Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/802.11.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/802.1d.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/bcmeth.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/bcmevent.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/bcmip.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/ethernet.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/ieee80211_radiotap.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/wpa.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/bcmcrypto/tkhash.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/bcmdefs.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/bcmendian.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/bcmutils.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/epivers.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/linuxver.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/osl.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/packed_section_end.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/packed_section_start.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/pcicfg.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/siutils.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/typedefs.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/include/wlioctl.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/shared/bcmwifi/include/bcmwifi_channels.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/shared/bcmwifi/include/bcmwifi_rates.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_dbg.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_export.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wlc_ethereal.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wlc_key.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wlc_types.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wlc_utils.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wlc_wowl.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wlc_pub.h
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c
Examining data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/802.11.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/802.1d.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/bcmeth.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/bcmevent.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/bcmip.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/ethernet.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/ieee80211_radiotap.h
Examining data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/wpa.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/bcmcrypto/tkhash.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/bcmdefs.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/bcmendian.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/bcmutils.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/epivers.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/linuxver.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/osl.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/packed_section_end.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/packed_section_start.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/pcicfg.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/siutils.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/typedefs.h
Examining data/broadcom-sta-6.30.223.271/i386/src/include/wlioctl.h
Examining data/broadcom-sta-6.30.223.271/i386/src/shared/bcmwifi/include/bcmwifi_channels.h
Examining data/broadcom-sta-6.30.223.271/i386/src/shared/bcmwifi/include/bcmwifi_rates.h
Examining data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_dbg.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_export.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wlc_ethereal.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wlc_key.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wlc_pub.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wlc_types.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wlc_utils.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wlc_wowl.h
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c
Examining data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c
FINAL RESULTS:
data/broadcom-sta-6.30.223.271/amd64/src/include/bcmutils.h:24:57: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define bcm_strcpy_s(dst, noOfElements, src) strcpy((dst), (src))
data/broadcom-sta-6.30.223.271/amd64/src/include/bcmutils.h:26:57: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define bcm_strcat_s(dst, noOfElements, src) strcat((dst), (src))
data/broadcom-sta-6.30.223.271/amd64/src/include/bcmutils.h:27:26: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define bcm_sprintf_s snprintf
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:152:10: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(fmt, args...) printk(fmt , ## args)
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:180:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#undef printf
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:181:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#undef sprintf
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:182:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:183:9: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#undef vsprintf
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:184:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef vsnprintf
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:185:10: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(fmt, args...) osl_printf((fmt) , ## args)
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:186:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define sprintf(buf, fmt, args...) osl_sprintf((buf), (fmt) , ## args)
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:187:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf(buf, n, fmt, args...) osl_snprintf((buf), (n), (fmt) , ## args)
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:188:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
#define vsprintf(buf, fmt, ap) osl_vsprintf((buf), (fmt), (ap))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:189:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf(buf, n, fmt, ap) osl_vsnprintf((buf), (n), (fmt), (ap))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:199:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#undef strcpy
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:206:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define strcpy(d, s) osl_strcpy((d), (s))
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:768:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(printbuf, 1024, format, args);
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:786:7: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
rc = vsprintf(buf, format, args);
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:798:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf(buf, n, format, args);
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:806:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return (vsprintf(buf, format, ap));
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:812:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return (vsnprintf(buf, n, format, ap));
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:836:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return (strcpy(d, s));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_dbg.h:32:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(wlc_dbg_get_hw_timestamp()); }\
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_dbg.h:44:46: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define WL_PRINT(args) do { WL_TIMESTAMP(); printf args; } while (0)
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:274:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extra, flag);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1237:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extra, iw->nickname);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:744:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" (Compiled in " SRCBASE);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1029:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp1, "%s%d", HYBRID_PROC, wl->pub->unit);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2431:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->name, tname);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2541:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(phdr->devname, wl->dev->name);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3107:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wlif->name, "%s%d", devname, wl->pub->unit);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3423:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%d", HYBRID_PROC, wl->pub->unit);
data/broadcom-sta-6.30.223.271/i386/src/include/bcmutils.h:24:57: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define bcm_strcpy_s(dst, noOfElements, src) strcpy((dst), (src))
data/broadcom-sta-6.30.223.271/i386/src/include/bcmutils.h:26:57: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define bcm_strcat_s(dst, noOfElements, src) strcat((dst), (src))
data/broadcom-sta-6.30.223.271/i386/src/include/bcmutils.h:27:26: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define bcm_sprintf_s snprintf
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:152:10: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(fmt, args...) printk(fmt , ## args)
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:180:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#undef printf
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:181:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#undef sprintf
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:182:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:183:9: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#undef vsprintf
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:184:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef vsnprintf
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:185:10: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(fmt, args...) osl_printf((fmt) , ## args)
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:186:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
#define sprintf(buf, fmt, args...) osl_sprintf((buf), (fmt) , ## args)
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:187:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf(buf, n, fmt, args...) osl_snprintf((buf), (n), (fmt) , ## args)
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:188:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
#define vsprintf(buf, fmt, ap) osl_vsprintf((buf), (fmt), (ap))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:189:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf(buf, n, fmt, ap) osl_vsnprintf((buf), (n), (fmt), (ap))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:199:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#undef strcpy
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:206:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define strcpy(d, s) osl_strcpy((d), (s))
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:768:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(printbuf, 1024, format, args);
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:786:7: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
rc = vsprintf(buf, format, args);
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:798:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
rc = vsnprintf(buf, n, format, args);
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:806:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return (vsprintf(buf, format, ap));
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:812:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return (vsnprintf(buf, n, format, ap));
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:836:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return (strcpy(d, s));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:449:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifr.ifr_name, dev->name);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_dbg.h:32:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(wlc_dbg_get_hw_timestamp()); }\
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_dbg.h:44:46: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define WL_PRINT(args) do { WL_TIMESTAMP(); printf args; } while (0)
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:116:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifr.ifr_name, dev->name);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:295:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extra, flag);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1258:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extra, iw->nickname);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1017:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp1, "%s%d", HYBRID_PROC, wl->pub->unit);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2378:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->name, tname);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2488:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(phdr->devname, wl->dev->name);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:3052:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wlif->name, "%s%d", devname, wl->pub->unit);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:3368:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%d", HYBRID_PROC, wl->pub->unit);
data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/bcmevent.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[BCM_MSG_IFNAME_MAX];
data/broadcom-sta-6.30.223.271/amd64/src/common/include/proto/bcmevent.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[BCM_MSG_IFNAME_MAX];
data/broadcom-sta-6.30.223.271/amd64/src/include/bcmdefs.h:36:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char STATIC_ASSERT_FAIL[(expr) ? 1 : -1] UNUSED_VAR; \
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:156:10: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(src, dst, len) memcpy((dst), (src), (len))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:156:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(src, dst, len) memcpy((dst), (src), (len))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:219:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#undef memcpy
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:222:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d, s, n) osl_memcpy((d), (s), (n))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:230:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#undef bcopy
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:233:10: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(src, dst, len) osl_memcpy((dst), (src), (len))
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[BCM_MEM_FILENAME_LEN];
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[256];
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:764:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char printbuf[1024];
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:866:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy(d, s, n);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:537:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sr->ssid.SSID, ssids->ssid, sr->ssid.SSID_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:716:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)join_params.ssid.SSID, (void *)params->ssid, params->ssid_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:719:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&join_params.params.bssid, params->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:953:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.data, sme->key, key.len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1023:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->bssid, sme->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1033:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&join_params.ssid.SSID, sme->ssid, join_params.ssid.SSID_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1035:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&join_params.params.bssid, ðer_bcast, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1037:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->ssid.SSID, &join_params.ssid.SSID, join_params.ssid.SSID_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1068:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&scbval.ea, &wl->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1245:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&key.ea, (void *)mac_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1254:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.data, params->key, key.len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1259:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key.data[24], &key.data[16], sizeof(keybuf));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1260:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key.data[16], keybuf, sizeof(keybuf));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1333:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&key.ea, (void *)mac_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1388:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)params.key, key.data, params.key_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1534:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].BSSID, pmksa->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1535:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].PMKID, pmksa->pmkid, WPA2_PMKID_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1562:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkid.pmkid[0].BSSID, pmksa->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1563:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkid.pmkid[0].PMKID, pmksa->pmkid, WPA2_PMKID_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1578:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].BSSID,
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1580:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].PMKID,
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1673:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rekey.kek, data->kek, WLC_KEK_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1674:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rekey.kck, data->kck, WLC_KCK_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1675:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rekey.replay_counter, data->replay_ctr, WLC_REPLAY_CTR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:1976:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt->bssid, &bi->BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2118:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2198:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, wl->ioctl_buf, buf_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2396:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2397:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2445:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2446:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:2843:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&e->emsg, msg, sizeof(wl_event_msg_t));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:3008:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ie->buf[ie->offset + 2], v, l);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:3023:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ie->buf[ie->offset], ie_stream, ie_size);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_cfg80211_hybrid.c:3038:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &ie->buf[0], ie->offset);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[WLC_IOCTL_SMLEN];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:169:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(ioctlbuf, buf, buflen);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[WLC_IOCTL_SMLEN];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[IW_CUSTOM_MAX + 1];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cap[5];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:344:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "abg");
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:346:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "bg");
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:350:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "abgn");
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:352:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "bgn");
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:697:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iw->spy_addr[i], addr[i].sa_data, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:723:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr[i].sa_data, &iw->spy_addr[i], ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:725:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&qual[i], &iw->spy_qual[i], sizeof(struct iw_quality));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:809:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&mlme->addr.sa_data, &scbval.ea, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:872:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr[dwrq->length].sa_data, &bi->BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:890:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr[dwrq->length], qual, sizeof(struct iw_quality) * dwrq->length);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:919:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssid.SSID, req->essid, ssid.SSID_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1068:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iwe.u.ap_addr.sa_data, &bi->BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssid.SSID, extra, ssid.SSID_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1191:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, ssid.SSID, ssid.SSID_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1217:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iw->nickname, extra, dwrq->length);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1608:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.data, extra, dwrq->length);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, key.data, dwrq->length);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1800:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)&iwe->addr.sa_data, (char *)&key.ea, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1829:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)iwe->key, key.data, iwe->key_len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1833:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&key.data[24], keybuf, sizeof(keybuf));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1834:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&key.data[16], &key.data[24], sizeof(keybuf));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1890:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eabuf[ETHER_ADDR_STR_LEN];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1903:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->bssid.sa_data[0], &pmkidptr->pmkid[0].BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1904:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->pmkid[0], &pmkidptr->pmkid[0].PMKID, WPA2_PMKID_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1919:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&pmkid_array[i+1].BSSID,
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1922:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&pmkid_array[i+1].PMKID,
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1929:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->bssid.sa_data[0],
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1932:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->pmkid[0], &pmkid_array[pmkid_list.pmkids.npmkid].PMKID,
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[IW_CUSTOM_MAX + 1];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2578:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wrqu.addr.sa_data, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2613:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&extra[1], data, datalen);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2623:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&extra[1], &status, sizeof(status));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2637:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(micerrevt->src_addr.sa_data, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2647:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, data, datalen);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2654:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, data, datalen);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2675:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&pmkidcand->BSSID, &iwpmkidcand->bssid.sa_data,
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.h:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso_abbrev[WLC_CNTRY_BUF_SZ];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char custom_locale[WLC_CNTRY_BUF_SZ];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nickname[IW_ESSID_MAX_SIZE];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:228:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char intf_name[IFNAMSIZ] = quote_str(BRCM_WLAN_IFNAME);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:650:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&wl->pub->cur_etheraddr, dev->dev_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1028:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[128];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1757:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stats, stats_watchdog, sizeof(struct net_device_stats));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1861:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(sa->sa_data, dev->dev_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1918:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(mclist->dmi_addr, &maclist->ea[i++], ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1927:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(ha->addr, &maclist->ea[i++], ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2596:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oskb->data + D11_PHY_HDR_LEN, pdata, oskb->len - D11_PHY_HDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2665:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rtl->vend_oui, brcm_oui, sizeof(brcm_oui));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2692:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rtht->vend_oui, brcm_oui, sizeof(brcm_oui));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2711:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oskb->data + D11_PHY_HDR_LEN, pdata, oskb->len - D11_PHY_HDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2799:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rtl->vend_oui, brcm_oui, sizeof(brcm_oui));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2966:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oskb->data + D11_PHY_HDR_LEN, pdata, oskb->len - D11_PHY_HDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2973:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(amsdu_p->data, pdata, amsdu_p->len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3033:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(wl->dev->dev_addr, dev->dev_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3147:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(buf, (char *)PKTDATA(osh, p) + offset, len);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[8];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3422:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.h:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IFNAMSIZ];
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rfkill_name[32];
data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/bcmevent.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[BCM_MSG_IFNAME_MAX];
data/broadcom-sta-6.30.223.271/i386/src/common/include/proto/bcmevent.h:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifname[BCM_MSG_IFNAME_MAX];
data/broadcom-sta-6.30.223.271/i386/src/include/bcmdefs.h:36:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char STATIC_ASSERT_FAIL[(expr) ? 1 : -1] UNUSED_VAR; \
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:156:10: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(src, dst, len) memcpy((dst), (src), (len))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:156:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(src, dst, len) memcpy((dst), (src), (len))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:219:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#undef memcpy
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:222:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(d, s, n) osl_memcpy((d), (s), (n))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:230:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#undef bcopy
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:233:10: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(src, dst, len) osl_memcpy((dst), (src), (len))
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[BCM_MEM_FILENAME_LEN];
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:676:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempbuf[256];
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:764:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char printbuf[1024];
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:866:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return memcpy(d, s, n);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:552:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sr->ssid.SSID, ssids->ssid, sr->ssid.SSID_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:731:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)join_params.ssid.SSID, (void *)params->ssid, params->ssid_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:734:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&join_params.params.bssid, params->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:967:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.data, sme->key, key.len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1037:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->bssid, sme->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1047:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&join_params.ssid.SSID, sme->ssid, join_params.ssid.SSID_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1049:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&join_params.params.bssid, ðer_bcast, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1051:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->ssid.SSID, &join_params.ssid.SSID, join_params.ssid.SSID_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1083:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&scbval.ea, &wl->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1258:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&key.ea, (void *)mac_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1267:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.data, params->key, key.len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1272:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key.data[24], &key.data[16], sizeof(keybuf));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&key.data[16], keybuf, sizeof(keybuf));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1346:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)&key.ea, (void *)mac_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1401:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)params.key, key.data, params.key_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1545:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].BSSID, pmksa->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1546:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].PMKID, pmksa->pmkid, WPA2_PMKID_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1573:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkid.pmkid[0].BSSID, pmksa->bssid, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1574:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pmkid.pmkid[0].PMKID, pmksa->pmkid, WPA2_PMKID_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1589:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].BSSID,
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1591:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->pmk_list->pmkids.pmkid[i].PMKID,
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1684:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rekey.kek, data->kek, WLC_KEK_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1685:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rekey.kck, data->kck, WLC_KCK_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1686:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rekey.replay_counter, data->replay_ctr, WLC_REPLAY_CTR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:1987:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mgmt->bssid, &bi->BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2113:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, wl->ioctl_buf, buf_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2368:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2369:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2401:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2402:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wl->profile->bssid, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2792:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&e->emsg, msg, sizeof(wl_event_msg_t));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2950:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ie->buf[ie->offset + 2], v, l);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2965:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ie->buf[ie->offset], ie_stream, ie_size);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_cfg80211_hybrid.c:2980:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &ie->buf[0], ie->offset);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:137:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[WLC_IOCTL_SMLEN];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:190:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(ioctlbuf, buf, buflen);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[WLC_IOCTL_SMLEN];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:287:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[IW_CUSTOM_MAX + 1];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cap[5];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:365:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "abg");
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:367:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "bg");
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:371:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "abgn");
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:373:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cap, "bgn");
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:718:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&iw->spy_addr[i], addr[i].sa_data, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:744:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr[i].sa_data, &iw->spy_addr[i], ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:746:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&qual[i], &iw->spy_qual[i], sizeof(struct iw_quality));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:830:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&mlme->addr.sa_data, &scbval.ea, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:893:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr[dwrq->length].sa_data, &bi->BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:911:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr[dwrq->length], qual, sizeof(struct iw_quality) * dwrq->length);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:940:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssid.SSID, req->essid, ssid.SSID_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1089:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iwe.u.ap_addr.sa_data, &bi->BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ssid.SSID, extra, ssid.SSID_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1212:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, ssid.SSID, ssid.SSID_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1238:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iw->nickname, extra, dwrq->length);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1629:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key.data, extra, dwrq->length);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1717:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, key.data, dwrq->length);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1821:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)&iwe->addr.sa_data, (char *)&key.ea, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1850:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((void *)iwe->key, key.data, iwe->key_len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1854:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&key.data[24], keybuf, sizeof(keybuf));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1855:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&key.data[16], &key.data[24], sizeof(keybuf));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1911:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eabuf[ETHER_ADDR_STR_LEN];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1924:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->bssid.sa_data[0], &pmkidptr->pmkid[0].BSSID, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1925:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->pmkid[0], &pmkidptr->pmkid[0].PMKID, WPA2_PMKID_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1940:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&pmkid_array[i+1].BSSID,
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1943:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&pmkid_array[i+1].PMKID,
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1950:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->bssid.sa_data[0],
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1953:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&iwpmksa->pmkid[0], &pmkid_array[pmkid_list.pmkids.npmkid].PMKID,
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2589:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[IW_CUSTOM_MAX + 1];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2599:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wrqu.addr.sa_data, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2634:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&extra[1], data, datalen);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2644:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&extra[1], &status, sizeof(status));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2658:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(micerrevt->src_addr.sa_data, &e->addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2668:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, data, datalen);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2675:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(extra, data, datalen);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2696:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&pmkidcand->BSSID, &iwpmkidcand->bssid.sa_data,
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.h:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso_abbrev[WLC_CNTRY_BUF_SZ];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char custom_locale[WLC_CNTRY_BUF_SZ];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nickname[IW_ESSID_MAX_SIZE];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:222:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char intf_name[IFNAMSIZ] = quote_str(BRCM_WLAN_IFNAME);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:640:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&wl->pub->cur_etheraddr, dev->dev_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1016:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp1[128];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1719:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stats, stats_watchdog, sizeof(struct net_device_stats));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1816:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(sa->sa_data, dev->dev_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1878:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(mclist->dmi_addr, &maclist->ea[i++], ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1887:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(ha->addr, &maclist->ea[i++], ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2543:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oskb->data + D11_PHY_HDR_LEN, pdata, oskb->len - D11_PHY_HDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2612:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rtl->vend_oui, brcm_oui, sizeof(brcm_oui));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2639:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rtht->vend_oui, brcm_oui, sizeof(brcm_oui));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2658:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oskb->data + D11_PHY_HDR_LEN, pdata, oskb->len - D11_PHY_HDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2746:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rtl->vend_oui, brcm_oui, sizeof(brcm_oui));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2913:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(oskb->data + D11_PHY_HDR_LEN, pdata, oskb->len - D11_PHY_HDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2920:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(amsdu_p->data, pdata, amsdu_p->len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2978:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(wl->dev->dev_addr, dev->dev_addr, ETHER_ADDR_LEN);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:3092:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(buf, (char *)PKTDATA(osh, p) + offset, len);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:3263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[8];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:3367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[32];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.h:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IFNAMSIZ];
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rfkill_name[32];
data/broadcom-sta-6.30.223.271/amd64/src/include/bcmutils.h:25:57: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define bcm_strncpy_s(dst, noOfElements, src, count) strncpy((dst), (src), (count))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:198:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:200:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#undef strncpy
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:205:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen(s) osl_strlen((s))
data/broadcom-sta-6.30.223.271/amd64/src/include/linux_osl.h:207:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define strncpy(d, s, n) osl_strncpy((d), (s), (n))
data/broadcom-sta-6.30.223.271/amd64/src/include/linuxver.h:107:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(current->comm, a, MIN(sizeof(current->comm), (strlen(a)))); \
data/broadcom-sta-6.30.223.271/amd64/src/include/linuxver.h:107:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(current->comm, a, MIN(sizeof(current->comm), (strlen(a)))); \
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:474:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p->file, basename, BCM_MEM_FILENAME_LEN);
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:830:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(s));
data/broadcom-sta-6.30.223.271/amd64/src/shared/linux_osl.c:842:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return (strncpy(d, s, n));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:271:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(flag) > sizeof(extra))
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:275:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:336:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cap, "a");
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:339:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cap, "b");
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:1238:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dwrq->length = strlen(extra) + 1;
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2594:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2602:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_iw.c:2708:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1044:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MFREE(wl->osh, t->name, strlen(t->name) + 1);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1324:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dev->name, intf_name, IFNAMSIZ-1);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:1542:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->version, EPI_VERSION_STR, sizeof(info->version));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2430:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((t->name = MALLOC(wl->osh, strlen(tname) + 1)))
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2489:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MFREE(wl->osh, t->name, strlen(t->name) + 1);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:2502:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MFREE(wl->osh, t->name, strlen(t->name) + 1);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3024:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ASSERT(strlen(wlif->name) > 0);
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3025:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wlif->dev->name, wlif->name, strlen(wlif->name));
data/broadcom-sta-6.30.223.271/amd64/src/wl/sys/wl_linux.c:3025:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(wlif->dev->name, wlif->name, strlen(wlif->name));
data/broadcom-sta-6.30.223.271/i386/src/include/bcmutils.h:25:57: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define bcm_strncpy_s(dst, noOfElements, src, count) strncpy((dst), (src), (count))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:198:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#undef strlen
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:200:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#undef strncpy
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:205:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen(s) osl_strlen((s))
data/broadcom-sta-6.30.223.271/i386/src/include/linux_osl.h:207:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define strncpy(d, s, n) osl_strncpy((d), (s), (n))
data/broadcom-sta-6.30.223.271/i386/src/include/linuxver.h:107:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(current->comm, a, MIN(sizeof(current->comm), (strlen(a)))); \
data/broadcom-sta-6.30.223.271/i386/src/include/linuxver.h:107:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(current->comm, a, MIN(sizeof(current->comm), (strlen(a)))); \
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:474:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p->file, basename, BCM_MEM_FILENAME_LEN);
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:830:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(s));
data/broadcom-sta-6.30.223.271/i386/src/shared/linux_osl.c:842:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return (strncpy(d, s, n));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:292:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(flag) > sizeof(extra))
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:296:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:357:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cap, "a");
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:360:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cap, "b");
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:1259:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dwrq->length = strlen(extra) + 1;
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2615:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2623:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_iw.c:2729:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrqu.data.length = strlen(extra);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1032:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MFREE(wl->osh, t->name, strlen(t->name) + 1);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1312:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dev->name, intf_name, IFNAMSIZ-1);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:1530:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(info->version, EPI_VERSION_STR, sizeof(info->version));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2377:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((t->name = MALLOC(wl->osh, strlen(tname) + 1)))
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2436:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MFREE(wl->osh, t->name, strlen(t->name) + 1);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2449:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MFREE(wl->osh, t->name, strlen(t->name) + 1);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2969:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ASSERT(strlen(wlif->name) > 0);
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2970:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(wlif->dev->name, wlif->name, strlen(wlif->name));
data/broadcom-sta-6.30.223.271/i386/src/wl/sys/wl_linux.c:2970:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(wlif->dev->name, wlif->name, strlen(wlif->name));
ANALYSIS SUMMARY:
Hits = 343
Lines analyzed = 43989 in approximately 1.02 seconds (43269 lines/second)
Physical Source Lines of Code (SLOC) = 35620
Hits@level = [0] 37 [1] 54 [2] 224 [3] 0 [4] 65 [5] 0
Hits@level+ = [0+] 380 [1+] 343 [2+] 289 [3+] 65 [4+] 65 [5+] 0
Hits/KSLOC@level+ = [0+] 10.6682 [1+] 9.62942 [2+] 8.11342 [3+] 1.82482 [4+] 1.82482 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.