1, 2)));
data/bgpdump-1.6.2/bgpdump.c:209:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c=getopt(argc,argv,"if:o:t:mMHO:svTplqu"))!=-1)
data/bgpdump-1.6.2/bgpdump.c:233:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(optarg, O_WRONLY|O_CREAT, 0666);
data/bgpdump-1.6.2/bgpdump.c:312:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[128];
data/bgpdump-1.6.2/bgpdump.c:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str2[128];
data/bgpdump-1.6.2/bgpdump.c:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str_fixed[128];
data/bgpdump-1.6.2/bgpdump.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[BGPDUMP_ADDRSTRLEN];
data/bgpdump-1.6.2/bgpdump.c:325:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(time_str, "%lld", (long long)entry->time);
data/bgpdump-1.6.2/bgpdump.c:331:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(time_str + len, ".%06ld", entry->ms);
data/bgpdump-1.6.2/bgpdump.c:420:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer_ip[BGPDUMP_ADDRSTRLEN];
data/bgpdump-1.6.2/bgpdump.c:466:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(peer_ip, "[N/A, unsupported AF]");
data/bgpdump-1.6.2/bgpdump.c:582:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf+1,&entry->body.zebra_message.incomplete.prefix.address,cutted-1);
data/bgpdump-1.6.2/bgpdump.c:1077:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[128];
data/bgpdump-1.6.2/bgpdump.c:1081:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(time_str, "%lld", (long long)entry->time);
data/bgpdump-1.6.2/bgpdump.c:1275:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1317:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1429:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128];
data/bgpdump-1.6.2/bgpdump.c:1527:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1528:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggregate[20];
data/bgpdump-1.6.2/bgpdump.c:1533:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"AG");
data/bgpdump-1.6.2/bgpdump.c:1535:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"NAG");
data/bgpdump-1.6.2/bgpdump.c:1626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggregate[20];
data/bgpdump-1.6.2/bgpdump.c:1632:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"AG");
data/bgpdump-1.6.2/bgpdump.c:1634:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"NAG");
data/bgpdump-1.6.2/bgpdump.c:1787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/bgpdump-1.6.2/bgpdump.c:1788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[128];
data/bgpdump-1.6.2/bgpdump.c:1789:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[128];
data/bgpdump-1.6.2/bgpdump.c:1790:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggregate[20];
data/bgpdump-1.6.2/bgpdump.c:1795:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"AG");
data/bgpdump-1.6.2/bgpdump.c:1797:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"NAG");
data/bgpdump-1.6.2/bgpdump.c:1908:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aggregate[20];
data/bgpdump-1.6.2/bgpdump.c:1911:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[20];
data/bgpdump-1.6.2/bgpdump.c:1912:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer[BGPDUMP_ADDRSTRLEN], prefix[BGPDUMP_ADDRSTRLEN], nexthop[BGPDUMP_ADDRSTRLEN];
data/bgpdump-1.6.2/bgpdump.c:1915:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"AG");
data/bgpdump-1.6.2/bgpdump.c:1917:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(aggregate,"NAG");
data/bgpdump-1.6.2/bgpdump.c:1926:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(time_str, "%lld", (long long)*t);
data/bgpdump-1.6.2/bgpdump.c:2018:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[20];
data/bgpdump-1.6.2/bgpdump.c:2019:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char peer[BGPDUMP_ADDRSTRLEN], prefix[BGPDUMP_ADDRSTRLEN], nexthop[BGPDUMP_ADDRSTRLEN];
data/bgpdump-1.6.2/bgpdump.c:2057:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(time_str, "%lld", (long long)*t);
data/bgpdump-1.6.2/bgpdump_attr.h:193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[0];
data/bgpdump-1.6.2/bgpdump_formats.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char view_name[BGPDUMP_TYPE_TABLE_DUMP_V2_MAX_VIEWNAME_LEN];
data/bgpdump-1.6.2/bgpdump_lib.c:102:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(this_dump->filename, "[STDIN]");
data/bgpdump-1.6.2/bgpdump_lib.c:1002:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr->data, &s->start[s->position], len);
data/bgpdump-1.6.2/bgpdump_lib.c:1335:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&temp, segment->data + asn_pos, sizeof (u_int32_t));
data/bgpdump-1.6.2/bgpdump_lib.c:1344:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(as->str + pos, "...");
data/bgpdump-1.6.2/bgpdump_lib.c:1391:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bgpdump-1.6.2/bgpdump_lib.c:1401:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&comval, com_nthval (com, i), sizeof (u_int32_t));
data/bgpdump-1.6.2/bgpdump_lib.c:1433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/bgpdump-1.6.2/bgpdump_lib.c:1443:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&global, lcom->val + (i * 3), sizeof (u_int32_t));
data/bgpdump-1.6.2/bgpdump_lib.c:1444:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&local1, lcom->val + (i * 3) + 1, sizeof (u_int32_t));
data/bgpdump-1.6.2/bgpdump_lib.c:1445:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&local2, lcom->val + (i * 3) + 2, sizeof (u_int32_t));
data/bgpdump-1.6.2/bgpdump_lib.c:1743:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mergedpath->data + mergedpath->length, newpath->data, newpath->length);
data/bgpdump-1.6.2/bgpdump_lib.h:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[BGPDUMP_MAX_FILE_LEN];
data/bgpdump-1.6.2/bgpdump_mstream.c:45:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(d!=NULL) memcpy(d,&data,sizeof(data));
data/bgpdump-1.6.2/bgpdump_mstream.c:54:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(d!=NULL) memcpy(d,&data,sizeof(data));
data/bgpdump-1.6.2/bgpdump_mstream.c:63:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(d!=NULL) memcpy(d,&data,sizeof(data));
data/bgpdump-1.6.2/bgpdump_mstream.c:90:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(d) memcpy(d, s->start + s->position, len);
data/bgpdump-1.6.2/bgpdump_mstream.c:97:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, s->start + s->position, room);
data/bgpdump-1.6.2/cfile_tools.c:30:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * cfr_formats[CFR_NUM_FORMATS] = {
data/bgpdump-1.6.2/cfile_tools.c:37:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * cfr_extensions[CFR_NUM_FORMATS] = {
data/bgpdump-1.6.2/cfile_tools.c:109:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(path,"r");
data/bgpdump-1.6.2/cfile_tools.c:127:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in = fopen(path,"r");
data/bgpdump-1.6.2/cfile_tools.c:439:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char res[120];
data/bgpdump-1.6.2/example.c:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[BGPDUMP_ADDRSTRLEN], peer_ip[BGPDUMP_ADDRSTRLEN];
data/bgpdump-1.6.2/example.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source_ip[BGPDUMP_ADDRSTRLEN], destination_ip[BGPDUMP_ADDRSTRLEN];
data/bgpdump-1.6.2/example.c:221:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(peer_ip, "N/A, unsupported AF");
data/bgpdump-1.6.2/example.c:377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET6_ADDRSTRLEN];
data/bgpdump-1.6.2/example.c:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[INET6_ADDRSTRLEN];
data/bgpdump-1.6.2/inet_ntop.c:142:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[100];
data/bgpdump-1.6.2/inet_ntop.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexa[8][5];
data/bgpdump-1.6.2/inet_ntop.c:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[1000];
data/bgpdump-1.6.2/util.c:49:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[20];
data/bgpdump-1.6.2/util.c:71:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(time_str, "%02d/%02d/%02d %02d:%02d:%02d", date->tm_mon+1, date->tm_mday, date->tm_year%100,
data/bgpdump-1.6.2/util.c:77:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(str, "%u", value);
data/bgpdump-1.6.2/util.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100], ref[100];
data/bgpdump-1.6.2/util.c:82:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "%u", value);
data/bgpdump-1.6.2/bgpdump.c:429:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prefix, inet_ntoa(e->prefix.v4_addr), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump.c:1942:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(peer, inet_ntoa(route->peer_ip.v4_addr), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump.c:1943:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prefix, inet_ntoa(route->prefix.v4_addr), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump.c:1967:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nexthop, inet_ntoa(entry->attr->nexthop), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump.c:2085:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nexthop, inet_ntoa(attr->mp_info->announce[AFI_IP6][SAFI_UNICAST]->nexthop.v4_addr), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump.c:2094:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nexthop, inet_ntoa(attr->mp_info->announce[AFI_IP][SAFI_UNICAST]->nexthop.v4_addr), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump.c:2102:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nexthop, inet_ntoa(attr->nexthop), BGPDUMP_ADDRSTRLEN);
data/bgpdump-1.6.2/bgpdump_lib.c:104:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filename) >= BGPDUMP_MAX_FILE_LEN - 1) {
data/bgpdump-1.6.2/bgpdump_lib.c:559:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(t->view_name, "");
data/bgpdump-1.6.2/bgpdump_lib.c:1243:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
as->str = malloc(strlen(ASPATH_STR_ERROR) + 1);
data/bgpdump-1.6.2/bgpdump_lib.c:1417:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf (buf + strlen (buf), BUFSIZ - strlen (buf),
data/bgpdump-1.6.2/bgpdump_lib.c:1417:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf (buf + strlen (buf), BUFSIZ - strlen (buf),
data/bgpdump-1.6.2/bgpdump_lib.c:1423:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((com->str = malloc(strlen(buf)+1)) != NULL) {
data/bgpdump-1.6.2/bgpdump_lib.c:1451:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf (buf + strlen (buf), BUFSIZ - strlen (buf),
data/bgpdump-1.6.2/bgpdump_lib.c:1451:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf (buf + strlen (buf), BUFSIZ - strlen (buf),
data/bgpdump-1.6.2/bgpdump_lib.c:1455:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((lcom->str = malloc(strlen(buf)+1)) != NULL) {
data/bgpdump-1.6.2/bgpdump_lib.c:1761:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dst) + strlen (src) >= size)
data/bgpdump-1.6.2/bgpdump_lib.c:1761:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (dst) + strlen (src) >= size)
data/bgpdump-1.6.2/bgpdump_lib.c:1766:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(dst));
data/bgpdump-1.6.2/cfile_tools.c:64:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_len = strlen(path);
data/bgpdump-1.6.2/cfile_tools.c:94:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ext_len = strlen(cfr_extensions[format]);
ANALYSIS SUMMARY:
Hits = 118
Lines analyzed = 6103 in approximately 0.20 seconds (30434 lines/second)
Physical Source Lines of Code (SLOC) = 4598
Hits@level = [0] 432 [1] 21 [2] 78 [3] 1 [4] 18 [5] 0
Hits@level+ = [0+] 550 [1+] 118 [2+] 97 [3+] 19 [4+] 18 [5+] 0
Hits/KSLOC@level+ = [0+] 119.617 [1+] 25.6633 [2+] 21.0961 [3+] 4.13223 [4+] 3.91475 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.